Sorry I sent the previous email without subject accidently.
How do I generate this key on the client?
Art
Ken Schneider wrote:
On Mon, 2005-08-01 at 21:07 -0700, Art Fore wrote:
On Mon, 2005-08-01 at 22:54 -0400, Ken Schneider wrote:
On Mon, 2005-08-01 at 19:24 -0700, Art Fore wrote: The file on the local pc, the one doing ssh, should reside under /home/<user login>/.ssh/id_dsa.pub and be owned by the user. The same file will be on the remote machine as ~/.ssh/authorized_keys and also owned by the user. Hope this helps.
The key should be generated on the client and there will be two files created in the directory you are in when created, id_dsa and id_dsa.pub in .ssh dir. You need put them in the local .ssh dir and copy the id_dsa.pub file to the remote PC and name it authorized_keys in .ssh dir.
Follow this thread in the archives:
http://lists.suse.com/archive/suse-linux-e/2005-Jun/1841.html
You can search the archives using google. For this I used:
site:lists.suse.com [SLE] id_dsa.pub 9.3
and had one listing.
--
Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998
"The day Microsoft makes something that doesn't suck is probably the day they start making vacuum cleaners." -Ernst Jan Plugge Went to the link you gave, still no luck. Here is what I did and what I got: afore@linux:~> ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/afore/.ssh/id_dsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/afore/.ssh/id_dsa. Your public key has been saved in /home/afore/.ssh/id_dsa.pub.
copied the id_dsa.pub from local machine to server /afore/.ssh/authroized_keys. Still get the same when I try to logon to the server with NX on the clinet. Then I tried one of the things mention in one of the emails. afore@linux:~> ssh-copy-id -i id id_dsa.pub afore@192.168.0.4 0 /usr/bin/ssh-copy-id: ERROR: No identities found afore@linux:~> cd .ssh afore@linux:~/.ssh> ssh-copy-id -i id id_dsa.pub afore@192.168.0.4 0 /usr/bin/ssh-copy-id: ERROR: No identities found So I tried afore@linux:~/.ssh> ssh afore@192.168.0.4 Enter passphrase for key '/home/afore/.ssh/id_dsa': Entered the password that I used when I generated the key which is the same as my logon for both the client and server. Last login: Sat Aug 6 01:49:08 2005 from sha-server.site Have a lot of fun... afore@sha-server:~> exit logout Connection to 192.168.0.4 closed. So now, I am completely lost! What does the ERROR: No identities found mean? Art
On Fri, 2005-08-05 at 17:24 -0700, Art Fore wrote:
Follow this thread in the archives:
http://lists.suse.com/archive/suse-linux-e/2005-Jun/1841.html
You can search the archives using google. For this I used:
site:lists.suse.com [SLE] id_dsa.pub 9.3
and had one listing.
Went to the link you gave, still no luck. Here is what I did and what I got: afore@linux:~> ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/afore/.ssh/id_dsa): Enter passphrase (empty for no passphrase):
Just hit enter so you don't need to type a password. If you supply a password why not use just ole ssh.
Enter same passphrase again: Your identification has been saved in /home/afore/.ssh/id_dsa. Your public key has been saved in /home/afore/.ssh/id_dsa.pub.
copied the id_dsa.pub from local machine to server /afore/.ssh/authroized_keys.
Is this a typo or did you actually spell it authroized_keys? Check the spelling again. -- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998 "The day Microsoft makes something that doesn't suck is probably the day they start making vacuum cleaners." -Ernst Jan Plugge
On Fri, 2005-08-05 at 20:47 -0400, Ken Schneider wrote:
On Fri, 2005-08-05 at 17:24 -0700, Art Fore wrote:
Follow this thread in the archives:
http://lists.suse.com/archive/suse-linux-e/2005-Jun/1841.html
You can search the archives using google. For this I used:
site:lists.suse.com [SLE] id_dsa.pub 9.3
and had one listing.
