[FreeNX-kNX] re keying Freenx

Chetan Venkatesh chetan.venkatesh at gmail.com
Mon Jan 30 04:10:40 UTC 2006


Lemme see if I can help you here, I havent used KNX but I suggest you try
and duplicate the problem with the !M client as well -

1) Looks like your keys dont match on some of the clients so they fail at
authenticating.  Suggest you first try to work with the defalt !M keys on
all clients and then move to generating your own keys.
2) The way to do this is use nxsetup with --uninstall --clean --install
--setup-nomachine-key
3) If the above sytax causes errors then split up the command and try it in
pieces
4) I use RHEL and Fc4 and my keys are stored in /etc/nxserver (might be the
same for SuSe)
5) In case step 2 fails - use the --gid option to set the groupid in nxsetup
(on some freenx installations I've needed to do this on others I havent
needed to)
6) try connecting from your clients using the !M client with default keys
option.
7) If this works then remove the --setup-nomachine-key option and generate
the keys (with or without --gid)
8) locate and copy the client.id_dsa.key to your client machine and import
the keys into the !M client.
9) Add the user account using nxserver --adduser
10) connect from !M client and test

Hope this helps

Regards
Chetan


On 1/30/06, ted creedon <tcreedon at easystreet.com> wrote:
>
> OK.
>
> I have 2 SuSE 10.0 servers, and both ran knx fine, (made from the
> rpm's). Now only one is running and there are authentication failures on
> the other (for no apparent reason to me).
>
> The problem seems to be ssh as "ssh localhost" quit working for some
> reason on SOME of the machines.
>
> However, referring to
> http://www.linux-tip.net/cms/images/stories/documents/freenxsuse.pdf the
> following is noticed:
> 1. /var/lib/nxserver/home/.ssh/client.id_dsa.key is not created by
> nxsetup --install --setup-nomachine-key --clean --purge
> 2. /usr/NX/share is empty (no client.id_dsa.key)
> 3. So why did it run at all on any box?
> 4. doing a nxsetup --uninstall --clean followed by a reinstall doen't
> help.
>
> There is also a SuSE 9.3 machine on which the complete Freenx, Knx, and
> NX was rebuilt from scratch. Knx times out on it too. So the underling
> sources seem to be workable.
>
> However all machines run the enclosed verification scripts taken from
> ths SuSE distro (included). So Freenx works but the client authorization
> part is broken on some machines.
>
> Going back to a previous question:
>
> How does one generate keys for the client and server?
> Where do the keys reside?
> How can it be verified (i.e. su nx?)?
>
> Thanks.
> TEdc
>
>
>
> Kurt Pfeifle wrote:
> >On Monday 30 January 2006 01:17, ted creedon wrote:
> >
> >>What's the procedure for re-keying freenx?
> >>
> >
> >Can you ask the question again? In different words, so I can even
> >understand it?
> >_______________________________________________
> >FreeNX-kNX mailing list
> >FreeNX-kNX at kde.org
> >https://mail.kde.org/mailman/listinfo/freenx-knx
> >
> >
>
>
> _______________________________________________
> FreeNX-kNX mailing list
> FreeNX-kNX at kde.org
> https://mail.kde.org/mailman/listinfo/freenx-knx
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/freenx-knx/attachments/20060130/445bc899/attachment.html>


More information about the FreeNX-kNX mailing list