Login issues to NoMachine 5.2.21

Forum / NoMachine Cloud Server Products / Login issues to NoMachine 5.2.21

Viewing 12 posts - 1 through 12 (of 12 total)
  • Author
    Posts
  • #14993
    saldanad
    Participant

    Windows 10 client running NoMachine 5.2.21 connection via SSH to NXserver running on Red Hat v6.7. I have about a dozen systems running NX 3.5.0-11 that all work great (on the same OS). Just recently had to set up some remote DBA’s with the appropriate keys and usernames. One server failed me though and all of my troubleshooting ended with me uninstalling the old version and installing the new version (NoMachine Enterprise Server Evaluation – Version 5.2.21) . Nothing seems to be working despite my efforts.

     

    My client has the appropriate DSA key, username is added to the nxserver userlist, authentication is set to system on the server and client with SSH key added. Errors I get on the client are:

    14600 9164 15:07:11 766.710 ClientSession: Starting session at 0x03696970.

    14600 9164 15:07:11 766.710 ClientSession: Going to start session ‘%userprofile%\server.nxs’.

    14600 9164 15:07:11 788.701 Connection: Initializing connection at 0x046e07f8.

    14600 9164 15:07:11 790.203 Connection: Initialized connection at 0x046e07f8.

    14600 9164 15:07:11 790.203 Connection: Starting connection at 0x046e07f8.

    14600 9164 15:07:11 790.203 DaemonSshConnector: Starting a new connection to host ‘**.**.**.**’ on port ’22’.

    14600 9164 15:07:11 791.203 Connection: Started connection at 0x046e07f8.

    Info: Connection to **.**.**.** port 22 started at 15:07:11 794.202.

    14600 9164 15:07:11 809.701 ClientSession: Started session at 0x03696970.

    14600 14552 15:07:11 900.443 ClientSession: A valid certificate for this server was found.

    14600 14552 15:07:16 610.935 Encryptor/Encryptor: ERROR! Authentication failed.

    14600 14552 15:07:16 610.935 Encryptor/Encryptor: ERROR! Authentication failed in context [A].

    Error: Authentication failed in context [A].

    14600 14552 15:07:16 610.935 Channel/Channel: WARNING! Runnable DaemonReader failed for FD#2460.

    14600 14552 15:07:16 610.935 Channel/Channel: WARNING! Error is 1, ‘Operation not permitted’.

    14600 12072 15:07:16 611.424 DaemonClientApplication/DaemonClientApplication: WARNING! Session terminated abnormally.

    14600 12072 15:07:16 611.424 DaemonClientApplication/DaemonClientApplication: WARNING! Error is 1, ‘Operation not permitted’.

    Warning: Connection to **.**.**.** port 22 failed at 15:07:16 611.424.

    Warning: Error is 1, ‘Operation not permitted’.

    I check in on the server logs and see nothing in either nxserver.log or nxerror.log with relevant time stamps to the issue. From all I can interpret from the errors on the client side it looks like a bad password. However I can SSH in via putty with the same credentials. So a typo is out of the question. I’ve tried to make a one-to-one comparison of the older version of nxserver and the new install and can’t see anything jumping at me that is different. Any assistance on this issue would be great. I have more log data as well as other configuration options I tried that I thought should also work but didn’t.

    #15001
    reza
    Participant

    Please enable debug in your SSH daemon on server and show us logs from failed attempt.

    #15003
    saldanad
    Participant

    This is output from setting the client setting to NoMachine Authentication using a key

    Jun  6 16:38:30 banssb-dev sshd[36128]: Accepted publickey for nx from 10.9.3.50 port 58740 ssh2

    Jun  6 16:38:31 banssb-dev sshd[36128]: pam_unix(sshd:session): session opened for user nx by (uid=0)

    Jun  6 16:38:39 banssb-dev sshd[36128]: pam_unix(sshd:session): session closed for user nx

     

    This is output from setting the client to use system login and key (2 attempts):

     

    Jun  6 16:36:54 banssb-dev sshd[36103]: Connection closed by 10.9.3.50

    Jun  6 16:38:18 banssb-dev sshd[36127]: Connection closed by 10.9.3.50

     

     

    #15010
    reza
    Participant

    Logs you collected are not enough detailed to provide any hint. Please increase SSHD LogLevel from INFO to DEBUG3 and restart daemon. If you are worry about your privacy please remove all sensible info from collected logs.

    Additionally please explain step by step how you try to login and when it works and when not. All of it will help us to understand problem.

