cescentman
asked on
FreeNX Server and Ubuntu 11.10
I have just installed FreeNX on the Ubuntu box as per the instructions here:-
http://sites.google.com/site/barbarahohensee/desktop-virtualization-with-freenx, changing the binaries for the i386 versions and there were no errors.
When I try to connect form my Windows 7 box using th NX Client I get an error:-
I guessed it was permissions so on the Ubuntu box I tried:-
I got the response:-
I haven't tried making the changes as I'm now out of my comfort zone and unsure whether this is the problem or not. Can anyone help?
http://sites.google.com/site/barbarahohensee/desktop-virtualization-with-freenx, changing the binaries for the i386 versions and there were no errors.
When I try to connect form my Windows 7 box using th NX Client I get an error:-
Authentication failed for user xxxxxxxx
I guessed it was permissions so on the Ubuntu box I tried:-
sudo nxserver --useradd xxxxxxxx
I got the response:-
NX> 100 NXSERVER - Version 3.2.0-74-SVN OS (GPL, using backend: 3.5.0)
NX> 500 Error: The passdb function is not activated in node.conf.
Most probably your FreeNX setup will work out of the box without this
functionality and you've been misleaded by an old tutorial or old
documentation to do this step.
If however you really need this functionality, just set
ENABLE_PASSDB_AUTHENTICATION="1" in node.conf.
I haven't tried making the changes as I'm now out of my comfort zone and unsure whether this is the problem or not. Can anyone help?
ASKER
Thanks for the reply. When I installed NXServer I chose the option to use the preloaded nx ones. Do I need to do something else?
ASKER
Can anyone help?
Is the user account known on your host system?
Can you show the details from a login?
I would consider it a security risk to just allow anybody access through the default keys, so I always generated my own.
Can you show the details from a login?
I would consider it a security risk to just allow anybody access through the default keys, so I always generated my own.
ASKER
if you mean the ubuntu box, yes there is only the one user account.
You will have to more specific I'm afraid, show details?
This only on my private LAN and it's a trial so I'm not worried about security at this point in time.
You will have to more specific I'm afraid, show details?
This only on my private LAN and it's a trial so I'm not worried about security at this point in time.
If you connect the details of why a connection failed are "hidden" and only shown when you push a "details" button.
I meant that because I didn;t go for defaults i have no experience with out of the box work, just with a generated keypair.
Anyway the keypair is available on the server, you can lift the private key from there and paste it in your connection profile.
(and see if they are equal too BTW).
I meant that because I didn;t go for defaults i have no experience with out of the box work, just with a generated keypair.
Anyway the keypair is available on the server, you can lift the private key from there and paste it in your connection profile.
(and see if they are equal too BTW).
ASKER
It is behind the Key button in the 3rd screenshot. [ General Tab ].
There you need the private key part of the keypair on the server.
(if you use ssh-keygen you get a privatekey.. privatekey.pub )
On the server you have an ~nx/.ssh/authorize_keys2
Containing all public keys, the private key needs to be pasted into the nx config...
~nx is short for the home directory from the nx user.
There you need the private key part of the keypair on the server.
(if you use ssh-keygen you get a privatekey.. privatekey.pub )
On the server you have an ~nx/.ssh/authorize_keys2
Containing all public keys, the private key needs to be pasted into the nx config...
~nx is short for the home directory from the nx user.
ASKER
Am I thick or what! Thanks I'll get back to you.
On your workstation in then ~/.nx folder [ /home/user/.nx ] the connection profiles are stored. [ if you hit the save button on the nxclient software ]/
To verify nx setup on the system where the nxserver runs do:
ssh into your server
sudo -s # if not logged on as root ]
cd ~nx/.ssh
ls -la
Alternatively use:
ssh into your server
sudo -u nx -s
ls -la # should show a .ssh directory
cd .ssh
ls -la # should show the same as the last command in the previous set.
It should not be empty as at least the default public key should be stored there.
To verify nx setup on the system where the nxserver runs do:
ssh into your server
sudo -s # if not logged on as root ]
cd ~nx/.ssh
ls -la
Alternatively use:
ssh into your server
sudo -u nx -s
ls -la # should show a .ssh directory
cd .ssh
ls -la # should show the same as the last command in the previous set.
It should not be empty as at least the default public key should be stored there.
