Hello List.... Situation is as Follows: This works! =========== - On my localnet, If setup NxServer (from suse dvd's) on A SUSE 9.3 Box as follows: 1) Installed packages with yast. 2) nxsetup --install --setup-nomachine-key - From my internal laptop (SUSE 10.0) I can connect to 9.3 box no problems... This don't =========== On a remote server (SUSE 10.0) I've installed nxserver (also from dvd's). I had to add the user to the "remotessh" group to allow access via ssh. I try to connect to remote server via internet: I get a successful nx remote login via ssh, then the NXClient tells me my authentication fails! my guess the problem must be the firewalls, as that is the first difference between the 2 setups. But then again I see no firewall "Deny Msgs"... I assume that NX stuff only needs ssh? The documentation seams to imply that ONLY authentication is done that way, but some of the emails on this list seams to imply that only that is used... Any help appreciated... Jerry
two recommendations: 1) try to login via SSH without X and NX. If this fails, then the problem is in SSH authentication, before NX. If text-mode SSH works, then check your NX config. both client & server. 2) you don't need to add any users manually. Just install NX server with standard NX keys, and it will work.
On Monday 05 December 2005 22:48, Alexey Eremenko wrote:
two recommendations:
1) try to login via SSH without X and NX. If this fails, then the problem is in SSH authentication, before NX. If text-mode SSH works, then check your NX config. both client & server.
2) you don't need to add any users manually. Just install NX server with standard NX keys, and it will work.
Thx Alex... Yes, already tested ssh in text mode and vncviewer -via also works... One thing no one mentioned , was the encrypt connections with ssl option on the NoMachine version. But the fact that it should work was very informative. Knowing that I went over the specialties of my "remote server" setup. I started to back them out. Lo-and-behold! NXClient does not correctly handle ssh on ports other than 22! Nor does it honor the settings in /etc/ssh/ssh_config file! Naughty naughty! So putting ssh back to port 22, has got the NoMachine linux client working! The KNX version still fails... Guess I'll go browse nomachine website, and find where to report this... Once again thanks folks! Jerry
On Monday 05 December 2005 23:28, Jerry Westrick wrote:
I started to back them out. Lo-and-behold! NXClient does not correctly handle ssh on ports other than 22! Nor does it honor the settings in /etc/ssh/ssh_config file!
Naughty naughty!
So putting ssh back to port 22, has got the NoMachine linux client working!
Okay got NXServer to work with ssh port other than 22! Here's how to do it: On Remote Server: - Install nxserver with yast. - create group remotessh - in a root-shell execute: nxsetup --install –setup-nomachine-key - Changed /etc/ssh/sshd_config adding following lines at bottom: # # Westrick GmbH Configuration # Port 22 <-- Your security-by-obscurity-port-no AllowGroups remotesh GatewayPorts yes X11DisplayOffset 50 X11Forwarding yes - Changed /etc/nxserver/node.conf: SSHD_PORT=26 ENABLE_SSH_AUTHENTICATION=”1” - Added user nx to group remotessh! - Added users allowed to access remote to group remotessh! On Client machine: - edit /etc/ssh/ssh_config, add following lines before "Host *" line: Host RemoteServer Port 22 <---- Your security-by-obscurity-port-no - Download NXClient from http://www.nomachine.com/download.php . When Connecting you need to change 2 additional parameters: - General->Server->Port is 26. - Advanced->Network->"Enable SSL encryption of all traffic" is enabled. - and login with normal SSH username/password! That's it folks.... Now to test windows clients! Jerry
On 12/6/05, Jerry Westrick <jerry@westrick.com> wrote:
On Monday 05 December 2005 23:28, Jerry Westrick wrote:
I started to back them out. Lo-and-behold! NXClient does not correctly handle ssh on ports other than 22! Nor does it honor the settings in /etc/ssh/ssh_config file!
That's simply *NOT* true! I have worked with FreeNX on SUSE10, on non-standard ports. (222, 4001,...) The main secret here, is to change port of SSH server, then of NX server, then restart both servers. Ports *must* be in sync, i.e if you choose port 2001 for NX, then change to port 2001 for SSH server too. -Alexey. 6.12.2005.
On Tuesday 06 December 2005 00:47, Alexey Eremenko wrote:
On 12/6/05, Jerry Westrick <jerry@westrick.com> wrote:
On Monday 05 December 2005 23:28, Jerry Westrick wrote:
I started to back them out. Lo-and-behold! NXClient does not correctly handle ssh on ports other than 22! Nor does it honor the settings in /etc/ssh/ssh_config file!
That's simply *NOT* true! I have worked with FreeNX on SUSE10, on non-standard ports. (222, 4001,...) The main secret here, is to change port of SSH server, then of NX server, then restart both servers.
Ports *must* be in sync, i.e if you choose port 2001 for NX, then change to port 2001 for SSH server too.
-Alexey. 6.12.2005.
Yep, you miss-interpret the post... I answered my own posting with how to setup that up. Thx again for the tip that got me on my way! Jerry P.S. Did you get the multimedia to work Linux server to windows client?
I had success with both KDE knx and NoMachine's NX-Client clients. NoMachine's NX-Client worked well from Linux & Windows XP.
On Tuesday 06 December 2005 06:50, Jerry Westrick wrote:
I assume that NX stuff only needs ssh? The documentation seams to imply that ONLY authentication is done that way, but some of the emails on this list seams to imply that only that is used...
I have found sometimes the files in /var/lib/nxserver/home/.ssh have the wrong permission settings. I think you will find that the file authorized_keys should only be read/write by user nx and no permissions for group or others. i.e. chmod 0400 Also check the /home/.nx/.ssh directory as well. The easiest way of checking is to look at /var/log/messages when you are trying to log in, any errors relating to authentication will be displayed. -- Regards, Graham Smith
participants (3)
-
Alexey Eremenko -
Graham Smith -
Jerry Westrick