Went to the link you gave, still no luck. Here is what I did and what I got: afore@linux:~> ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/afore/.ssh/id_dsa): Enter passphrase (empty for no passphrase):
Just hit enter so you don't need to type a password. If you supply a password why not use just ole ssh.
Enter same passphrase again: Your identification has been saved in /home/afore/.ssh/id_dsa. Your public key has been saved in /home/afore/.ssh/id_dsa.pub.
copied the id_dsa.pub from local machine to server /afore/.ssh/authroized_keys.
Is this a typo or did you actually spell it authroized_keys? Check the spelling again.
-- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998
"The day Microsoft makes something that doesn't suck is probably the day they start making vacuum cleaners." -Ernst Jan Plugge
The authroized is a typo. The file name is authorized_keys. Tried uninstalling everyting on the server, and reinstalling following an email on the freenx site for suse 9.3. Still get NX> 203 NXSSH running with pid: 18116 NX> 285 Enabling check on switch command NX> 285 Enabling skip of SSH config files NX> 200 Connected to address: 192.168.0.4 on port: 22 NX> 202 Authenticating user: nx NX> 208 Using auth method: publickey NX> 204 Authentication failed. Why is authenticating user nx? seems like it should be afore. Also tried KNX, still no connection Art
On Friday 05 August 2005 23:07, Art Fore wrote:
Tried uninstalling everyting on the server, and reinstalling following an email on the freenx site for suse 9.3.
Still get NX> 203 NXSSH running with pid: 18116 NX> 285 Enabling check on switch command NX> 285 Enabling skip of SSH config files NX> 200 Connected to address: 192.168.0.4 on port: 22 NX> 202 Authenticating user: nx NX> 208 Using auth method: publickey NX> 204 Authentication failed.
Why is authenticating user nx? seems like it should be afore.
User 'nx' is used for the _first_ authentication. Read some of the other threads on that list (FreeNX), you'll see other mentions to that affect. You'll also see that a _large_ majority of the authentication issues are not issues related to nx, but to ssh.
Also tried KNX, still no connection
I was not able to get knx to work either. I use the free client provided by NoMachine. Works great! Regards. -- Christopher Shanahan
On Fri, 2005-08-05 at 23:21 -0400, Christopher Shanahan wrote:
On Friday 05 August 2005 23:07, Art Fore wrote:
Tried uninstalling everyting on the server, and reinstalling following an email on the freenx site for suse 9.3.
Still get NX> 203 NXSSH running with pid: 18116 NX> 285 Enabling check on switch command NX> 285 Enabling skip of SSH config files NX> 200 Connected to address: 192.168.0.4 on port: 22 NX> 202 Authenticating user: nx NX> 208 Using auth method: publickey NX> 204 Authentication failed.
Why is authenticating user nx? seems like it should be afore.
User 'nx' is used for the _first_ authentication. Read some of the other threads on that list (FreeNX), you'll see other mentions to that affect. You'll also see that a _large_ majority of the authentication issues are not issues related to nx, but to ssh.
Also tried KNX, still no connection
I was not able to get knx to work either. I use the free client provided by NoMachine. Works great!
Regards.
