[FreeNX-kNX] 2 freenx server with same client.id_dsa.key

cedric briner work at infomaniak.ch
Mon Feb 4 10:11:46 UTC 2008 

Blindauer Emmanuel wrote:
>> Okay, when I install the normal key, everything is perfectly working.
>>
>> but when I do the :
>> rsync -avHl freenx-server2:/usr/NX/home/nx/.ssh/ /usr/NX/home/nx/.ssh/
>>
>> I get in the /var/log/nxserver.log
>> -- NX SERVER START: -c /usr/NX/bin/nxserver - ORIG_COMMAND=
>> HELLO NXSERVER - Version 2.1.0-71 OS (GPL)
>> NX> 105 hello NXCLIENT - Version 2.1.0
>> NX> 134 Accepted protocol: 2.1.0
>> NX> 105 SET SHELL_MODE SHELL
>> NX> 105 SET AUTH_MODE PASSWORD
>> NX> 105 login
>> NX> 101 User: briner
>> NX> 102 Password:
>> Info: Auth method: passdb ssh
>> NX> 404 ERROR: wrong password or login
>> NX> 999 Bye
>>
>> as if changing the key, the passwd is not working anymore ???
>>
>> Ced.
> 
> Look at the logs from sshd with with verbose enabled. Il could be an 
> permissions error on files, if too open (other can read for example), the 
> server can refuse the auth method.
Yep, I knew it. And this is not the case. Because I can log as nx user 
to freenx-server2. So the file under /usr/NX/home/nx/.ssh/* are well.

But why Am'I getting this:
 >> NX> 105 login
 >> NX> 101 User: briner
 >> NX> 102 Password:
 >> Info: Auth method: passdb ssh
 >> NX> 404 ERROR: wrong password or login
 >> NX> 999 Bye

I can do a :
ssh briner at fai-server2
on fai-server2: ssh briner at localhost     # as root or as on other user
                 ssh briner at fai-server2   # as root or as on other user


I've also tried to do an sshd -d but I can see something in it. check it 
below:
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
debug1: inetd sockets after dupping: 3, 3
Connection from 10.194.66.155 port 44866
debug1: Client protocol version 2.0; client software version OpenSSH_4.7
debug1: match: OpenSSH_4.7 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3p2 Debian-9
debug1: permanently_set_uid: 101/65534
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user nx service ssh-connection method none
debug1: attempt 0 failures 0
debug1: PAM: initializing for "nx"
debug1: PAM: setting PAM_RHOST to "obsdw15"
debug1: PAM: setting PAM_TTY to "ssh"
Failed none for nx from 10.194.66.155 port 44866 ssh2
Failed none for nx from 10.194.66.155 port 44866 ssh2
debug1: userauth-request for user nx service ssh-connection method publickey
debug1: attempt 1 failures 1
debug1: temporarily_use_uid: 104/107 (e=0/0)
debug1: trying public key file /usr/NX/home/nx/.ssh/authorized_keys
debug1: restore_uid: 0/0
debug1: temporarily_use_uid: 104/107 (e=0/0)
debug1: trying public key file /usr/NX/home/nx/.ssh/authorized_keys2
debug1: matching key found: file /usr/NX/home/nx/.ssh/authorized_keys2, 
line 1
Found matching DSA key: 03:67:76:96:8d:fd:da:3e:9b:af:f7:43:6d:d0:16:eb
debug1: restore_uid: 0/0
debug1: ssh_dss_verify: signature correct
debug1: do_pam_account: called
Accepted publickey for nx from 10.194.66.155 port 44866 ssh2
Accepted publickey for nx from 10.194.66.155 port 44866 ssh2
debug1: monitor_child_preauth: nx has been authenticated by privileged 
process
debug1: PAM: reinitializing credentials
debug1: permanently_set_uid: 104/107
debug1: Entering interactive session for SSH2.
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 2097152 max 
32768
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: init
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_channel_req: channel 0 request x11-req reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req x11-req
debug1: channel 1: new [X11 inet listener]
debug1: channel 2: new [X11 inet listener]
debug1: server_input_channel_req: channel 0 request shell reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
debug1: Forced command '/usr/NX/bin/nxserver'
debug1: Received SIGCHLD.
debug1: session_by_pid: pid 28140
debug1: session_exit_message: session 0 channel 0 pid 28140
debug1: session_exit_message: release channel 0
Connection closed by 10.194.66.155
debug1: channel 0: free: server-session, nchannels 3
debug1: channel 1: free: X11 inet listener, nchannels 2
debug1: channel 2: free: X11 inet listener, nchannels 1
debug1: session_close: session 0 pid 0
debug1: do_cleanup
debug1: PAM: cleanup
Closing connection to 10.194.66.155
debug1: PAM: cleanup


> 
> 
> Emmanuel

-- 

Cedric BRINER
Geneva - Switzerland

More information about the FreeNX-kNX mailing list