[FreeNX-kNX] Running free nx and windows nx client with ssh "no password authentication"

Fabian Franz FabianFranz at gmx.de
Tue May 6 13:18:01 UTC 2008


> Hi
> I have been using FreeNX (0.7.1.svn416-3) and the windows nx client 
> (3.0.0-83) to manage my Centos 5 server over our internal network for 
> some time. Fantastic.

Nice!

> 
> Recently - while away from the office - I opened port 22 to the internet 
> so I could manage more remotely - and this also worked fine - but within 
> 24 hours - there had been at least one brute force attack on the ssh port.
> 
> On investigation - I found that my ssh settings allowed password 
> authentication "PasswordAuthentication yes" - which is definitely not 
> ideal because it opens the possibility of such attacks. The ssh mailing 
> list strongly recommend disabling password authentication - and that 
> makes sense to me.
> 
> However - I found that when I disable password authentication in ssh - 
> the nx connection no longer works. 

Here is the solution:

Edit or create node.conf:

Set ENABLE_SSH_AUTHENTICATION="0", set ENABLE_SU_AUTHENTICATION="1" and add nx user to wheel or utmp group so that su - works for nx user.

Done.

Best Wishes,

Fabian



More information about the FreeNX-kNX mailing list