X2Go Bug report logs - #290
SSH key based authentication problems

version graph

Package: x2goclient; Maintainer for x2goclient is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goclient is src:x2goclient.

Reported by: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

Date: Tue, 27 Aug 2013 10:48:02 UTC

Severity: important

Tags: confirmed

Found in version 4.0.1.0

Full log


Message #5 received at submit@bugs.x2go.org (full text, mbox, reply):

Received: (at submit) by bugs.x2go.org; 27 Aug 2013 10:34:03 +0000
From mike.gabriel@das-netzwerkteam.de  Tue Aug 27 12:34:02 2013
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED
	autolearn=ham version=3.3.2
Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199])
	by ymir (Postfix) with ESMTPS id BC9455DB05
	for <submit@bugs.x2go.org>; Tue, 27 Aug 2013 12:34:02 +0200 (CEST)
Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98])
	by freya.das-netzwerkteam.de (Postfix) with ESMTPS id 2D8E71065
	for <submit@bugs.x2go.org>; Tue, 27 Aug 2013 12:34:02 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
	by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 076B43BF8D
	for <submit@bugs.x2go.org>; Tue, 27 Aug 2013 12:34:02 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de
Received: from grimnir.das-netzwerkteam.de ([127.0.0.1])
	by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id uko506S1CPKI for <submit@bugs.x2go.org>;
	Tue, 27 Aug 2013 12:34:01 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
	by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id D093C3BF8E
	for <submit@bugs.x2go.org>; Tue, 27 Aug 2013 12:34:01 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
	by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id B1E493BF8D
	for <submit@bugs.x2go.org>; Tue, 27 Aug 2013 12:34:01 +0200 (CEST)
Received: by grimnir.das-netzwerkteam.de (Postfix, from userid 33)
	id 55AC23BF8E; Tue, 27 Aug 2013 12:34:01 +0200 (CEST)
Received: from 194.242.20.98 ([194.242.20.98]) by mail.das-netzwerkteam.de
 (Horde Framework) with HTTP; Tue, 27 Aug 2013 12:34:01 +0200
Message-ID: <20130827123401.1559208fzp3qfrtl@mail.das-netzwerkteam.de>
X-Priority: 3 (Normal)
Date: Tue, 27 Aug 2013 12:34:01 +0200
From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
To: submit@bugs.x2go.org
Subject: SSH key based authentication problems
MIME-Version: 1.0
Content-Type: multipart/signed;
 boundary="=_1xgror3qjwd5";
 protocol="application/pgp-signature";
 micalg="pgp-sha1"
Content-Transfer-Encoding: 7bit
User-Agent: Internet Messaging Program (IMP) H3 (4.3.4)
[Message part 1 (text/plain, inline)]
Package: x2goclient
Tags: confirmed
Version: 4.0.1.0
Severity: important
x-debbugs-cc: software@matthiaskauer.com

I myself have also observed the issue reported by Matthias. Adding  
this as a bug. This should get fixed before the release of 4.0.1.1.

Mike

----- Weitergeleitete Nachricht von software@matthiaskauer.com -----
     Datum: Mon, 26 Aug 2013 23:54:55 +0200
       Von: Matthias Kauer <software@matthiaskauer.com>
   Betreff: [X2Go-User] Login via ~/.ssh/authorized_keys fails
        An: x2go-user@lists.berlios.de

Hi,
I am looking for input on how to set up an ssh key-based authentication.

I generated an RSA key pair with puttygen and added it to
~/.ssh/authorized_keys2 => confirmed that I can login with putty.
Now, I specify the same private key in x2goclient (windows). I enter my
password and I am then prompted for the password of the ssh key. I enter
it and the same ssh key password prompt reappears. This seems to be an
infinite loop. When I cancel it, I get a message saying that only
publickey is supported as login method (which corresponds to my
sshd_config settings).

I then tried renaming ~/.ssh/authorized_keys and using a DSA key pair.
putty still works as expected with both of these alternatives.
x2goclient still shows the same problems however. It only lets me login
if I adapt my sshd_config and authenticate via user / password combination.

Is this a known limitation?
What is the best way to achieve high security? Can I limit the x2go
connections to only LAN IPs (without restricting the pure ssh connections)?

Best Wishes,
Matthias Kauer
_______________________________________________
X2Go-User mailing list
X2Go-User@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/x2go-user


----- Ende der weitergeleiteten Nachricht -----


-- 

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
[Message part 2 (application/pgp-signature, inline)]

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Wed Dec 11 22:55:11 2024; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.