[FreeNX-kNX] "Server not installed or NX remote access disabled"

Matthew Evan Fowle thefowle at wam.umd.edu
Thu Jul 21 18:11:42 UTC 2005 

Hello, I'm trying to run FreeNX.  I'm using the Kanotix NX gear on top of 
Debian Sarge.  I'm getting this error message when trying to connect with 
the nxclient; it happens after nxclient finishes ssh'ing into the nx 
account.

UPDATE: my home dir was drwxrwxr-x; i changed it temporarily to drwx------ 
and it works now, but i need to at least share my home directory with my 
group.  I suspect this is a ssh problem, but i'm not sure how to fix it. 
any help would be appreciated; thanks.



In general, how does the ~/.ssh/authorized_key2 thing work anyways?  where 
do those keys come from?  how should it be set up for logging in to 
multiple systems?  This second stage authentication has really cofounded 
me; no matter my ENABLE_XXXXX_AUTHENTICATION settings in node.conf, I was 
getting this problem; I've got ENABLE_SSH_AUTHENTICATION="0" and my above 
problem is still evident.  Why is it going to ssh?  What role does the 
~/.ssh/authorized_key2 play?  I thought it would just be using ssh for nx 
login, and then going to the passdb for auth, but these problems I'm 
having indicate something else is still going on.

Thanks!

Heres some logs:

NX> 203 NXSSH running with pid: 16120
NX> 285 Enabling skip of SSH config files
NX> 200 Connected to address: 127.0.0.1 on port: 22
NX> 202 Authenticating user: nx
NX> 208 Using auth method: publickey
HELLO NXSERVER - Version 1.4.0-04-CVS OS (GPL)
NX> 105 hello NXCLIENT - Version 1.4.0
NX> 134 Accepted protocol: 1.4.0
NX> 105 SET SHELL_MODE SHELL
NX> 105 SET AUTH_MODE PASSWORD
NX> 105 login
NX> 101 User: matt
NX> 102 Password:
NX> 103 Welcome to: lucildor user: matt
NX> 105 listsession --user="matt" --status="Suspended","Running" 
--geometry="1024x600x16+render" --type="unix-kde"
NX> 127 Sessions list of user 'matt' for reconnect:

Display Type             Session ID                       Options  Depth 
Screen         Status      Session Name
  ------- ---------------- -------------------------------- -------- ----- 
-------------- ----------- ------------------------------


NX> 148 Server capacity: not reached for user: matt
NX> 105 startsession --session="localhost" --type="unix-kde" --cache="8M" 
--images="32M" --cookie="XXXXXXXXXXXXXXXXXXXXXX" --link="isdn" 
--kbtype="pc102/us" --nodelay="1" --backingstore="when_requested" 
--geometry="640x480+192+60" --media="0" --agent_server="" --agent_user="" 
--agent_password=""  --screeninfo="640x480x16+render"

Permission denied (publickey,password,keyboard-interactive).
NX> 1004 Error: Session did not start.
NX> 504 Session startup failed.
NX> 999 Bye




And the ssh logs:
Jul 21 13:58:02 lucildor sshd[16231]: Connection from ::ffff:127.0.0.1 port 4668
Jul 21 13:58:02 lucildor sshd[14066]: debug1: Forked child 16231.
Jul 21 13:58:02 lucildor sshd[16231]: debug1: Client protocol version 2.0; 
client software version OpenSSH_3.8.1p1 Debian-8.sarge.4
Jul 21 13:58:02 lucildor sshd[16231]: debug1: match: OpenSSH_3.8.1p1 Debian-8.sarge.4 pat OpenSSH*
Jul 21 13:58:02 lucildor sshd[16231]: debug1: Enabling compatibility mode for protocol 2.0
Jul 21 13:58:02 lucildor sshd[16231]: debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1 Debian-8.sarge.4
Jul 21 13:58:03 lucildor sshd[16231]: debug1: PAM: initializing for "matt"
Jul 21 13:58:03 lucildor sshd[16231]: debug1: PAM: setting PAM_RHOST to "localhost"
Jul 21 13:58:03 lucildor sshd[16231]: debug1: PAM: setting PAM_TTY to "ssh"
Jul 21 13:58:03 lucildor sshd[16231]: Failed none for matt from ::ffff:127.0.0.1 port 4668 ssh2
Jul 21 13:58:03 lucildor sshd[16231]: debug1: temporarily_use_uid: 1000/1000 (e=0/0)
Jul 21 13:58:03 lucildor sshd[16231]: debug1: trying public key file /home/matt/.ssh/authorized_keys
Jul 21 13:58:03 lucildor sshd[16231]: debug1: restore_uid: 0/0
Jul 21 13:58:03 lucildor sshd[16231]: debug1: temporarily_use_uid: 1000/1000 (e=0/0)
Jul 21 13:58:03 lucildor sshd[16231]: debug1: trying public key file /home/matt/.ssh/authorized_keys2
Jul 21 13:58:03 lucildor sshd[16231]: Authentication refused: bad ownership or modes for directory /home/matt

here ---^

Jul 21 13:58:03 lucildor sshd[16231]: debug1: restore_uid: 0/0
Jul 21 13:58:03 lucildor sshd[16231]: (pam_unix) authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=localhost  user=matt
Jul 21 13:58:04 lucildor sshd[16231]: error: PAM: Authentication failure for matt from localhost
Jul 21 13:58:04 lucildor sshd[16231]: Failed keyboard-interactive/pam for matt from ::ffff:127.0.0.1 port 4668 ssh2
Jul 21 13:58:07 lucildor sshd[16231]: error: PAM: Authentication failure for matt from localhost
Jul 21 13:58:07 lucildor sshd[16231]: Failed keyboard-interactive/pam for matt from ::ffff:127.0.0.1 port 4668 ssh2
Jul 21 13:58:08 lucildor sshd[16231]: error: PAM: Have exhasted maximum number of retries for service. for matt from localhost
Jul 21 13:58:08 lucildor sshd[16231]: Failed keyboard-interactive/pam for matt from ::ffff:127.0.0.1 port 4668 ssh2
Jul 21 13:58:08 lucildor sshd[16231]: debug1: do_cleanup
Jul 21 13:58:09 lucildor sshd[16231]: debug1: PAM: cleanup
Jul 21 13:58:09 lucildor sshd[16231]: (pam_unix) 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=localhost  user=matt
Jul 21 13:58:13 lucildor sshd[16123]: debug1: Received SIGCHLD.
Jul 21 13:58:13 lucildor sshd[16123]: debug1: session_by_pid: pid 16124




Thanks!
Myren

More information about the FreeNX-kNX mailing list