[FreeNX-kNX] Problems With FreeNX and PAM-SecurID/RSA Authentication
Paul E. Virgo
Paul.E.Virgo at nasa.gov
Wed Apr 4 17:38:29 UTC 2012
Members,
I've been having issues with getting any of my NX clients to properly
authenticate against the FreeNX server on a remote machine. I have
enabled SSH only--per our security directives--because we use SecurID
PIN+token authentication for our SSH connections. Here's the behavior I
get when I use nxnode-login to test:
[root at s4pt pam.d]# nxnode-login ssh pvirgo 22 nxnode --check
can't read "expect_out(1,string)": no such variable
while executing
"set password $expect_out(1,string)"
(file "/usr/bin/nxnode-login" line 57)
[root at s4pt pam.d]#
This would happen if I were to attempt to put in the SecurID PIN+token
combo, so I figured I was 'tripping' something that the expect script
couldn't handle, but then I went ahead--on a second attempt--and typed a
carriage return, and got this:
root at s4pt pam.d]# nxnode-login ssh pvirgo 22 nxnode --check
*******************************************************************************
* This US Government computer is for authorized users only. By
accessing *
* this system you are consenting to complete monitoring with no
expectation *
* of privacy. Unauthorized access or use may subject you to
disciplinary *
* action and criminal
prosecution. *
*******************************************************************************
Enter PASSCODE:
which would make sense, but when typing the PIN+token, I just get the
characters echo'ed back and the prompt just sits there. I feel like I'm
closer to getting this working. Was wondering if anyone had any
ideas/suggestions? Do I need to manipulate something within the expect
script portion somewhere?
Thanks.
--
Paul E Virgo
Sr. System Administrator
Code 610
SESDA II - DAAC/DISC
Goddard Space Flight Ctr
Greenbelt, MD 20771
(301) 614-5751
More information about the FreeNX-kNX
mailing list