Linux - DesktopThis forum is for the discussion of all Linux Software used in a desktop context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi all, I am running Ubuntu 7.10 and connecting to server from Windows XP client. Used dpkg to setup client, then node then server. Everything is running fine. However, I can't for the life of me figure out what's going on with the keys. I even enabled the DB in the server.cfg file and still get Authentication login failure. Here's the error I get in the Details of NX Client and when doing ./nxserver --useradd usrname
Code:
root@guest-desktop:/usr/NX/home/nx/.ssh# /usr/NX/bin/nxserver --useradd usrname
NX> 900 Setting password for user: usrname.
NX> 102 Password:
NX> 102 Confirm password:
NX> 110 Password for user: usrname added to the NX password DB.
NX> 900 Adding public key for user: usrname to the authorized keys file.
NX> 900 Verifying public key authentication for NX user: usrname.
NX> 910 WARNING: The SSH key to be used for user authentication was
NX> 910 WARNING: added to the private authorized keys file of user
NX> 910 WARNING: but user authentication didn't succeed.
NX> 910 WARNING: Please note that, with these settings, the user won't
NX> 910 WARNING: be able to successfully run any sessions.
NX> 910 WARNING: Run the following command to get some hints on the possible
NX> 910 WARNING: reasons of the problem:
NX> 910 WARNING:
NX> 910 WARNING: nxserver --usercheck usrname
NX> 910 WARNING:
NX> 999 Bye.
and when running ./nxserver --usercheck usrname I get the following error:
Code:
NX> 900 Verifying public key authentication for NX user: usrname.
NX> 900 Adding public key for user: usrname to the authorized keys file.
NX> 900 Verifying public key authentication for NX user: usrname.
NX> 500 ERROR: Public key authentication failed
NX> 500 WARNING: NX server was unable to login as user: usrname
NX> 500 WARNING: Please check that the account is enabled to login.
NX> 500 WARNING: Also check that user's home directory, the directory
NX> 500 WARNING: ~/.ssh and the file ~/.ssh/authorized_keys2 have
NX> 500 WARNING: correct permissions according to the StrictModes of
NX> 500 WARNING: your SSHD configuration
NX> 999 Bye.
Strictmodes are enabled and I do have the authorized_keys2 in the sshd config as well. I'm not sure about the permissions though.
If someone could help me with this bit, I would greatly appreciate it.
I think the permissions of "~usrname/.ssh" are incorrect. It must be 0700 for the base dir and 0600 for the files on it. Check it and/or fix it using "chmod -R 0600 ~usrname/.ssh" and after this, "chmod 0700 ~usrname/.ssh" in this order.
This is an old thread but I don't see a solution and now I'm having the same issue. I can ssh but can not connect to nxserver. usercheck returns an ERROR but I have no idea how to fix it.
Quote:
> sudo /usr/NX/bin/nxserver --usercheck myself
NX> 900 Verifying public key authentication for NX user: myself.
NX> 900 Adding public key for user: myself to the authorized keys file.
NX> 900 Verifying public key authentication for NX user: myself.
NX> 500 ERROR: Public key authentication failed
NX> 500 WARNING: NX server was unable to login as user: myself
NX> 500 WARNING: Please check that the account is enabled to login.
NX> 500 WARNING: Also check that user's home directory, the directory
NX> 500 WARNING: ~/.ssh and the file ~/.ssh/authorized_keys2 have
NX> 500 WARNING: correct permissions according to the StrictModes of
NX> 500 WARNING: your SSHD configuration
NX> 999 Bye.
Just copy the key and put that in your NX client...
Quote:
Originally Posted by sharky
This is an old thread but I don't see a solution and now I'm having the same issue. I can ssh but can not connect to nxserver. usercheck returns an ERROR but I have no idea how to fix it.
Distribution: Ubuntu, Debian, Fedora, Oracle Linux
Posts: 109
Rep:
Quote:
Originally Posted by sharky
I'm using nomachine, not freenx. I think the same thing is in /usr/NX/home/ but I'm at work so I'll have to check at lunch time or after work.
Pardon the stupid question but how to a actually 'use' a different key?
Yes, you're right, may I missunderstood the original question, sorry!
