Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am trying to access a Linux system from another Linux system.
On the client I am getting;
The NX service is not available or the NX acces was disabled on 92.29.xxx.xxx
Checking the server status:
[root@desktop bin]# /usr/NX/bin/nxserver --status
NX> 900 Connecting to server ...
NX> 204 Authentication to NX server failed.
NX> 110 NX Server is stopped.
NX> 999 Bye.
[alan@desktop ~]$ service nxserver --restart
Usage: /etc/init.d/nxserver {start|stop|restart}
[alan@desktop ~]$ service nxserver restart
WARNING: Service was already stopped, trying to start
Trying to start NX server:
NX> 900 NXSERVER - Version 3.5.0-9
NX> 500 ERROR: Only user: root can use option: start.
Trying to start NX statistics:
NX> 900 NXSERVER - Version 3.5.0-9
NX> 500 ERROR: Only user: root can use option: statistics.
[alan@desktop ~]$ su
Password:
[root@desktop ~]# /usr/NX/bin/nxserver --start
NX> 500 Service already running.
NX> 999 Bye.
[root@desktop ~]# /usr/NX/bin/nxserver --status
NX> 900 Connecting to server ...
NX> 204 Authentication to NX server failed.
NX> 110 NX Server is stopped.
NX> 999 Bye.
What do you mean by port 1194 on the router? Are you port forwarding 1194 from your router to the NX server's port 22? NX will assume sshd is running on port 22, so if you are forwarding port 1194 to 22, you will need to configure the client to connect to port 1194.
Did you generate your own NX server keys, or are you using the default ones?
If you generated your own keys, you need to import your key to the client.
The client key file is located at /etc/nxserver/client.id_dsa.key on your NX server.
Copy the file to your client machine and import it to the client under Configure->Key...->Import button.
NX is also very picky about ownership and permissions of its working and config dirs.
Check that 'nx' is the owner of both /etc/nxserver and /var/lib/nxserver dirs. Also make sure only the nx user can read the .key and .id_dsa files in /etc/nxserver. i.e. chmod 600 /etc/nxserver/*.key and chmod 600 /etc/nxserver/*.id_dsa
If you still can't connect, try re-running the nxsetup script. At the end of nxsetup, it does a test to the server, if that test works, and your client has the correct key, NX should work.
Last edited by anotherlinuxuser; 02-26-2012 at 01:02 AM.
Sorry, I confused NX with openvpn. Port 22 is indeed open.
I regenerated the key and copied it to the client and imported it.
The keys on my system are held at /usr/NX/share/keys.
I don't have the directories that you specified but I set the owner of /usr/NX/share and /usr/NX/var to nx.
nxclient now reports:
The authenticity of host asandco.dyndns-work.com, 2.96.151.2 can't be established.
The RSA key fingerprint is: ......
The host details are correct (that is an improvement believe me)!
The 'details' supplied by nxclient are:
NX> 203 NXSSH running with pid: 14485
NX> 285 Enabling check on switch command
NX> 285 Enabling skip of SSH config files
NX> 285 Setting the preferred NX options
NX> 200 Connected to address: 2.96.151.2 on port: 22
NX> 211 The authenticity of host 'asandco.dyndns-work.com (2.96.151.2)' can't be established.
RSA key fingerprint is 78:d8:98:5c:9d:de:fa:d6:cf:76:9c:eb:5d:0a:f0:78.
Are you sure you want to continue connecting (yes/no)?
Warning: Permanently added 'asandco.dyndns-work.com,2.96.151.2' (RSA) to the list of known hosts.
NX> 202 Authenticating user: nx
Connection closed by 2.96.151.2
Where should I pick up the nxsetup script if you still think that I need it?
Based on the last message: "NX> 202 Authenticating user: nx", the server is not accepting the nx user key from the client.
You can look in /var/log/secure for error messages concerning the 'nx' user. The errors may point to the problem.
Did you install NX from rpms? If so, which ones? I ask because if there is no /etc/nxserver or /var/lib/nxserver dirs on the server, it appears you do not have the freenx-server rpm installed.
Check for these rpms on your server:
nx
freenx-server
For Fedora, these rpms are part of the Fedora repos, for the Redhat rpms I use the ones at www.atrpms.net
I am using a 64-bit not-yet-released version of PClinuxOS 2011. The rpms were installed from its repo. They are described as free NX and are:
nxclient 3.5.0-7
nxnode 3.5.0-7
nxserver 3.5.0-9
However I cannot find the the actual rpms on the system!
Since our last exchange, I have painstakingly gone through the process of creating and configuring new keys following the instructions on the Nomachines site.
The 'update' file from /usr/NX/var/log on the server shows this:
NX> 704 Running: /bin/rm -f '/usr/NX/home/nx/.ssh/authorized_keys2'.
NX> 704 Result: OK.
NX> 704 Starting: server-keygen operation at: Wed Feb 29 12:00:20 2012.
NX> 704 Generating new ssh-keys. Please wait.
NX> 704 Keys generated correctly. Backing up files.
NX> 704 Back up of keys made. Updating files.
