Description of problem: I have two Fedora systems which have the same problem. After installing nx, freenx-client, freenx-server I am unable to login via qtnx. Version-Release number of selected component (if applicable): freenx-client-0.9-7.fc10.i386 freenx-server-0.7.3-11.fc10.i386 nx-3.2.0-31.fc10.i386 Systems - x86, fully updated as of 11 Dec 2008 How reproducible: So far on two systems. Steps to Reproduce: 1. Install freenx-client, freenx-server, nx 2. Start qtnx, make a connection to local host 3. Try to login with your username and password Actual results: Login fails. Here is what is printed in the console: ------------------ [ash@dalgonosko ~]$ qtnx Process started stderr> NX> 203 NXSSH running with pid: 4623 Warning: Identity file id.key not accessible: No such file or directory. NX> 285 Enabling check on switch command NX> 285 Enabling skip of SSH config files NX> 285 Setting the preferred NX options NX> 200 Connected to address: 127.0.0.1 on port: 22 stderr> NX> 202 Authenticating user: nx stdout> NX> 208 Using auth method: publickey stdout> NX> 204 Authentication failed. Invalid authentication key Process exited ------------------ The same info is available in qtnx -> Connection -> Show log window Expected results: I wanted to log in. Additional info: I tried disabling selinux with setenforce 0 and additionally set password to the nx account as suggested in bug 462903. However this did not help.
I found a workaround. Copy the public key file from the server to the file /tmp/id.key. Then cd to /tmp, and launch qtnx from the /tmp directory.
I'm still getting "208 Using auth method: publickey 204 Authentication failed." even though I tried copying (from the server) /etc/nxserver/server.id_dsa.pub.key /etc/nxserver/users.id_dsa and /etc/nxserver/client.id_dsa.key to id.key on the client. I also made sure that qtnx is set to "Use default key", which probably means id.key.
I can successfully connect to localhost on an F9 machine by copying /etc/nxserver/client.id_dsa.key (because `ssh-keygen -y -f /etc/nxserver/client.id_dsa.key` matches /etc/nxserver/server.id_dsa.pub.key) to id.key in the user's current working directory. I am also able to connect from the F10 machine to the F9 machine, but not the other way around. I tried to simply copy F10:/etc/nxserver/server.id_dsa.pub.key to F9:/etc/nxserver/server.id_dsa.pub.key and F10:/etc/nxserver/client.id_dsa.key to F9:id.key and again connect to localhost on the F9 machine, but it failed with "208 Using auth method: publickey 204 Authentication failed." Then I tried to copy F9:/etc/nxserver/server.id_dsa.pub.key to F10:/etc/nxserver/server.id_dsa.pub.key while keeping the same id.key on F9. Connecting to F10 from F9 still failed in with the same error.
This is still an issue with Fedora 11/Rawhide. For some reason qtnx is ignoring the key provided in "Configure/Set Authentication Key" (stored in ~/.qtnx/*.nxml) and instead tries to pull it from id.key. I was able to connect to/from rawhide by copying the server's client.id_dsa.key to id.key in qtnx's current working directory on the client. I believe this patch references the same problem: http://lists.kde.org/?l=freenx-knx&m=120802586323562
This may be the same as Bug 379581 -- try disabling SELinux on the server.
Did you test it? I already disabled SELinux and still have the same behaviour. I will do a clean test when F11 comes out and report back, but I don't think the package has changed. By the way, the PWD is your home directory when you run it from the menu, so the id.key file should just be placed in ~, although you have to keep changing the key to connect to different hosts.
I've managed to connect qtnx to my F10 server after setting SELinux to permissive mode on that server so I think this a duplicate of Bug 379581 for me.