-- Christopher Shanahan
On the freenx email that I am reading which comes also from the suse 9.3 /usr/share/doc/packages/FreeNx/READMEN.SUSE, it says distribute the generated private key (/home/.nx//.ssh/id_dsa) to your clients There is no such animal. Changed the file permissions as mentioned in the file for the authorized_keys, & authorized_keys2, etc, still no change Wanted to try " so all users will be able to login with their normal passwords. Set "ENABLE_PAM_AUTHENTICATION" to "0" in /usr/bin/nxserver to disable PAM_AUTH. In this case you need to add your users (again as root), like "nxserver --adduser " and "nxserver --passwd". The user must exist in the system database for local users first." But there is no such "ENABLE_PAM_AUTHENTICATION" in the nxserver script. No info on where to add or what the correct syntax is. Anyone have any idea about this? Art
On Friday 05 August 2005 23:48, Art Fore wrote:
On the freenx email that I am reading which comes also from the suse 9.3 /usr/share/doc/packages/FreeNx/READMEN.SUSE, it says
I'm not sure which thread -- or doc -- you're reading; however, when you _first_ installed FreeNX how did you set it up? In other words, what was the command you issued when you _first_ launched FreeNX? And, what does 'nxserver --status' tell you? The mirror you chose is -- almost -- irrelevant. None the less, the README found in the ~/NX directory says: [ftp://ftp.suse.com/pub/suse/i386/supplementary/X/NX/README] [http://suse.cs.utah.edu/suse/i386/supplementary/X/NX/README] NX HOWTO: --------- Server: - install packages NX, FreeNX - setup and start FreeNX (first time) nxsetup --install --setup-nomachine-key - start FreeNX (otherwise) nxserver --start Client: - install packages NX, FreeNX, knx - start knx Login/Password: as usual Connection name: <whatever_you_want> Host: Server hostname Sessiontype: UNIX/KDE With the exception of knx as my client, this is what I followed and I did not have any issues. The '--setup-nomachine-key' is important for what you're trying to do. Just make sure you understand the security issues as well. For what it's worth, I'm using NoMachine's client and I have not had any problems. And lastly, remember, you are having an _ssh_ problem, not an _NX_ problem. HTH a bit more. -- Christopher Shanahan
On Sat, 2005-08-06 at 00:19 -0400, Christopher Shanahan wrote:
On Friday 05 August 2005 23:48, Art Fore wrote:
On the freenx email that I am reading which comes also from the suse 9.3 /usr/share/doc/packages/FreeNx/READMEN.SUSE, it says
I'm not sure which thread -- or doc -- you're reading; however, when you _first_ installed FreeNX how did you set it up? In other words, what was the command you issued when you _first_ launched FreeNX? And, what does 'nxserver --status' tell you?
The mirror you chose is -- almost -- irrelevant. None the less, the README found in the ~/NX directory says: [ftp://ftp.suse.com/pub/suse/i386/supplementary/X/NX/README] [http://suse.cs.utah.edu/suse/i386/supplementary/X/NX/README]
NX HOWTO: ---------
Server: - install packages NX, FreeNX - setup and start FreeNX (first time) nxsetup --install --setup-nomachine-key - start FreeNX (otherwise) nxserver --start
Client: - install packages NX, FreeNX, knx - start knx Login/Password: as usual Connection name: <whatever_you_want> Host: Server hostname Sessiontype: UNIX/KDE
With the exception of knx as my client, this is what I followed and I did not have any issues. The '--setup-nomachine-key' is important for what you're trying to do. Just make sure you understand the security issues as well. For what it's worth, I'm using NoMachine's client and I have not had any problems.
And lastly, remember, you are having an _ssh_ problem, not an _NX_ problem.
HTH a bit more.
-- Christopher Shanahan
on the server, I did the nxsetup --install --setup-nomachine-key nxserver --status results in NX>100 NXSERVER Version 1.4.0.03 OS (GPL) NX>110 NX Server is running NX>999 Bye I can ssh into the server from the client with no problem? What files should I have in home/afore/.ssh on the Server? On the server if have authorized_keys and Authorized_keys2. authorized_keys is the id_dsa.pub file copied from the client. Client machine has authorized_keys, I think also copied from id_dsa.pub from the client, authorized_keys.pub I don't know where from, id_dsa, id_dsa.pub from the keygen, and known_hosts when is installed when I accept certificate from server the first time I run NXClient. Knxclent always says connection could not be made, timeout. Art
On Saturday 06 August 2005 00:49, Art Fore wrote:
on the server, I did the nxsetup --install --setup-nomachine-key
nxserver --status results in
NX>100 NXSERVER Version 1.4.0.03 OS (GPL) NX>110 NX Server is running NX>999 Bye
I can ssh into the server from the client with no problem?