ASKER
Thanks. It seems that Windows 7 has two separate folders:-
%userprofile%\\.nx
%userprofile%\.ssh
The key on the windows client is the same as the key in "client.id_dsa.key" in:-
/var/lib/nxserver/home/def ault/keys
On the Ubuntu box running NXServer.
Is this correct?
%userprofile%\\.nx
%userprofile%\.ssh
The key on the windows client is the same as the key in "client.id_dsa.key" in:-
/var/lib/nxserver/home/def
On the Ubuntu box running NXServer.
Is this correct?
Yes, client.id_dsa is the private key, that needs to be distributed to all nxclient.
The public key should be in /var/lib/nxserver/home/.ss h/authoriz ed_keys2
[ derived from client.id_dsa.pub ].
The public key should be in /var/lib/nxserver/home/.ss
[ derived from client.id_dsa.pub ].
ASKER
So on my windows box, the key in the config of the client needs to be the same as the key in:-
/var/lib/nxserver/home/.ss h/authoriz ed_keys2
/var/lib/nxserver/home/.ss
no..
The key consists of an assymmetric key pair: the public part is different from the private part, but they can only be used together.
The public key part of the key is in the authorized_keys2 file, the private part should be in the nxclient profile.
If the private part of the default key is in the client.id_dsa.key file on your server.
After the session state is final the Details button should become "un-greyed".
IF it just dissappears you may need to examine the logs on the server:
grep -i nx /var/log/*
And see if something about some obvious mistakes are mentioned.
If no sufficient info can be found, you can turn on "debug" logging by updating the
/usr/nx/etc/server.cfg
And set:
SessionLogLevel = "7"
Reconnect and verify the logs again.
The key consists of an assymmetric key pair: the public part is different from the private part, but they can only be used together.
The public key part of the key is in the authorized_keys2 file, the private part should be in the nxclient profile.
If the private part of the default key is in the client.id_dsa.key file on your server.
After the session state is final the Details button should become "un-greyed".
IF it just dissappears you may need to examine the logs on the server:
grep -i nx /var/log/*
And see if something about some obvious mistakes are mentioned.
If no sufficient info can be found, you can turn on "debug" logging by updating the
/usr/nx/etc/server.cfg
And set:
SessionLogLevel = "7"
Reconnect and verify the logs again.
ASKER
Details button remains greyed out after the the authorisation failure:-
Link to screen shot above
grep -i nx /var/log/*
does not return any results that relate to NXServer. Just results from "/var/log/udev" and "/var/log/Xorg.0.log.old" for "LNXSYSTM:"
"/usr/nx/etc/" does not exist on my Ubuntu box and doing a search for "server.cfg" returns nothing
Link to screen shot above
grep -i nx /var/log/*
does not return any results that relate to NXServer. Just results from "/var/log/udev" and "/var/log/Xorg.0.log.old" for "LNXSYSTM:"
"/usr/nx/etc/" does not exist on my Ubuntu box and doing a search for "server.cfg" returns nothing
ASKER
Any thoughts?
I am not sure where your server.cfg file for nx is.
That's the one you need to edit for getting more info.
It might be in /var/lib/nxserver/...?
or in /etc/nx...?
My setup on Gentoo is in /usr/NX/... [ with the whole original nx shebang in there ].
That's the one you need to edit for getting more info.
It might be in /var/lib/nxserver/...?
or in /etc/nx...?
My setup on Gentoo is in /usr/NX/... [ with the whole original nx shebang in there ].
ASKER
When I do a search across the whole file system from / there appears to be no "server.cfg".
Well the nxserver does need a config file to startup...
If find doesn't yield anything, try to run the nxserver --update command.
That should at least show where the server.cfg is.
If find doesn't yield anything, try to run the nxserver --update command.
That should at least show where the server.cfg is.
ASKER
I get:-
NX> 100 NXSERVER - Version 3.2.0-74-SVN OS (GPL, using backend: 3.5.0)
NX> 500 Error: Function --update not implemented yet.
NX> 999 Bye
NX> 100 NXSERVER - Version 3.2.0-74-SVN OS (GPL, using backend: 3.5.0)
NX> 500 Error: Function --update not implemented yet.
NX> 999 Bye
ASKER
Did this mean anything to you?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Maybe I have installed the wrong version then. I though I had installed the free version. Will have to look into this.
ASKER
It's taken me a while to get back to this but it's sorted now. Thanks for the help.
Where the public key is on the nxserver system and the private key is in every client?
ssh-keygen can be used to generate such a pair.