But as I know the client key must be generated and distributed by the NX server:
Quote:
The initial login between client and server happens through a DSA key-pair. The public part is provided during the installation of the server, while the private part is distributed together with the NX Client. In order to replace the default keys used by clients, you need to generate a new DSA key-pair and distribute the private part to those clients you want to get connected to the server.
Basically uncomment and ensure in /usr/NX/etc/server.cfg that the following *TWO* vars are pointing to your (custom) SSH port. Mine isn't 22.
# Specify the TCP port where the NX server SSHD daemon is running.
#
#SSHDPort = "22"
# Specify the TCP port where the SSHD daemon is running on the NX SSH
# authentication server.
#
#SSHDAuthPort = "22"
Then, you need to ensure /etc/ssh/sshd_config is pointing to the correct authorization file. Mine defaulted to authorized_keys but NX uses authorized_keys2, so I modified the following line.
AuthorizedKeysFile %h/.ssh/authorized_keys2
Be sure to restart the SSHD server to re-read config: sudo service ssh restart
Be sure to restart the NX server to re-read config: sudo /usr/NX/bin/nxserver --restart
Basically uncomment and ensure in /usr/NX/etc/server.cfg that the following *TWO* vars are pointing to your (custom) SSH port. Mine isn't 22.
# Specify the TCP port where the NX server SSHD daemon is running.
#
#SSHDPort = "22"
# Specify the TCP port where the SSHD daemon is running on the NX SSH
# authentication server.
#
#SSHDAuthPort = "22"
Then, you need to ensure /etc/ssh/sshd_config is pointing to the correct authorization file. Mine defaulted to authorized_keys but NX uses authorized_keys2, so I modified the following line.
AuthorizedKeysFile %h/.ssh/authorized_keys2
Be sure to restart the SSHD server to re-read config: sudo service ssh restart
Be sure to restart the NX server to re-read config: sudo /usr/NX/bin/nxserver --restart
At this point, to set up the SSH "relationship" just run
Quote:
sudo dpkg-reconfigure freenx-server
to generate a Custom key (the option to choose in the first screen) and SSH as freenx authentication type.
Now you have the key to distributed to the client(s) so you need to:
copy the client key just generated in your home directory:
-> move it in the right position and change the owner to root
-> perform the installation
At this point, to set up the SSH "relationship" just run
to generate a Custom key (the option to choose in the first screen) and SSH as freenx authentication type.
Now you have the key to distributed to the client(s) so you need to:
copy the client key just generated in your home directory:
and give it to the client.
The client just need to import it!
This works for me and I hope this works for you!
* * * UPDATE * * *
Last days I was unable to access a freenx server due to the following error:
I confirm that to login with freeNX you need your ssh key (usually the one that has the public part saved in the /home/[user_name]/.ssh/authorized_keys) and the private key /etc/nxserver/users.id_dsa !
The freenx server is running on a Fedora 14 64bit.
root@#####:/usr/NX# ./bin/nxserver --usercheck #####
NX> 900 Verifying public key authentication for NX user: ######.
NX> 900 Adding public key for user: ##### to the authorized keys file.
NX> 716 Public key is already present in: /home/####/.ssh/authorized_keys2.
NX> 900 Verifying public key authentication for NX user: ####.
NX> 500 ERROR: Public key authentication failed
NX> 500 WARNING: NX server was unable to login as user: #####
NX> 500 WARNING: Please check that the account is enabled to login.
NX> 500 WARNING: Also check that user's home directory, the directory
NX> 500 WARNING: ~/.ssh and the file ~/.ssh/authorized_keys2 have
NX> 500 WARNING: correct permissions according to the StrictModes of
NX> 500 WARNING: your SSHD configuration
NX> 999 Bye.
the resolution was as mentioned above. ensuring that in /etc/ssh/sshd_config the one line:
AuthorizedKeysFile %h/.ssh/authorized_keys2
then restart sshd (as root)
/etc/init.d/ssh restart
then it worked
root@#####:/usr/NX# ./bin/nxserver --usercheck ####
NX> 900 Verifying public key authentication for NX user: ####.
NX> 900 Public key authentication succeeded.
NX> 999 Bye.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.