[FreeNX-kNX] gateway not working with loadbalancing and multiple servers

Thomas Schweikle tschweikle at gmail.com
Thu Nov 14 18:03:21 UTC 2013 

Hi!

I have set up a gateway, master and two nx-servers.
I can connect to both servers.
I can connect to the master an being forwarded to one of the servers.
I can connect to the gateway, but this times out.

The gateway has (10.167.63.124):
ENABLE_SERVER_FORWARD="1"
SERVER_FORWARD_HOST="10.167.63.127"
SERVER_FORWARD_PORT=22
SERVER_FORWARD_KEY="/var/lib/nxserver/home/.ssh/client.id_dsa.key"

The master has (10.167.63.127):
LOAD_BALANCE_SERVERS="10.167.63.125 10.167.63.126"
LOAD_BALANCE_ALGORITHM="round-robin"
ENABLE_LOAD_BALANCE_PREFERENCE="0"

The nodes have (10.167.63.125; 10.167.63.126):
ENABLE_USERMODE_AUTHENTICATION="0"
ENABLE_PASSDB_AUTHENTICATION="0"
ENABLE_SSH_AUTHENTICATION="1"
ENABLE_SU_AUTHENTICATION="0"
ENABLE_PERSISTENT_SESSION="all"
ENABLE_MIRROR_VIA_VNC=1
ENABLE_DESKTOP_SHARING=1
ENABLE_SESSION_SHADOWING_AUTHORIZATION=1
ENABLE_INTERACTIVE_SESSION_SHADOWING=1
ENABLE_CLIPBOARD="both"
ENABLE_PULLDOWN_MENU="1"
NX_LOG_LEVEL=2
NX_LOG_SECURE=1
NX_LOGFILE=/var/log/nx/nxserver.log

On all servers I've set in /etc/ssh/sshd_config:
AuthorizedKeysFile      .ssh/authorized_keys
AuthorizedKeysFile2     .ssh/authorized_keys2

On all servers I can login using the key defined in .ssh/authorized_keys2
with ssh and user nx (I am thrown out again immediately, because of
protocol violations if connecting with telnet, but ssh is working and does
what is expected).

I can connect with nx-clients to both nodes. A session is established.

I can connect with nx-clients to the master. A session is established to on
of the nodes.

I can connect with nx-clients to the gateway, but no session will be
established. Instead the client times out:
NX> 203 NXSSH running with pid: 5460
NX> 285 Enabling check on switch command
NX> 285 Enabling skip of SSH config files
NX> 285 Setting the preferred NX options
NX> 200 Connected to address: 10.167.63.124 on port: 22
NX> 202 Authenticating user: nx
NX> 208 Using auth method: publickey
NX> 280 Exiting on signal: 15

If starting a sshd in debug mode it shows the client connecting, then sits
there and waits for the master. After a while it kills the connection.

seLinux was turned of. The firewall is turned off too.
I am a bit clueless now. Any idea how to make this run? Or some idea to get
rid of the gateway and leave this part up to the firewall?
But I'd like to know why this breaks at the gateway. As all docs state it
should work out of the box ...!

-- 
Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/freenx-knx/attachments/20131114/615b4449/attachment.html>

More information about the FreeNX-kNX mailing list