This is NOT a dup of Bug 379581. I installed a brand new F11 x86_64 and i686 on my workstation and laptop respectively. I installed freenx-server on one and freenx-client on the other. I then set SELinux to permissive on both (though the server wouldn't affect accessing a file on the client) and rebooted both with a relabel. Entered the server's client.id_dsa.key into "Configure/Set Authentication Key" on the client as described above. Tried to connect: ---------------------------- Process started stderr> NX> 203 NXSSH running with pid: 2443 Warning: Identity file id.key not accessible: No such file or directory. NX> 285 Enabling check on switch command NX> 285 Enabling skip of SSH config files NX> 285 Setting the preferred NX options NX> 200 Connected to address: 192.168.0.102 on port: 22 stderr> NX> 202 Authenticating user: nx stdout> NX> 208 Using auth method: publickey NX> 204 Authentication failed. Process exit ---------------------------- Entered the same client.id_dsa.key into ~/id.key on the client. Tried to connect: ---------------------------- Process started stderr> NX> 203 NXSSH running with pid: 2519 NX> 285 Enabling check on switch command NX> 285 Enabling skip of SSH config files NX> 285 Setting the preferred NX options NX> 200 Connected to address: 192.168.0.102 on port: 22 stderr> NX> 202 Authenticating user: nx stdout> NX> 208 Using auth method: publickey stdout> HELLO NXSERVER - Version 3.2.0-73 OS (GPL, using backend: 3.2.0) NX> 105 stdin> hello NXCLIENT - Version 3.0.0 stdout> hello NXCLIENT - Version 3.0.0 NX> 134 Accepted protocol: 3.0.0 NX> 105 ... ---------------------------- This isn't a problem with SELinux, and just to reiterate, this is a bug on the client not the server.
Re: #8 You are right. After re-reading the original report again it seems most likely that Alexander was experiencing the client-side lack of ~/id.key problem. I propose that this bug be renamed to something like "Unable to login via freenx if ~/id.key is missing on client".
Hi everyone, I had the exact same problem with fresh install of Fedora 11. Comments #4 and #9 helped: indeed one must copy /etc/nxserver/client.id_dsa.key to ~/id.key, give access rights and things start working However I must say that the experience was very frustrating. The only mentioning of id.key is in /usr/share/doc/freenx-client-0.9/README.qtnx about MacOS builds. Maybe this is an upstream bug but as the interface and configuration files do not work properly, there should be some README.fedora in the package or proper mentioning of this workaround. The bug can be renamed, but pleas do not close it as this is not a solution but a workaround. Kind regards: al_shopov
freenx-client-0.9-10.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/freenx-client-0.9-10.fc10
freenx-client-0.9-10.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/freenx-client-0.9-10.fc11
freenx-client-0.9-10.fc11 has been pushed to the Fedora 11 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update freenx-client'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F11/FEDORA-2009-8008
freenx-client-0.9-10.fc10 has been pushed to the Fedora 10 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update freenx-client'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F10/FEDORA-2009-8028
*** Bug 514947 has been marked as a duplicate of this bug. ***
in bug #514947 i stated i have to start in .qtnx directory. and in that directory i have the remote's servers id.key file. i also have installed the test package version freenx-client-0.9-10.fc11.x86_64 and it still exhibits the same behaviour.
(In reply to comment #16) > in bug #514947 i stated i have to start in .qtnx directory. and in that > directory i have the remote's servers id.key file. When you are in .qtnx, then ./id.key is the same as ~/.qtnx/id.key, that's why this is the same bug. > i also have installed the test package version freenx-client-0.9-10.fc11.x86_64 > and it still exhibits the same behaviour. Did you also install the qtnx package? It was split off the main package in the upcoming update.
with regards to .qtnx directory, i believe i read some documentation some where probably the mac readme as ash mentioned (the initial install was last year) as to having to create that .qtnx directory. in any case, i believe it is the correct place for configuration files and id keys much like .ssh as to the test package, yes, i had uninstalled all previous *nx packages and ran the yum command. the packages were pulled in as a dependency
ps. i first encountered this bug in fedora 10 and am now seeing it on fedora 11
freenx-client-0.9-10.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
freenx-client-0.9-10.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.