[FreeNX-kNX] first contact, FreeNX

7th Sign | Iván Rico 7th_sign at soy-geek.com
Thu Jul 31 22:07:46 UTC 2008 

thanks for the tips, I understood about the keys and finally I did it, well
I don't know if this is the best way.

I left the default sshd_conf, only I added this 2 lines

PubkeyAuthentication yes
AuthorizedKeysFile      .ssh/authorized_keys2

in order to connect without problems by ssh then I ran nxsetup --install
--setup-nomachine-key but it showed me an error:

----> Testing your nxserver connection ...
couldn't read file "--check": no such file or directory
Fatal error: Could not connect to NX Server.

but I went to /var/lib/nxserver/home/.ssh/  and  I copy allt text of
client.id_dsa.key to the nx client, and it worked.

Are there a best way?


2008/7/31 Verner Kjærsgaard <vk at os-academy.dk>

>
>
> 7th Sign | Iván Rico skrev:
> >
> >     it's logging in initially with the user 'nx' - that's what the
> >     (pre)configured keys (the 'no-machine keys') are for. That's why you
> >     need to make sure that
> >
> >     a)
> >     you can log into the machine using ssh
> >
> >
> >     b)
> >     that the nx keys are in place, allowing nx to login without a
> password.
> >     c) someone on this list will be able to explain that better than I.
> >     d) once nx can log in and is logged in, the user is switched to
> 'frank'.
> >
> >     That's the 'no-machine-key' way, not the FreeNX way. That's why you
> give
> >     'nxsetup --install --setup-nomachine-key --clean --purge' in order to
> >     make sure the keys ar in place.
> >
> >     Also make sure that the correct ownerships of directories holding the
> >     keys are in place. On my server:
> >
> >     drwxr-xr-x 4 root users 4096 12 jul 13:20 nxserver/
> >
> >     - this may not be entirely correct...perhaps they really should be
> owned
> >     by nx, don't know. But it works..
> >
> >     Further down, I have:
> >
> >     -rw------- 1 nx root  671 12 jul 13:25 authorized_keys2
> >     -rw-r--r-- 1 nx root  668 12 jul 13:20 client.id_dsa.key
> >     -rw------- 1 nx root  235 12 jul 13:20 known_hosts
> >     Gunnar:/var/lib/nxserver/home/.ssh #
> >
> >     - hope this helps!
> >
> >
> > Hello again,
> >
> > a) I can't log into my server by ssh
> > I got this:
> >
> > ivan at dementor ~ $ ssh root at 192.168.1.247 <mailto:root at 192.168.1.247>
> > Permission denied (publickey,gssapi-with-mic).
> > ivan at dementor ~
> >
> > This happens since I change these values to:
> > PasswordAuthentication no
> > AllowUsers nx root ivan
> > on sshd_config
> >
> > b) I deleted the pass with, passwd -d nx but I have the same results
> >
> > c) :)
> >
> > d) I have a few questions about that: Who and How creates these files:
> > authorized_keys2, client.id_dsa.key?
> > I dont't have them in /etc/nxserver and I don't know where them are
> >
> > ---------------------------------
> > 7th Sign | Iván Rico
> > ---------------------------------
> >
> >
> > ------------------------------------------------------------------------
> Hi
> I'm sorry I don't have time to help you further, the car is packed,
> we're off on holiday :-)
>
> One thing, though. You MUST be able to login via SSH.
> First, on the remote machine itself at its console, try this
>
> SSH your_username at localhost
>
> This should absolutely succeed. If not, debug your SSH thing (is it
> listening and so)
>
> If ok, then try the same thing from outside. Login from your local
> machine to the remote machine using SSH
> your_login_name at some-server.something.
>
> This MUST succeed. If not check firewall and more. Hint: on the remote
> machine, as root, do "tail -f /var/log/messages" (end it with ctrl-c).
> This will give you a live log og what's happening.
>
> Then read up on SSH generally. As a normal user, do
>
> ssh-keygen -t dsa
>
> When asked for a pass-phrase, just hit enter.
>
> Now see that a pair of keys are generated, they are placed in
>
> /home/your_user_name/.ssh/some_key_name
> and
> /home/your_user_name/.ssh/some_key_name.pub
>
> Now copy the -pub key to your home-dir on the remote machine. Put it
> into /home/your_home_dir/.ssh/xxx.pub
>
> Now xfer the contents of that xxx.pub file into the "authorized_keys"
> file, do
>
> cat xxx.pub >> authorized_keys
>
> Now create a symlink in the same .ssh dir, do
>
> ln -s authorized_keys authorized_keys2
>
> This way SSH will work regardless of SSH looking for authorized_keys or
> authorized_keys2.
>
> Make sure the authorized_keys file, is owned by your_user_name and that
> its rights are 600. No more, no less. Make sure that your_user_name is
> allowed to enter the .ssh directory...
>
> Exit from the remote machine.
>
> Now you should be able to login from your local machine to the remote
> machine - without using your password. Do
>
> SSH your_user_name at remote_machine
>
>
> If you can't, get that fixed first. Then go on to debug/experiment with NX.
>
> - haven't got more time, wish you luck!
>
>
> --------------------------------------------
> Med venlig hilsen/best regards
> Verner Kjærsgaard
>
> ________________________________________________________________
>     Were you helped on this list with your FreeNX problem?
>    Then please write up the solution in the FreeNX Wiki/FAQ:
>  http://openfacts.berlios.de/index-en.phtml?title=FreeNX_FAQ
>         Don't forget to check the NX Knowledge Base:
>                 http://www.nomachine.com/kb/
>
> ________________________________________________________________
>       FreeNX-kNX mailing list --- FreeNX-kNX at kde.org
>      https://mail.kde.org/mailman/listinfo/freenx-knx
> ________________________________________________________________
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/freenx-knx/attachments/20080731/0fba9074/attachment.html>

More information about the FreeNX-kNX mailing list