[FreeNX-kNX] nxclient and "challengeresponseauthentication no"
ted creedon
tcreedon at easystreet.com
Thu Jan 26 19:36:18 UTC 2006
nx should be kerberized...
tedc
Brian Keener wrote:
> Well there you go. Thanks!
>
> Now I'll have to look into running multiple ssh daemons, there's no
> way I'm gonna leave my public SSH server open using password
> authentication!
>
> Brian K
>
>
> On 1/26/06, *ted creedon* <tcreedon at easystreet.com
> <mailto:tcreedon at easystreet.com>> wrote:
>
> "Please ensure that SSHD on localhost accepts password
> authentication."
> The output from nxsetup seems to specifically disallow this...:
> see below.
> tedc
>
> nxsetup --install --clean --purge
> Removing user nx ...no crontab for nx
> done
> Removing session database ...done
> Removing logfile ...done
> Removing nx home directory ...done
> Removing configuration files ...done
> Setting up /usr/NX/etc ...done
> Generating public/private dsa key pair.
> Your identification has been saved in /usr/NX/etc/users.id_dsa.
> Your public key has been saved in /usr/NX/etc/users.id_dsa.pub.
> The key fingerprint is:
> 65:70:a4:9f:70:83:10:98:77:c9:8c:59:f6:4d:39:df root at nome
> Setting up /usr/NX/var/db ...done
> Setting up /var/log/nxserver.log ...done
> Setting up user nx ...done
> Setting up known_hosts and authorized_keys2 ...Unique key generated;
> your users must install
>
> /usr/NX/home/nx/.ssh/client.id_dsa.key
>
> on their computers.
> done
> Setting up permissions ...done
> Ok, nxserver is ready.
>
> PAM authentication enabled:
> All users will be able to login with their normal passwords.
>
> PAM authentication will be done through SSH.
> Please ensure that SSHD on localhost accepts password authentication.
>
> You can change this behaviour in the /usr/NX/etc/node.conf file.
>
> Warning: Clients will not be able to login to this server with the
> standard key.
> Please replace /usr/NX/share/client.id_dsa.key on all clients
> you want
> to use with /usr/NX/home/nx/.ssh/client.id_dsa.key
> and protect it accordingly.
>
> If you really want to use the NoMachine key please remove
> '/usr/NX/home/nx/.ssh/authorized_keys2'
> and then run this script with the --setup-nomachine-key
> parameter.
> Have Fun!
> nome:~ #
>
> Brian Keener wrote:
> > Nobody has any thoughts on this problem?
> >
> > Brian K
> >
> >
> > On 1/23/06, *Brian Keener* <brikeener at gmail.com
> <mailto:brikeener at gmail.com>
> > <mailto:brikeener at gmail.com <mailto:brikeener at gmail.com>>> wrote:
> >
> > I've got my SSH server configured to disallow password
> > authentication, as an extra security measure since it's
> connected
> > directly to the internet.
> >
> > With "challengeresponseauthentication no" in my sshd_config,
> > nxclient fails to make a connection.
> >
> > How do I fix this?
> >
> > Brian K
> >
> >
> >------------------------------------------------------------------------
> >
> >_______________________________________________
> >FreeNX-kNX mailing list
> >FreeNX-kNX at kde.org <mailto:FreeNX-kNX at kde.org>
> >https://mail.kde.org/mailman/listinfo/freenx-knx
> <https://mail.kde.org/mailman/listinfo/freenx-knx>
> >
> _______________________________________________
> FreeNX-kNX mailing list
> FreeNX-kNX at kde.org <mailto:FreeNX-kNX at kde.org>
> https://mail.kde.org/mailman/listinfo/freenx-knx
> <https://mail.kde.org/mailman/listinfo/freenx-knx>
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>FreeNX-kNX mailing list
>FreeNX-kNX at kde.org
>https://mail.kde.org/mailman/listinfo/freenx-knx
>
More information about the FreeNX-kNX
mailing list