    #15029
    saldanad
    Participant

    I see what I did wrong initially now. Logs will be attached. Log 1 connection setup on Win10 client is set up as an SSH connection using System Login with a username and password and key. When I attempt this connection it immediately prompts for a username and password which errors out with “connection to the server lost”

    The second log is the same except I use the NoMachine Login with password and key. When I attempt this connection it gets as far as prompting me for a username and password and then fails with “Server configuration error”

    #15036
    reza
    Participant

    In System login case it looks like the key you are trying to use is not added into .ssh/authorized_keys2 file in your home directory on server.

    NoMachine login case is more complicated and we need nxserver.log and nxerror.log files from your server to analyse the problem.

    #15039
    saldanad
    Participant

    Ok, going forward I suppose troubleshooting just the system login will be helpful. I added the key to the authorized_keys2 file on the home directory. and got the attached in the SSHD debug log:

    debug3: secure_filename: checking ‘/home/remotedba/.ssh’

    debug3: secure_filename: checking ‘/home/remotedba’

    debug3: secure_filename: terminating check at ‘/home/remotedba’

    debug2: key_type_from_name: unknown key type ‘no-port-forwarding,no-agent-forwarding,command=”/usr/NX/bin/nxnode”‘

    debug3: key_read: missing keytype

    debug2: user_key_allowed: check options: ‘no-port-forwarding,no-agent-forwarding,command=”/usr/NX/bin/nxnode” ssh-dss *old key that was already in authorized_keys2*

    debug2: key_type_from_name: unknown key type ‘no-port-forwarding,no-agent-forwarding,command=”/usr/NX/bin/nxnode”‘

    debug3: key_read: missing keytype

    debug2: user_key_allowed: check options: ‘no-port-forwarding,no-agent-forwarding,command=”/usr/NX/bin/nxnode” ssh-dss *new key I added*

    key_read: uudecode *new key I added*

    failed

    debug2: user_key_allowed: advance: ‘ssh-dss *new key I added*

    debug2: key not found

    debug1: restore_uid: 0/0

    Failed publickey for remotedba from 10.9.3.50 port 57015 ssh2

    debug3: mm_answer_keyallowed: key 0x7f1160961540 is not allowed

    debug3: mm_request_send entering: type 22

    debug2: userauth_pubkey: authenticated 0 pkalg ssh-dss

    debug3: Wrote 96 bytes for a total of 2453

    debug3: mm_request_receive entering

    Connection closed by 10.9.3.50

    #15041
    reza
    Participant

    We found that key you are trying to do contains obsolete options, no longer used in NX 4 and 5.

    Please don’t add ‚no-port-forwarding,no-agent-forwarding,command=”/usr/NX/bin/nxnode”’ to key you are trying to use for SSH System authorisation.

    Additionally SSHD fails to decode your key.

    Please generate new one, add it to your .ssh/authorized_keys2 and use in player as explained in following article:

    https://www.nomachine.com/AR12I00615

    #15045
    saldanad
    Participant

    I’ve edited the authorized_keys2 file to contain only the part of the line containing

    ssh-dss *key here*

    all as one line and I’m getting the following error now

    debug3: secure_filename: terminating check at ‘/home/remotedba’

    buffer_get_string_ret: bad string length 813826490

    key_from_blob: can’t read key type

    key_read: key_from_blob

    **new key**

    failed

    debug2: user_key_allowed: check options: ‘ssh-dss **new key**

    debug3: key_read: missing whitespace

    debug2: user_key_allowed: advance: ‘**new key**

    debug2: key not found

    debug1: restore_uid: 0/0

    Failed publickey for remotedba from 10.9.3.50 port 59301 ssh2

    debug3: mm_answer_keyallowed: key 0x7fbbbb98a540 is not allowed

     

    #15046
    saldanad
    Participant

    I actually did something wrong there, a bit of fat fingering when copy/pasting data into files. I have a new issue now that everything is squared away. The SSH debug shows me that everything worked however the client is giving me the following error.

    Error: /usr/NX/bin/nxexec: error while loading shared libraries: libstdc++.so.6: cannot open shared object file: No such file or directory

    So all the SSH issues are sorted out but this new error seems to be the only thing between me and a successful connection.

    #15067
    reza
    Participant

    Looks like you have installed 32 bit NoMachine package on 64 bit system.

    Please remove 32 bit version and install correct, 64 bit package or install 32 bit compatibility library.

     

    #15071
    saldanad
    Participant

    Thanks so much for all the assistance! You’ve been a great help. That was exactly the issue.

Viewing 12 posts - 1 through 12 (of 12 total)

This topic was marked as solved, you can't post.