[FreeNX-kNX] Running free nx and windows nx client with ssh "no password authentication"
Fabian Franz
FabianFranz at gmx.de
Tue May 6 13:18:01 UTC 2008
> Hi
> I have been using FreeNX (0.7.1.svn416-3) and the windows nx client
> (3.0.0-83) to manage my Centos 5 server over our internal network for
> some time. Fantastic.
Nice!
>
> Recently - while away from the office - I opened port 22 to the internet
> so I could manage more remotely - and this also worked fine - but within
> 24 hours - there had been at least one brute force attack on the ssh port.
>
> On investigation - I found that my ssh settings allowed password
> authentication "PasswordAuthentication yes" - which is definitely not
> ideal because it opens the possibility of such attacks. The ssh mailing
> list strongly recommend disabling password authentication - and that
> makes sense to me.
>
> However - I found that when I disable password authentication in ssh -
> the nx connection no longer works.
Here is the solution:
Edit or create node.conf:
Set ENABLE_SSH_AUTHENTICATION="0", set ENABLE_SU_AUTHENTICATION="1" and add nx user to wheel or utmp group so that su - works for nx user.
Done.
Best Wishes,
Fabian
More information about the FreeNX-kNX
mailing list