NoMachine Connection via SSH Tunnel, Error 111

Forums / NoMachine for Mobile / NoMachine Connection via SSH Tunnel, Error 111

Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • #28573
    AvatarMINERAL-115
    Participant

    Hello!

    As title, I’m getting error 111 (connection refused) when I try to connect to my personal PC via a SSH tunnel. I’m using NoMachine server free on my Windows 10 PC and JuiceSSH on my Android phone to create the SSH tunnel. I’ve set up NoMachine on my Android phone with the following settings:

    Protocol: NX
    Host: localhost
    Port: 4000

    This works when testing from the PCs itself, but doesn’t work when trying to establish a NX connection via my Android phone. VNC works great with this setup, but I prefer NoMachine’s Android app to any of the VNC ones! 🙂

    #28595
    Avatarfisherman
    Moderator

    Port forwarding should work without problem. Please can you verify if the remote port of the Windows is correctly forwarded to your phone, and as well make sure that firewall is not blocking the access to the nx port 4000 on Windows.

    #28599
    AvatarMINERAL-115
    Participant

    Can confirm Windows Firewall is A-OK. Since I’m tunnelling (and the SSH tunnel is already port-forwarded), the connection is loopback, so generated from the machine I’ve got the smartphone connected to.

    I set up my VNC server with the same port to test as a sanity check, just in case, and can confirm it’s working as I’d expect. There is a ‘allow loopback connections’ option in VNC server, but I can’t find a similar setting on NoMachine; does it allow loopback by default?

    Update: I’m an idiot. Was connecting to the SSH in ‘shell’ mode rather than using the port forwarding function of JuiceSSH. Now that I’m doing that, it’s connecting immediately then giving error 22 (“Invalid argument”).

    #28602
    AvatarMINERAL-115
    Participant

    All sorted. The ‘invalid argument’ seemed to be a bug. Stopping and restarting NoMachine server fixed it. I can’t get it to work with private key auth, – the instructions given at https://www.nomachine.com/AR02L00785 don’t seem to work with a Windows install –  but given I’m already connected via SSH (which is using private key auth), I’m not too fussed about using a password instead.

    #28608
    Avatarfisherman
    Moderator

    We still weren’t able to reproduce it. Could it be that you didn’t use the SSH key format like in the article, and used putty instead?

    #28609
    AvatarMINERAL-115
    Participant

    Probably not; I did generate the original 4096 bit RSA key using putty, but exported and reformatted the public key to make it machine friendly (formatting I normally use for authkey files on Linux, although I left off the comment at the end so it matches up with the example key given in the article). I generated a 2048 bit test key as well to ensure it wasn’t an issue with it being 4096 bit, but got the same error.

    Does the player need any particular formatting for the private key? It could well be that, as I didn’t reformat the exported (OpenSSH in a extensionless file) private key.

    #28617
    Avatarfisherman
    Moderator

    All keys private/public needs to be ssh format. Please check this article https://www.nomachine.com/AR06O00932.

    #28618
    AvatarMINERAL-115
    Participant

    3) If you have generated the SSH key pair on Windows, for example by using PuTTYgen (https://www.puttygen.com), be sure it’s in OpenSSH format or convert it. To do that choose the key file in the PuTTYgen main window. Then go to Conversions->Export OpenSSH key to export your private key and save it.

    This was how I exported the private key, as a extensionless file. Could you generate and test a keypair and share them here so I have a known good set of keys to test on my  system? It’d rule out issues with the keypair itself.

     

    #28713
    Avatarfisherman
    Moderator

    I have just re verified that exporting key from putty works correctly.

    Please check attached images.

    Please select public key text from putty and copy it in $HOME/.nx/config/authorized.crt on the server.

    Then go to conversation and export private key as “OpenSSH key”, and use that key as shown in the last screenshot on the client side.

    #28717
    AvatarMINERAL-115
    Participant

    I’ve been using an RSA key rather than a DSA key, that’s the only difference I can see between what I’ve been doing and what you’re showing me in those screenshots – thank you for confirming it for me! I wonder what the problem is, then!

    #28725
    Avatarfisherman
    Moderator

    NX Logs from server and the client side would be helpful to investigate problem. Please enable debug, reproduce problem and send logs and as well server.cfg file to forum[at]nomachine[dot]com.

    There is instruction how to enable and collect debug logs automatically: https://www.nomachine.com/DT10O00162.

Viewing 11 posts - 1 through 11 (of 11 total)

You must be logged in to reply to this topic.