Then think about the next logical problem -- firewalls on both the server and the client. Investigate open/closed ports on your firewall(s). Are you trying to connect from a client to a server that both reside on the same LAN? Or are you trying to connect via a WAN?
What files should I have in home/afore/.ssh on the Server? On the server if have authorized_keys and Authorized_keys2. authorized_keys is the id_dsa.pub file copied from the client. Client machine has authorized_keys, I think also copied from id_dsa.pub from the client, authorized_keys.pub I don't know where from, id_dsa, id_dsa.pub from the keygen, and known_hosts when is installed when I accept certificate from server the first time I run NXClient.
People much more versed in ssh authentication will have to help you with your ssh keys. Sorry.
Knxclent always says connection could not be made, timeout.
Firewall? Also, give the free client from NoMachine a try. It includes a set-up wizard and several other packages that may help. You may have much better results with that client. -- Christopher Shanahan
On Sat, 2005-08-06 at 00:57 -0400, Christopher Shanahan wrote:
On Saturday 06 August 2005 00:49, Art Fore wrote:
on the server, I did the nxsetup --install --setup-nomachine-key
nxserver --status results in
NX>100 NXSERVER Version 1.4.0.03 OS (GPL) NX>110 NX Server is running NX>999 Bye
I can ssh into the server from the client with no problem?
Then think about the next logical problem -- firewalls on both the server and the client. Investigate open/closed ports on your firewall(s). Are you trying to connect from a client to a server that both reside on the same LAN? Or are you trying to connect via a WAN?
What files should I have in home/afore/.ssh on the Server? On the server if have authorized_keys and Authorized_keys2. authorized_keys is the id_dsa.pub file copied from the client. Client machine has authorized_keys, I think also copied from id_dsa.pub from the client, authorized_keys.pub I don't know where from, id_dsa, id_dsa.pub from the keygen, and known_hosts when is installed when I accept certificate from server the first time I run NXClient.
People much more versed in ssh authentication will have to help you with your ssh keys. Sorry.
Knxclent always says connection could not be made, timeout.
Firewall?
Also, give the free client from NoMachine a try. It includes a set-up wizard and several other packages that may help. You may have much better results with that client.
-- Christopher Shanahan
I am using the NoMachine client for most of the test. Both server and client are on the same LAN, both have port 22 open on the firewall. I can ssh from client to server with no problem which also uses port 22. Also tried disabling the firewall on both machines. No change. Art
On Fri, 2005-08-05 at 23:21 -0400, Christopher Shanahan wrote:
On Friday 05 August 2005 23:07, Art Fore wrote:
Tried uninstalling everyting on the server, and reinstalling following an email on the freenx site for suse 9.3.
Still get NX> 203 NXSSH running with pid: 18116 NX> 285 Enabling check on switch command NX> 285 Enabling skip of SSH config files NX> 200 Connected to address: 192.168.0.4 on port: 22 NX> 202 Authenticating user: nx NX> 208 Using auth method: publickey NX> 204 Authentication failed.
Why is authenticating user nx? seems like it should be afore.
User 'nx' is used for the _first_ authentication. Read some of the other threads on that list (FreeNX), you'll see other mentions to that affect. You'll also see that a _large_ majority of the authentication issues are not issues related to nx, but to ssh.
Also tried KNX, still no connection
I was not able to get knx to work either. I use the free client provided by NoMachine. Works great!
Regards.
-- Christopher Shanahan
You said large_ majority of the authentication issues are not issues related to nx, but to ssh I can ssh into the server from the client with no problem. So, If ssh is working, why no FreeNX? Art
participants (3)
-
Art Fore -
Christopher Shanahan -
Ken Schneider