Someone walk me through key-based authentication?

Forums / NoMachine for Windows / Someone walk me through key-based authentication?

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #10258
    Avatarsmithy
    Participant

    I’m having trouble getting the private-key authentication to work (just using the Free NoMachine) and was hoping to get some help. What I tried to do was create a key pair with PuTTY-gen, move the public key file to C:\Users\[User]\.nx\config\authorized.crt, move the private.ppk file and set it in Advanced connection, but it just seems to fail no matter what I did (I tried both Android and PC). Am I misunderstanding how the key system works? I’d like to get away from signing in with my Windows authentication.

    #10299
    Avatarfrog
    Participant

    Hello,

     

    NoMachine doesnt support keys generated by PuTTYgen, keys need to be in OpenSSH format. One on our user got similar problem with PuTTy, and he wrote solutions for this problem.

    https://www.nomachine.com/forums/topic/unable-to-apply-key-authentication#post-10096

    Did you check this post? Please make sure your keys in right format, as desribed in his post, here are instructions:

    1. Public key in /root/.nx/config/authorized.crt  (.nx and .nx/config have 0700 permissions,  authorized.crt has 0600 permissions, owner root) should be the same format as in /root/.ssh/authorized_keys:

    ssh-rsa AAAA    .. in-one-line ..   Bis= <comment>

    This is the output of PuTTYgen generate window (not the saved file) and is different from SSH / XCA format of the generated public key .crt file. SSH seems to have some setup allowing it to generate the pulic key in this format, but I am not sure about the syntax. The .crt format used to input certificates in browsers and mail clients should not be used:

    —–BEGIN CERTIFICATE—–

    AAAA..

    <<<in-many-lines>>>

    ..Bis

    —–END CERTIFICATE—–

    2. In NX client under WIN select  Session – Edit – Advanced – Private key – Settings file field: browse for private key file in SSH format, not the file saved by PuTTYgen. Private key file format should be:

    —–BEGIN ENCRYPTED PRIVATE KEY—–

    MI…

    /m8=

    —–END ENCRYPTED PRIVATE KEY—–

    • This reply was modified 4 years, 11 months ago by Avatarfrog.
    • This reply was modified 4 years, 11 months ago by AvatarBritgirl.
    • This reply was modified 4 years, 11 months ago by AvatarBritgirl.
    #10326
    Avatarsmithy
    Participant

    Actually I tried OpenSSH through Cygwin, and I’m still getting this problem (on both Windows 7 and Android). And using the settings for PuTTY-gen I explained in my second post give similar looking keys (but let’s ignore that for now). The only difference from my keys and the examples is that in the private key it starts and ends as “—–BEGIN RSA PRIVATE KEY—–” followed by a section containing the Proc-Type and DEK-Info, but it’s still weird it would fail right after it (successfully?) verifies the passphrase.

    Could this be a bug? My installation is fresh.

    #10338
    AvatarBritgirl
    Keymaster

    For the record, user reported a second issue within this topic which has been split so we can investigate separately: https://www.nomachine.com/forums/topic/error-is-22-invalid-argument-2

    #10430
    AvatarBritgirl
    Keymaster

    This topic will be closed. The remaining issue can be tracked using the link https://www.nomachine.com/forums/topic/error-is-22-invalid-argument-2 and the Trouble Report https://www.nomachine.com/TR03N06559.

Viewing 5 posts - 1 through 5 (of 5 total)

This topic was marked as solved, you can't post.