On Sat, 25 Feb 2012 23:34:32 +0000 (GMT) Patrick Dupre <patrick.dupre@xxxxxxxxxx> wrote: > After: > nxserver --keygen > > I have: > > /usr/NX/share/keys > total 6 > -rw-r--r--. 1 root root 668 Feb 26 00:01 default.id_dsa.key > -rw-r--r--. 1 root root 668 Feb 19 14:40 default.id_dsa.key.backup > -rw-r--r--. 1 root root 668 May 28 2007 server.id_dsa.key > > > and > > /usr/NX/etc/keys/ > total 4 > -rw-r--r--. 1 root root 603 Dec 19 2010 node.localhost.id_dsa.pub > -rw-------. 1 nx root 672 Dec 19 2010 node.localhost.id_dsa > I'm not entirely familiar with this configuration. I have always used freenx-server. My comments below are adapting what you have described to the method used by freenx-server. What is the home directory of the nx user? freenx-server creates a directory called /var/lib/nxserver/home for this. You can check the home directory with the command: getent passwd nx The home directory is the sixth field in the passwd record. When the nx user tries to log in with public key authentication, sshd looks for a .ssh directory inside nx's home directory. Inside the .ssh directory, there is a file called something like authorized_keys which is used to verify that NX Client has the correct client key. I would say that all of the files in nx's .ssh directory should be owned by nx and have permissions of -rw-------, or 600. > > I do not understand: > > then just go and recopy the key from inside the client .key file in > the shared keys directory and paste it in your NX CLIENT and the > connection will then complete successfully. > Here are instructions on how to paste a client key into NX Client: NoMachine's NX Client has an Advanced Configuration dialog window (aka Configure...) with several tabs. The first tab, called General, has a section called Server. In the Server section, press the Key... button. This brings up a new window. In the new window there is a text area where you can erase the key that comes with NX Client and paste in your own client key. Once the key is pasted in, click the Import button to save it. The small window with the client key text area should disappear. Then press the OK button on the Advanced configuration dialog to save you changes. Note that each host configured in NX Client has its own private key. > > On the server > I deleted /usr/NX/share/keys/default.id_dsa.key > > and copy the key: > /usr/NX/share/keys/default.id_dsa.key > of the client on the server. > I also tried do copy in > /usr/NX/etc/keys/ > > nxserver --restart > > But still does not work. > It seems like default.id_dsa.key is the client (private) key in your configuration. However, the server doesn't use client key. It uses the public key in a special file called authorized_keys. (That is what sshd will look for when the NX Client tries to log in as the nx user with public key authentication.) -- Support the Free Software Foundation - www.fsf.org -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
