[FreeNX-kNX] gateway not working with loadbalancing and multiple servers
chris at ccburton.com
chris at ccburton.com
Thu Nov 14 20:23:18 UTC 2013
freenx-knx-bounces at kde.org wrote on 14/11/2013 18:03:21:
> Hi!
>
> I have set up a gateway, master and two nx-servers.
> I can connect to both servers.
> I can connect to the master an being forwarded to one of the servers.
> I can connect to the gateway, but this times out.
[SNIP]
> SERVER_FORWARD_KEY="/var/lib/nxserver/home/.ssh/client.id_dsa.key"
[SNIP]
OK so it all works except the forwarder . . .
The log from The Forwarder might have been useful here
set
NX_LOG_LEVEL=6
NX_LOG_SECURE=1
SESSION_LOG_CLEAN=0
in node.conf
Remove the log file and recreate an empty one
chmod it to 777
Try again from a client through The Forwarder to The Balancer etc
see what's in The Forwarder's log . . .
> I can connect with nx-clients to the gateway, but no session will be
> established. Instead the client times out:
> NX> 203 NXSSH running with pid: 5460
> NX> 285 Enabling check on switch command
> NX> 285 Enabling skip of SSH config files
> NX> 285 Setting the preferred NX options
> NX> 200 Connected to address: 10.167.63.124 on port: 22
> NX> 202 Authenticating user: nx
> NX> 208 Using auth method: publickey
> NX> 280 Exiting on signal: 15
>
> If starting a sshd in debug mode it shows the client connecting,
> then sits there and waits for the master. After a while it kills the
> connection.
>
> seLinux was turned of. The firewall is turned off too.
> I am a bit clueless now. Any idea how to make this run? Or some idea
> to get rid of the gateway and leave this part up to the firewall?
> But I'd like to know why this breaks at the gateway. As all docs
> state it should work out of the box ...!
>
> --
> Thomas
So, if your ( possibly newly enabled ) logging doesn't throw
up an obvious error,
. . . we start with the basics . . .
Test if you can successfully ssh connect :-
from
the Forwarder
to
the Balancer
as
user nx
using the client key set up on on the forwarder
e.g. in your case:-
# switch to user nx with bash as its shell
sudo su -l nx -s /bin/bash
# check there's something in your selected . . .
cat /var/lib/nxserver/home/.ssh/client.id_dsa.key
ssh -i /var/lib/nxserver/home/.ssh/client.id_dsa.key nx at 10.167.63.127
-p22
which will tell you whether or not
The Forwarder can see The Balancer's IP
The Forwarder can see The Balancer's port 22 tcp
Port 22 on The Balancer has sshd listening on it
The sshd knows about nx
AND if
/var/lib/nxserver/home/.ssh/client.id_dsa.key
on The Forwarder, corresponds to
/var/lib/nxserver/home/.ssh/server.id_dsa.pub.key
( or as you correctly say
authorized_keys / authorized_keys2
which-ever you have in sshd_config )
on The Balancer.
Good luck. Let us know how you get on.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/freenx-knx/attachments/20131114/3867de85/attachment.html>
More information about the FreeNX-kNX
mailing list