[FreeNX-kNX] Re: getting nx to work with non-standard PAM setup
chris at ccburton.com
chris at ccburton.com
Wed Feb 2 13:12:52 UTC 2011
Alex Aminoff <aminoff at nber.org> wrote on 01/02/2011 20:43:05:
[SNIP]
> > Let us know how you get on !!
>
> [aminoff at perlw2 nx]$ ./nxnode-login ssh aminoff 22
/usr/libexec/nx/nxnode
> --check
> **my password**
> This server requires two-factor authentication. Enter your unix
password,
> then either use otpw or phone authentication. Press
You didn't fix the # after "Press", however, as I said before, your users
won't see this message anyway, so you may as well get rid of it
altogether.
> Password:
> NX> 1000 NXNODE - Version 3.2.0-74-SVN OS (GPL, using backend: 3.3.0)
> NX> 716 finished
> NX> 1001 Bye.
>
>
> This appears to work.
Yup
> The problem I now have is that the various PAM bits expect the ssh
> connection to come from the user's machine, whereas with nx there is
first
> the ssh to nx, then a local ssh to the user. For example the phone
> authentication system knows about local in the office phone numbers and
> will try one of those first if the remote host apears to be local
> (PAM_RHOST).
>
> It is possible that previously it was working, but taking a very very
long
> time because it was calling the wrong phone, waiting for it to stop
> ringing, then calling the correct phone.
Probably . . .
> Is there a way to not ssh in as user nx first but instead just directly
as
> the user?
Usemode
http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_Howto
I haven't used it, so start with google and a search through the list.
> Thanks,
>
> - Alex Aminoff
> BaseSpace.net
> National Bureau of Economic Research (nber.org)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/freenx-knx/attachments/20110202/052b4886/attachment.html>
More information about the FreeNX-kNX
mailing list