[FreeNX-kNX] freenx not 'cooperating' with non-standard openssh install (i think ...)

OpenMacNews openmacnews at gmail.com
Tue Feb 14 03:43:16 UTC 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

hi all,

i've freenx & NX installed on OpenSuSE 10.0/ KDE 3.4.

on attempt to connect from a localhost NX client, my nxclient logs report: "pubkey
authentication failed ..."

after a bit of monkeying around, i suspect this has to do with the fact that my sshd is setup to
use a NONSTANDARD config file/location, and there's some sort of 'collision' with nxssh's
'expectations' ...

specifically, i've setup /etc/sysconfig/sshd to define $SSHD_OPTS, called explicitly by
/etc/rc.d/sshd, to:

     SSHD_OPTS = "-f /a/non/standard/location/for/ssh/files/sshd_config

and the config is for machine-to-machine connect/auth via pubkey auth only.  for reference,

% cat /a/non/standard/location/for/ssh/files/sshd_config

=====================================================================
HostKey            /a/non/standard/location/for/ssh/files/ssh.myhost.dsa
ListenAddress      10.0.0.6:22

ListenAddress      127.0.0.1:22
AuthorizedKeysFile /a/non/standard/location/for/ssh/files/authorized_keys2
Protocol           2

AllowUsers         root nx
AllowGroups        wheel root
PermitRootLogin    yes
PidFile            /var/Process/sshd.pid

Subsystem          sftp /usr/local/openssh/libexec/sftp-server

###################
## Logging
#

SyslogFacility                       AUTH
LogLevel                             INFO

PubkeyAuthentication                 yes
ChallengeResponseAuthentication      no
HostbasedAuthentication              no
PasswordAuthentication               no
RhostsRSAAuthentication              no
RSAAuthentication                    no


Ciphers
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
MACs hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96

Compression                          yes
GatewayPorts                         no
IgnoreRhosts                         yes
IgnoreUserKnownHosts                 no
ServerKeyBits                        2048
LoginGraceTime                       120
MaxStartups 10

PermitEmptyPasswords                 no


StrictModes                          no
UseDNS                               no
UseLogin                             no
UsePAM                               no
UsePrivilegeSeparation               yes

AllowTcpForwarding                   no
X11Forwarding                        yes
X11UseLocalhost                      yes
X11DisplayOffset                     10
PrintMotd                            no
TCPKeepAlive                         yes
=====================================================================



question(s):

CAN freenx be setup to co-exist with my current openssh/sshd setup?

if so, HOW do i 'point' nx at *my* config file/location, and its referenced DSA host key?

any pointers are much appreciated!

cheers,

richard
- --

/"\
\ /  ASCII Ribbon Campaign
 X   against HTML email, vCards
/ \  & micro$oft attachments

[GPG] OpenMacNews at gmail dot com
fingerprint: 50C9 1C46 2F8F DE42 2EDB  D460 95F7 DDBD 3671 08C6
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (Darwin)

iEYEAREDAAYFAkPxUdMACgkQlffdvTZxCMZBEgCgpTGUGYV+TvXQqlFm5I6iSvFI
UjwAn0/awIemEkEGohmClB+u9m+pTFky
=aG3Y
-----END PGP SIGNATURE-----

More information about the FreeNX-kNX mailing list