NX key authentication fails with error ‘Public key not recognized’

Forums / NoMachine for Linux / NX key authentication fails with error ‘Public key not recognized’

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #38213
    jimavera
    Participant

    Like many, I have been unable to get NX key authentication to work following the instructions at AR02L00785

    The server always gets “ERROR! Authentication with ‘NX-private-key’ from host ‘192.168.1.112’ failed. Error is ‘Public key not recognized’.”

    My server is Ubuntu, running NoMachine Linux server 7.9.2
    My client is Windows 11, running Enterprise Client 7.9.2 (on the same local network)

    The KB article shows two ssh-keygen commands, a primary one and an alternative for use with NoMachine versions 6.9.2 and older. Since I’m running newer versions of NoMachine I thought the primary command should be used:

    ssh-keygen -t rsa -b 4096

    (actually I added -f fileprefix to specify the output file paths).

    I copied the resulting .pub file to $HOME/.nx/config/client.crt and set permissions as in the KB article, like this:

     `ls -ld ~ ~/.nx ~/.nx/config ~/.nx/config/*.crt
    drwxr-xr-x 87 jima jima 4096 Apr  6 13:32 /home/jima/
    drwx—— 18 jima jima 4096 Apr  6 13:41 /home/jima/.nx/
    drwx——  2 jima jima 4096 Apr  6 13:39 /home/jima/.nx/config/
    -rw——-  1 jima jima  737 Apr  6 13:39 /home/jima/.nx/config/client.crt`

    /usr/NX/etc/server.cfg set to have AcceptedAuthenticationMethods NX-private-key,NX-password

    I copied the private key file to the client using nomachine’s file-transfer mechanism (while connected using a password) and later changed the client’s Connection config to use it via the ‘Use key-based authentication with a key you provide’ dialog.

    Then, when trying to connect using key auth, a screen appears with username (pre-filled) and “key passphrase” (empty) fields. Pressing “Return” (since there is no passphrase) results in a login failure.

    So I tried a new key pair generated with

    ssh-keygen -m PEM -t rsa -b 4096

    This time the login screen did not prompt for a passphrase but immediately displayed “Authentication failed, please try again”

    Either way /usr/NX/var/log/nxserver.log contains the ‘Public key not recognized’ error.

    I’ve read many other forum articles about this issue and the solutions seem inconclusive, dubious, or obsolete.  For example, many articles talk about a file $HOME/.nx/config/authorized.crt but that filename (“authorized.crt”) is nowhere mentioned in the KB article so the information must be stale.

    What’s the best way to debug this?

    #38251
    Britgirl
    Keymaster

    Hi,

    we noticed an incorrect parameter in the article which must have been introduced by mistake.

    Please check again the article: https://knowledgebase.nomachine.com/AR02L00785 in point 2 of the section Add the public SSH key on the server

    $HOME/.nx/config/client.crt

    is now

    $HOME/.nx/config/authorized.crt

    Let us know the outcome.

    #38402
    jimavera
    Participant

    Ok, that seems to have been the problem.   Thanks.

Viewing 3 posts - 1 through 3 (of 3 total)

This topic was marked as closed, you can't post.