NX> 704 Keys updated. NX clients should now use key:
NX> 704 /usr/NX/share/keys/default.id_dsa.key
NX> 704 to get connected to this NX server.
NX> 704 Running: /bin/cp -p '/usr/NX/home/nx/.ssh/default.id_dsa.pub' '/usr/NX/home/nx/.ssh/authorized_keys2'.
NX> 704 Result: OK.
Checking the server before trying to execute the client produced this:
# /usr/NX/bin/nxserver --status
NX> 900 Connecting to server ...
NX> 204 Authentication to NX server failed.
NX> 110 NX Server is stopped.
NX> 999 Bye.
# /usr/NX/bin/nxserver --start
NX> 500 Service already running. //This is bizarre!
NX> 999 Bye.
Now running the client with its new key in place produces this:
'The NX service is not available or the NX access was disabled on host asandco.dyndns.com'
Pressing 'Detail' gave additional info:
NX> 203 NXSSH running with pid: 11461
NX> 285 Enabling check on switch command
NX> 285 Enabling skip of SSH config files
NX> 285 Setting the preferred NX values
NX> 200 connected to address: 2.96.151.2 on port: 22 //That's the address returned by ddns server
NX> 202 Authenticating user: nx //This puzzles me, I logged in as 'alan'
NX> 208 Using auth method: publickey
NX> 204 Authentication failed.
Checking the status of the server again produced this:
# /usr/NX/bin/nxserver --status
NX> 900 Connecting to server ...
NX> 204 Authentication to NX server failed.
NX> 110 NX Server is stopped.
NX> 999 Bye.
On the face of it something is preventing the NX server from continuing to work once its status is checked (quantum effect <G>).
NX uses a two stage authentication method. The first stage is a ssh key exchange using the 'nx' user's ssl key. That is the stage where you are being stopped, as indicated by these messages:
NX> 202 Authenticating user: nx
NX> 208 Using auth method: publickey
NX> 204 Authentication failed.
Had the key exchange for the nx user succeeded, then NX would have authenticated the user 'alan', but it is not getting that far.
There should be some logging of the sshd process that will tell what the problem is with the public key auth of the nx user. I am not sure which file it is on PClinuxOS, but sshd must be logging to somewhere. You need to find the file sshd logs to.
On Fedora and Redhat it is /var/log/secure, check the docs for PCLinuxOS's sshd to find the log file.
Last night several friends looked at this problem. One determined that NX is using nxssh not ssh which is why I could not locate the logs. Another recommended that I wind back. Uninstall everything on both server and remote client, delete all related files and then reinstall. I did it twice because of the install report, reproduced below:
While installing package nxserver-3.5.0-9:
NX> 700 Installing: server at: Fri Mar 02 16:13:56 2012.
NX> 700 Autodetected system: mandrake.
NX> 700 Install log is: /usr/NX/var/log/install.
NX> 700 Creating configuration file: /usr/NX/etc/server.cfg.
NX> 723 Cannot start NX statistics:
NX> 709 NX statistics are disabled for this server. NX> 700 WARNING: Error when trying to connect to NX server, error is:
NX> 700 WARNING: nxsetup cannot validate the sanity of the current installation:
NX> 700 WARNING: the current system or NX configuration could be broken.
NX> 700 WARNING: If difficulties arise (for example sessions cannot be started),
NX> 700 WARNING: it is advisable that you try to uninstall the NX server and the
NX> 700 WARNING: NX client packages then install them again.
NX> 700 WARNING: Search also the NoMachine Knowledge Base at the URL below:
NX> 700 WARNING: http://www.nomachine.com/kb
NX> 700 WARNING: for common errors encountered when performing a software update
NX> 700 WARNING: and the related hints on how to solve them..
NX> 700 Installation of NX server was completed with warnings.
NX> 700 Please review the install log '/usr/NX/var/log/install'
NX> 700 for further details.
NX> 700 Showing file: /usr/NX/share/documents/server/install-notices
I have underlined the significant lines. I feel as though I am in the midst of a software qucksand.
Something else to check that I ran across is the name of the authorized_keys file. I'm using CentOS and the rpms directly from NoMachine. A recent update to nxserver apparently placed an authorized_keys2 file in /usr/NX/home/nx/.ssh. However, my ssh config only looks for authorized_keys so I just symlinked them (ln -s authorized_keys2 authorized_keys) and bingo.
Something else to check that I ran across is the name of the authorized_keys file. I'm using CentOS and the rpms directly from NoMachine. A recent update to nxserver apparently placed an authorized_keys2 file in /usr/NX/home/nx/.ssh. However, my ssh config only looks for authorized_keys so I just symlinked them (ln -s authorized_keys2 authorized_keys) and bingo.
confirm that this solves the issue on Fedora17 as well
OMG!.. Thank you!! I have been working this issue for about 4 hours!.. I found this thread that outlined the exact problem I was having.. linking the authorized_keys2 file to authorized_keys fixed everything!..
cd /usr/NX/home/nx/.ssh
ln -s authorized_keys2 authorized_keys
This is strange to me since I have 4 different computers with the nxserver. None of the others needed to have the authorized_keys2 file linked to the other filename.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.