On Tue, 2006-01-24 at 08:25 -0700, Craig White wrote:
On Tue, 2006-01-24 at 10:33 +0100, Maciej Żenczykowski wrote:
copied the above key (that which was between the ----BEGIN and -----END but not including those lines) and pasted into the key section and that
why without the --begin-- --end-- lines? I always copy with'em.
Yeah - I think I needed them too. I was unsure which is why I posted up about copying the key with/without them. Turned out 'importing' probably would have worked just fine too - have to check on that.
I generate keys using ssh-keygen, and stick them into: /var/lib/nxserver/home/.ssh/authorized_keys2 (or without the '2' depends on sshd server setup) [in one line] and the entire private key into the client.
This little nugget combined with what I learned last night was the key and I probably would have stumbled into last night had I had the ----BEGIN & -----END lines.
turns out that install will create
/var/lib/nxserver/home/.ssh/authorized_keys2
but sshd on CentOS 4 doesn't look there.
so I merely
cd /var/lib/nxserver/home/.ssh cp authorized_keys2 authorized_keys chown nx authorized_keys
et voila - login
Thanks for everyone's help
I can't believe that people didn't stumble into this installing freenx on CentOS as it simply cannot work out of the box without doing this or some other change in /etc/ssh/sshd_config
OK, I have just done a brand new install of CentOS just to test this issue on a blank machine.
It is a standard server install with no packages from outside the CentOS repositories.
First thing i did after running yum upgrade is this:
yum install freenx nx
Then I went to a client and imported the key ...
I have what you said ... authorized_keys2 in /var/lib/nxserver/home/.ssh/ (which is exactly what I would expect).
connection from the client worked perfectly ... I had zero issues.
Craig ... please look in your /etc/ssh/sshd_conf file and see if you have a:
Protocol 1
in there ... because with the standard config, both Protocol 2 and 1 are authorized. What you are describing suggests that only ssl protocol 1 is enabled on your sshd.
I can absolutely say that with no modifications to sshd_conf, pam authentication, or other changes that nx/freenx works perfectly out of the box.