From mike.gabriel@das-netzwerkteam.de Tue Aug 27 12:34:02 2013 Received: (at submit) by bugs.x2go.org; 27 Aug 2013 10:34:03 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199]) by ymir (Postfix) with ESMTPS id BC9455DB05 for ; Tue, 27 Aug 2013 12:34:02 +0200 (CEST) Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98]) by freya.das-netzwerkteam.de (Postfix) with ESMTPS id 2D8E71065 for ; Tue, 27 Aug 2013 12:34:02 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 076B43BF8D for ; Tue, 27 Aug 2013 12:34:02 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de Received: from grimnir.das-netzwerkteam.de ([127.0.0.1]) by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uko506S1CPKI for ; Tue, 27 Aug 2013 12:34:01 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id D093C3BF8E for ; Tue, 27 Aug 2013 12:34:01 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id B1E493BF8D for ; Tue, 27 Aug 2013 12:34:01 +0200 (CEST) Received: by grimnir.das-netzwerkteam.de (Postfix, from userid 33) id 55AC23BF8E; Tue, 27 Aug 2013 12:34:01 +0200 (CEST) Received: from 194.242.20.98 ([194.242.20.98]) by mail.das-netzwerkteam.de (Horde Framework) with HTTP; Tue, 27 Aug 2013 12:34:01 +0200 Message-ID: <20130827123401.1559208fzp3qfrtl@mail.das-netzwerkteam.de> X-Priority: 3 (Normal) Date: Tue, 27 Aug 2013 12:34:01 +0200 From: Mike Gabriel To: submit@bugs.x2go.org Subject: SSH key based authentication problems MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=_1xgror3qjwd5"; protocol="application/pgp-signature"; micalg="pgp-sha1" Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) H3 (4.3.4) This message is in MIME format and has been PGP signed. --=_1xgror3qjwd5 Content-Type: text/plain; charset=UTF-8; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: 7bit Package: x2goclient Tags: confirmed Version: 4.0.1.0 Severity: important x-debbugs-cc: software@matthiaskauer.com I myself have also observed the issue reported by Matthias. Adding this as a bug. This should get fixed before the release of 4.0.1.1. Mike ----- Weitergeleitete Nachricht von software@matthiaskauer.com ----- Datum: Mon, 26 Aug 2013 23:54:55 +0200 Von: Matthias Kauer Betreff: [X2Go-User] Login via ~/.ssh/authorized_keys fails An: x2go-user@lists.berlios.de Hi, I am looking for input on how to set up an ssh key-based authentication. I generated an RSA key pair with puttygen and added it to ~/.ssh/authorized_keys2 => confirmed that I can login with putty. Now, I specify the same private key in x2goclient (windows). I enter my password and I am then prompted for the password of the ssh key. I enter it and the same ssh key password prompt reappears. This seems to be an infinite loop. When I cancel it, I get a message saying that only publickey is supported as login method (which corresponds to my sshd_config settings). I then tried renaming ~/.ssh/authorized_keys and using a DSA key pair. putty still works as expected with both of these alternatives. x2goclient still shows the same problems however. It only lets me login if I adapt my sshd_config and authenticate via user / password combination. Is this a known limitation? What is the best way to achieve high security? Can I limit the x2go connections to only LAN IPs (without restricting the pure ssh connections)? Best Wishes, Matthias Kauer _______________________________________________ X2Go-User mailing list X2Go-User@lists.berlios.de https://lists.berlios.de/mailman/listinfo/x2go-user ----- Ende der weitergeleiteten Nachricht ----- -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb --=_1xgror3qjwd5 Content-Type: application/pgp-signature Content-Description: Digitale PGP-Unterschrift Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAABAgAGBQJSHICZAAoJEJr0azAldxsxpZUQAKKNEzTb5GAq/9kEuvqMY8TI hx7PmuNL2/SXSF/AVlqSMZsyuFLTz8M6SXcekdJb9VIHQalRiN0/M/EFI81utJap 8MXgfpJvFkyUZP7xcO4RIBImVeOt1Rn7/qH45X5bikEwYBhJVMKj7ioaEVjV1eox UoP5QJoVCQaJWwqiGPEjP4Kqsch19dSPviv9kg8Fh5ZguaYJdfvkitLd/xJ9LrXT 3deYHDH5/GuSrKC7gqe+BQj7nZk0KS0bki7IoR4HKYeJSjJmaoJbv8u1nFZrvv59 VsE216WnS2gYTA+YfF11jZF7Jq/LDFCtlaP/g0gHgKg4yU2BG8alxkezpvxCjrjx PnR+Nc7ndMO5JGSTTk+Ec1zK7s3boDGNKYTDCO78CQ56NlEfps94ZVCGhLsELibN Djs0vs4CXtiWxbcmseStLz68YmmNHT5/zz85lQqvrUwJB9AJgCBcl+t6pK4N1BSO N6jfFNTroiP9RkcrpRyaEQu07S3t8Q6YuUWq9/eh1C53vRoddHHxyihf5fGj0hKz xdUCD4erodEiG6PH7ctlplUgDSRmP3cp31JhndPYgPLPfRGaW/hWEaSVo/Iksekk uDoj7hAHa8CiP4TYJrSE/zHn9/MM9cgGq/y2VpKikc8puIfgx2ORqhux3//0OUK6 +uK/rXPUIM6D9TvuxcIA =l7u8 -----END PGP SIGNATURE----- --=_1xgror3qjwd5--