Hello there I have found here
a workaround for a problem I had in the past regarding nx client connectivity NoMachines/FreeNX ssh key question
I paste here the recommended solution:
root@#####:/usr/NX# ./bin/nxserver --usercheck #####
NX> 900 Verifying public key authentication for NX user: ######.
NX> 900 Adding public key for user: ##### to the authorized keys file.
NX> 716 Public key is already present in: /home/####/.ssh/authorized_keys2.
NX> 900 Verifying public key authentication for NX user: ####.
NX> 500 ERROR: Public key authentication failed
NX> 500 WARNING: NX server was unable to login as user: #####
NX> 500 WARNING: Please check that the account is enabled to login.
NX> 500 WARNING: Also check that user's home directory, the directory
NX> 500 WARNING: ~/.ssh and the file ~/.ssh/authorized_keys2 have
NX> 500 WARNING: correct permissions according to the StrictModes of
NX> 500 WARNING: your SSHD configuration
NX> 999 Bye.
the resolution was as mentioned above. ensuring that in /etc/ssh/sshd_config the one line:
AuthorizedKeysFile %h/.ssh/authorized_keys2
then restart sshd (as root)
/etc/init.d/ssh restart
then it worked
root@#####:/usr/NX# ./bin/nxserver --usercheck ####
NX> 900 Verifying public key authentication for NX user: ####.
NX> 900 Public key authentication succeeded.
NX> 999 Bye.
I have to change from AuthorizedKeysFile %h/.ssh/authorized_keys
to
AuthorizedKeysFile %h/.ssh/authorized_keys2
What does this change make to my sshd server? How harmful it can be?
I would like to thank you in advance for your reply
You will be inflicting that change on all users of your system.
I’m not sure about the current version of sshd. At least, for a while, sshd checked both authorized_keys and authorized_keys2, even though only the first was configured. This was a backward compatibility issue.
so my guess is that the current version (in opensuse 12.2) is still defaulting to check both. But you probably override that if you define what it should check in “/etc/ssh/sshd_config”. If you comment out that line in the config you will presumably get back to checking both.
On 09/14/2012 07:16 AM, alaios wrote:
>
> Hello there I have found here
> a workaround for a problem I had in the past regarding nx client
> connectivity
> ‘NoMachines/FreeNX ssh key question’ (http://tinyurl.com/9kzf7nt)
>
> I paste here the recommended solution:
… snip…
>
>
> the resolution was as mentioned above. ensuring that in /etc/ssh/sshd_config the one line:
> AuthorizedKeysFile %h/.ssh/authorized_keys2
… snip…
>
> I have to change from AuthorizedKeysFile %h/.ssh/authorized_keys
> to
> AuthorizedKeysFile %h/.ssh/authorized_keys2
>
>
> What does this change make to my sshd server? How harmful it can be?
>
> I would like to thank you in advance for your reply
>
For portability, I’ve just hardlinked authorized_keys and authorized_keys2
together. That’s my approach. That way software will find it no matter which
filename they choose. Just need to be careful should you ever break the inode
linakage.
