24 Jan
2006
24 Jan
'06
9:36 a.m.
2 - the pub key I listed above apparently is the one distributed with the binary and that would seem to be a security issue
It is only used for the initial connection so the real login and password are sent over an encrypted channel. You can't do anything else with the nx user login - and you could generate new keys if you wanted. But, you should be seeing sshd[18876]: Accepted publickey for nx ... entries in /var/log/secure if the key is working.
Which is of course totally screwed in the NX protocol. What the hell for does it need an nx user for? Pretty much nothing. Indeed nothing at all. It could just as well ssh directly into your account via ssh user@host /usr/bin/nxserver.
But so much on bad design decisions.
Cheers, MaZe.