[FreeNX-kNX] PAM authentication doesn't work

Martin Honermeyer maze at strahlungsfrei.de
Wed Jul 13 08:16:41 UTC 2005


Hi Jon,

Jon Severinsson wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> 
> Martin Honermeyer skrev:
>> Hello,
>> 
>> I've been trying different configurations and settings, but i've been
>> unable to get people to authenticate with PAM (/etc/passwd) so far. They
>> have to be added to the passdb with
>> 
>> nxserver --adduser user
>> nxserver --password user
>> 
>> in order to be able to login.
>> 
>> I've tried the following (in node.conf):
>> 
>> ENABLE_PASSDB_AUTHENTICATION="0"
>> ENABLE_SSH_AUTHENTICATION="1" (alternatively
>> ENABLE_SU_AUTHENTICATION="1") ENABLE_USER_DB="0"
>> 
>> I also enabled PasswordAuthentication in /etc/ssh/sshd_config and added
>> the nx user to the wheel group. Same problem every time
>> (from /var/log/nxserver.log, with log level set to 7):
>> 
>> -- NX SERVER START:
>> HELLO NXSERVER - Version 1.4.0-04-CVS OS (GPL)
>> NX> 105 hello NXCLIENT - Version 1.4.0
>> NX> 134 Accepted protocol: 1.4.0
>> NX> 105 SET SHELL_MODE SHELL
>> NX> 105 SET AUTH_MODE PASSWORD
>> NX> 105 login
>> NX> 101 User: martin
>> NX> 102 Password:
>> Info: Auth method: ssh su
>> NX> 404 ERROR: wrong password or login
>> NX> 999 Bye
>> 
>> 
>> 
>> I am using FreeNX from _CVS_ and the third 1.5.0 NoMachine source
>> snapshot, I think.
>> 
>> So what's the right way to get this going?
>> 
>> 
>> Greetz,
>> Martin
>> 
> 
> Hi Martin
> 
> Your nice log tells me you have configured freeNX correctly. The telling
> line is "Info: Auth method: ssh su " which tells me it tried ssh, failed,
> and tried su. The next line tells me that all tried logins failed. That
> is, freenx successfully caled the login process (both ssh and su) and both
> told nx the login was invalid. It does not have to be wrong password, but
> by some reason pam
>  failed to log in the user. Can you do a manual ssh login with the
>  "martin"
> user, replace the variables ($...) below with their values on your system
> (SSHD_PORT should be 22, and $PATH_BIN should be either /usr/bin or
> /usr/NX/bin):
>> ssh -2 -x -l "martin" "127.0.0.1" -o "NumberOfPasswordPrompts 1" -p
> "$SSHD_PORT" "$PATH_BIN/nxnode" --check"

$ ssh -2 -x -l "martin" "127.0.0.1" -o "NumberOfPasswordPrompts 1" -p "22"
"/usr/NX/bin/nxnode --check"
Password:
NX> 1000 NXNODE - Version 1.4.0-04-CVS OS (GPL)
NX> 716 finished
NX> 1001 Bye.


> If that doesn't work, you have a problem either in ssh or in pam.
> If a manual login does work, the problem migh be in nxnode. A printout of
> the manual login process would help. I would also like to see the printout
> if you revert to the 1.4.0 OSS components, to make sure there is no vital
> difrence.

This is difficult, as this machine is already used by some people.. I'll try
it later.


Greetz,
Martin





More information about the FreeNX-kNX mailing list