Package: x2goserver

  Version: 4.0.1.19-0~1064~ubuntu16.04.1 amd64

 

First of all, I would like to thank you for your marvelous x2go server.

 

However, I have tried to install it on Ubuntu 14.04, 15.10 and 16.04 and every time I had the same error on mounting local shares from mswin official client:

Mar 10 17:53:55 x2go-test /usr/bin/x2gomountdirs[1428]: executing: timeout 30 sshfs  -o idmap=user,uid=`id -u`,gid=`id -g`,default_permissions,ServerAliveInterval=300,Cipher=blowfish,IdentityFile=/home/sysop/.x2go/ssh/key.gq4920,UserKnow

nHostsFile=/home/sysop/.x2go/ssh/key.gq4920.ident "User"@192.168.0.128:"/cygdrive/D/QUAKE2" "/tmp/.x2go-sysop/media/disk/_cygdrive_D_QUAKE2" -p 7022

Mar 10 17:53:55 x2go-test /usr/bin/x2gomountdirs[1428]: WARNING: mounting of /cygdrive/D/QUAKE2 failed

 

I have tested it on several Windows PC’s, still no luck. I have the remote access to linux desktop (ssh connection to Linux works fine), but backward ssh connection fails.

 

I have found the following bugs and solutions:

1.  sshd on cygwin offers ssh-dss keys, but modern ssh-client on Ubuntu fails to accept this (deprecated?) type of a key.

The problem is worked-around by adding HostKeyAlgorithms=+ssh-dss to /etc/ssh/ssh_config

OR

The problem can be solved on the whole by generating a better type of a key on windows-side.

C:\Program Files (x86)\x2goclient\ssh-keygen -b 2048 -t rsa

And simply replacing c:\Users\User\.x2go\etc\ ssh_host_dsa_key and c:\Users\User\.x2go\etc\ ssh_host_dsa_key.pub with generated files.

Ssh-keygen supports RSA keys or even ecdsa.

 

Of course, It would be great to do it when installing mswin x2go client

 

2.  /usr/bin/x2gomountdirs line 312 starts sshfs connection this way:

if (system("timeout 30 sshfs $code_conv -o idmap=user,uid=`id -u`,gid=`id -g`,$umaskstr,ServerAliveInterval=300,Cipher=blowfish,IdentityFile=$key,UserKnownHostsFile=$key.ident \"$user\"\@$host:\"@dirs[$i]\" \"$mntpath\" -p $port 1>>$sessiondir/sshfs-mounts.log 2>&1")==0)

 

BUT!

=========================

Changes since OpenSSH 6.6

=========================

 

Potentially-incompatible changes

 

* sshd(8): The default set of ciphers and MACs has been altered to

   remove unsafe algorithms. In particular, CBC ciphers and arcfour*

   are disabled by default.

 

So to make it work you just delete Cipher=blowfish, out of the line like that:

if (system("timeout 30 sshfs $code_conv -o idmap=user,uid=`id -u`,gid=`id -g`,$umaskstr,ServerAliveInterval=300,IdentityFile=$key,UserKnownHostsFile=$key.ident \"$user\"\@$host:\"@dirs[$i]\" \"$mntpath\" -p $port 1>>$sessiondir/sshfs-mounts.log 2>&1")==0)

 

Actually this bug makes impossible shares mounting for all clients (not only windows) since November 2014. It means, since then folder mounting fails for anyone, who installs updates from time to time. o_O

 

3.  Windows 8 clients have a cygwin bug that prevent them from starting sshd properly, thus preventing them from mounting local folders:

Permissions 660 for '...' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
 
As it is the only key, sshd fails to start at all.
 
It is not a problem of x2go. But still, you can add to a wiki the following:
 
To test for this kind of error, you need to install mswin client with Debug Build and run it with debug shortcut.
If you see the error stated above, you simply set the following permissions to c:\Users\<Username>\.x2go\etc folder:
1.  OWNER – GROUP(!!!) Users (in fact, any group your user is in – Everyone, Administrators)
2.  Disable rights inheriting
3.  Delete all user rights
4.  Add only one rule to the rights – the group, that you have set the owner to – read and write.
 
It should not throw this error anymore.

  

 

 

Best regards,

Yahor Zaleski

Doctor Server, LLC, Minsk