[CentOS] FreeNx doesn't work?

Tom Bishop bishoptf at gmail.com
Wed Oct 13 08:47:18 EDT 2010


I use freenx and install it very frequently, I don't modify the sshd config
but go here to get a copy of the .ssh key...
/var/lib/nxserver/home/.ssh/client.id_dsa.key
and copy that to your client machine....



in  fact if you want to generate a new key the comman is nxkeygen


see if that makes any difference


2010/10/13 José María Terry Jiménez <jtj at tssystems.net>

> Hello
>
> To ease remove the centos packages and install the RPMs from nomachine.com
>
>
> Best
>
> ------------------------------
> El 15/08/2010 18:49, gaohu <tigerheight at gmail.com> escribió:
>
>    On Sun, Aug 15, 2010 at 11:17 AM, gaohu <tigerheight at gmail.com> wrote:
>  > I have installed freenx with this article
> >
> > http://wiki.centos.org/HowTos/FreeNX
> >
> > but when I use freenx-client on windows to connect to server,
> > I always get an "freenx Authentication failed."
>  You appear to have missed a step or configured the auth bits
> incorrectly. The NX user is the user who authenticates via ssh, and
> you authenticate via nx to the proper session. Go through the steps in
> the wiki again carefully and double check the logs to see who you're
> attempting to authenticate as. I'd bet you're trying to auth as your
> user instead of as the nx user and since the wiki states that only the
> nx user is authorized (via the AllowUsers nx statement) auth is
> failing for that reason.
>  --
>
> During times of universal deceit, telling the truth becomes a revolutionary act.
> George Orwell
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
> ==========================================================================
> My config as follows:
> 1. config sshd config, I add
>
> PasswordAuthentication no        AllowUsers nx            ---> nx is not an actual user in my system.
>
> 2. add user, I config
>  nxserver --add user gaohu  <--- gaohu is a common user on my system, and
> can connect via ssh with isa key
>                                , (and password also works before I use ssh
> key to audit.)
>
>  then re config sshd config file, set
>  *AllowUsers nx gaohu*
> **
>  one thing I can not understand is sshd default use
>
> /home/myuser/.ssh/authorized_keys, file
>
> but nxserver generate the key at
>
>
>
> /home/myuser/.ssh/authorized_keys2 file, should I do other settings
>
> in sshd config file to support this?
>
>
>
> 3.then I install the client and copy */*etc/nxserver/client.id_dsa.key file content
>
> to the key window.
>
>
>
> That's all.
>
>
>
> but when I run nxserver --test ? I just got permission denied ? why?
>
>
>
> following is my sshd_config file, Could any one help?
>
>
>
> ====================
>  =====================================
>
>
>
> # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $
> # This is the sshd server system-wide configuration file.  See
> # sshd_config(5) for more information.
> # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
> # The strategy used for options in the default sshd_config shipped with
> # OpenSSH is to specify options with their default value where
> # possible, but leave them commented.  Uncommented options change a
> # default value.
> #Port 22
> #Protocol 2,1
> Protocol 2
> #AddressFamily any
> #ListenAddress 0.0.0.0
> #ListenAddress ::
> # HostKey for protocol version 1
> #HostKey /etc/ssh/ssh_host_key
> # HostKeys for protocol version 2
> #HostKey /etc/ssh/ssh_host_rsa_key
> #HostKey /etc/ssh/ssh_host_dsa_key
> # Lifetime and size of ephemeral version 1 server key
> #KeyRegenerationInterval 1h
> #ServerKeyBits 768
> # Logging
> # obsoletes QuietMode and FascistLogging
> #SyslogFacility AUTH
> SyslogFacility AUTHPRIV
> #LogLevel INFO
> # Authentication:
> #LoginGraceTime 2m
> #PermitRootLogin yes
> #StrictModes yes
> #MaxAuthTries 6
> RSAAuthentication yes
> PubkeyAuthentication yes
> AuthorizedKeysFile .ssh/authorized_keys
> # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
> #RhostsRSAAuthentication no
> # similar for protocol version 2
> #HostbasedAuthentication no
> # Change to yes if you don't trust ~/.ssh/known_hosts for
> # RhostsRSAAuthentication and HostbasedAuthentication
> #IgnoreUserKnownHosts no
> # Don't read the user's ~/.rhosts and ~/.shosts files
> #IgnoreRhosts yes
> # To disable tunneled clear text passwords, change to no here!
> #PasswordAuthentication yes
> #PermitEmptyPasswords no
> PasswordAuthentication no
>         AllowUsers nx gaohu
> # Change to no to disable s/key passwords
> #ChallengeResponseAuthentication yes
> ChallengeResponseAuthentication no
> # Kerberos options
> #KerberosAuthentication no
> #KerberosOrLocalPasswd yes
> #KerberosTicketCleanup yes
> #KerberosGetAFSToken no
> # GSSAPI options
> #GSSAPIAuthentication no
> GSSAPIAuthentication yes
> #GSSAPICleanupCredentials yes
> GSSAPICleanupCredentials yes
> # Set this to 'yes' to enable PAM authentication, account processing, <
>  /DIV>
> # and session processing. If this is enabled, PAM authentication will
> # be allowed through the ChallengeResponseAuthentication mechanism.
> # Depending on your PAM configuration, this may bypass the setting of
> # PasswordAuthentication, PermitEmptyPasswords, and
> # "PermitRootLogin without-password". If you just want the PAM account and
> # session checks to run without PAM authentication, then enable this but set
> # ChallengeResponseAuthentication=no
> #UsePAM no
> UsePAM yes
> # Accept locale-related environment variables
> AcceptEnv LANG&
>  nbsp;LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
> AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
> AcceptEnv LC_IDENTIFICATION LC_ALL
> #AllowTcpForwarding yes
> #GatewayPorts no
> #X11Forwarding no
> X11Forwarding yes
> #X11DisplayOffset 10
> #X11UseLocalhost yes
> #PrintMotd yes
> #PrintLastLog yes
> #TCPKeepAlive yes
> #UseLogin no
> #UsePrivilegeSeparation yes
> #PermitUserEnvironment no
> #Compression delayed
> #ClientAliveInterval 0
> #ClientAliveCountMax 3
> #ShowPatchLevel no
> #UseDNS yes
> #PidFile /var/run/sshd.pid
> #MaxStartups 10
> #PermitTunnel no
> #ChrootDirectory n
>  one
> # no default banner path
> #Banner /some/path
> # override default of no subsystems
> Subsystem sftp /usr/libexec/openssh/sftp-server
>
>
>
> ==========================================================
>
>
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.centos.org/pipermail/centos/attachments/20101013/bcabee12/attachment.html 


More information about the CentOS mailing list