[FreeNX-kNX] establish a encrypted NX session using an alternative SSH client
Julio Carlos Barrera Juez
juliocarlos.barrera at grupoica.com
Sat Jul 7 07:56:04 UTC 2012
Ok,
it is very easy, I want to establish an encrypted NX session without 'nxssh', only openssh client. I achieve all the process until the switch to the SSL tunnel. I want to construct this tunnel using 'ssh -L'. Is it possible? If it was, it would be easy to use any SSH client.
Thank you!
________________________________
De: freenx-knx-bounces at kde.org [freenx-knx-bounces at kde.org] en nombre de Jean Milot [jmilot at dotriver.eu]
Enviado: viernes, 06 de julio de 2012 15:36
Para: freenx-knx at kde.org
Asunto: Re: [FreeNX-kNX] establish a encrypted NX session using an alternative SSH client
Hi,
I would like to help you but can you give more informations or tell us how to try what you have done.
Le 06/07/2012 15:14, Julio Carlos Barrera Juez a écrit :
Hi again!
I have debugged the scenario a little bit more and I noticed that the local ‘nxproxy’ didn’t receive any data from the remote one. The SSL port forwarded tunnel is well established because I have tested it separately. But anyway the local ‘nxproxy’ remains in a the ‘ProxyStage’ called ‘stage_waiting_proxy_version’. It is the one after stage ‘stage_connected’. Then it seems the tunnel was not well established… a contradiction.
I need some help with that, for sure.
Thank you!
De: freenx-knx-bounces at kde.org<mailto:freenx-knx-bounces at kde.org> [mailto:freenx-knx-bounces at kde.org] En nombre de Julio Carlos Barrera Juez
Enviado el: viernes, 06 de julio de 2012 14:03
Para: User Support for FreeNX Server and kNX Client
Asunto: Re: [FreeNX-kNX] establish a encrypted NX session using an alternative SSH client
Hi again, I have noticed that remote ‘nxagent’ is listening on the correct port and when local ‘nxproxy’ starts the connection is established. But the session fails after 1 minute. It seems that a negotiation between both is not well done. I invoke the ‘nxproxy’ by the same way with ‘nxssh’ and with my custom program and SSL port forwarded tunnel, the it must be a negotiation failure.
The ‘nxnode’ log shows me the failure, but not the reason:
…
06.07 13:49:49: node_start_agent (8225): Wait for NODE_AGENT_PID (8524)
06.07 13:50:35: node_start_agent (8225): NODE_AGENT_EXIT_STATUS = "1"
06.07 13:50:35: node_start_agent (8225): close session
06.07 13:50:35: node_start_agent (8225): NODE_FAILED = "failed"
…
And the session log shows a failure with the display, but I don’t understand why:
NXAGENT - Version 3.5.0
Copyright (C) 2001, 2011 NoMachine.
See http://www.nomachine.com/ for more information.
Info: Agent running with pid '8524'.
Session: Starting session at 'Fri Jul 6 13:49:32 2012'.
Info: Proxy running in server mode with pid '8524'.
Info: Waiting for connection from '127.0.0.1' on port '6011'.
Info: Accepted connection from '127.0.0.1'.
Info: Aborting the procedure due to signal '1'.
Error: Aborting session with 'Unable to open display 'nx/nx,options=/home/logoff/.nx/C-Virtual-Xubuntu-2011-2759B7A3A04A7A53439B9CD1E7ED183E/options:2011''.
Session: Aborting session at 'Fri Jul 6 13:50:32 2012'.
Session: Session aborted at 'Fri Jul 6 13:50:32 2012'.
What I’m doing bad?
Thank you!
De: freenx-knx-bounces at kde.org<mailto:freenx-knx-bounces at kde.org> [mailto:freenx-knx-bounces at kde.org] En nombre de Julio Carlos Barrera Juez
Enviado el: viernes, 06 de julio de 2012 13:04
Para: freenx-knx at kde.org<mailto:freenx-knx at kde.org>
Asunto: [FreeNX-kNX] establish a encrypted NX session using an alternative SSH client
Hi all.
I’m developing a Java based NX client. In my first sprint I have developed a NX handler to establish NX sessions using a SSH pure Java library called JSCH (http://www.jcraft.com/jsch/). It worked with few source code lines and I achieve establishing NX sessions without encryption (SSL Port forwarding). Now I’m trying to do the same, but using encrypted NX sessions that only use one SSH port. I change the ‘startsession’ parameter and I create a SSL forwarded tunnel in my SSH client. I know that using ‘nxssh’, it is necessary to say ‘bye’ to the server and then write the command ‘NX> 299 Switch connection to: SSH port: local_port accept: 127.0.0.1’. Then I launch ‘nxproxy’ and the remote NX session starts.
The problem appeared when I tried to launch the original ‘nxproxy’ with my custom SSL port forwarded tunnel. ‘nxproxy’ connected with the local listening port, but it seems it didn’t connect with the remote ‘nxagent’ which was listening in the correct port. Maybe I was establishing bad the port forwarded tunnel, but I have no evidences of it.
It is possible to establish the whole connection using ‘openssh’ standard client instead of ‘nxssh’, it will help me a lot to understand the whole process.
Any help will be appreciated.
Thank you!
________________________________________________________________
Were you helped on this list with your FreeNX problem?
Then please write up the solution in the FreeNX Wiki/FAQ:
http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_FAQ
Don't forget to check the NX Knowledge Base:
http://www.nomachine.com/kb/
________________________________________________________________
FreeNX-kNX mailing list --- FreeNX-kNX at kde.org<mailto:FreeNX-kNX at kde.org>
https://mail.kde.org/mailman/listinfo/freenx-knx
________________________________________________________________
--
Jean Milot - jmilot at dotriver.eu<mailto:jmilot at dotriver.eu> - www.dotriver.eu<http://www.dotriver.eu> <http://www.dotriver.eu/><http://www.dotriver.eu/>
5 passage de l'avenir, F-69200 Vénissieux
Fixe: +33 (0)4 27 46 39 80 Hotline: # 89 Fax: # 81
Rencontrez DotRiver : Salon Use-IT 2012 (http://bit.ly/IV8U81),
Festival Temps Libre (http://bit.ly/L6YbwD)
DotRiver, membre du consortium "nuage" (http://bit.ly/LNIfMr)
Pas à pas, agissons au quotidien pour préserver notre environnement. N'imprimez que si nécessaire, réduisez les déchets informatiques et économisez l'énergie en utilisant les solutions DotRiver.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/freenx-knx/attachments/20120707/753c047e/attachment.html>
More information about the FreeNX-kNX
mailing list