From unknown Fri Mar 29 02:18:54 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#290: [X2Go-Dev] Bug#290: SSH key based authentication problems Reply-To: Stefan Baur , 290@bugs.x2go.org Resent-From: Stefan Baur Resent-To: x2go-dev@lists.berlios.de Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Tue, 27 Aug 2013 12:18:02 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: followup 290 X-X2Go-PR-Package: x2goclient X-X2Go-PR-Keywords: confirmed Received: via spool by 290-submit@bugs.x2go.org id=B290.13776058372998 (code B ref 290); Tue, 27 Aug 2013 12:18:02 +0000 Received: (at 290) by bugs.x2go.org; 27 Aug 2013 12:17:17 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_PASS, URIBL_BLOCKED autolearn=ham version=3.3.2 X-Greylist: delayed 452 seconds by postgrey-1.34 at ymir; Tue, 27 Aug 2013 14:17:16 CEST Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.187]) by ymir (Postfix) with ESMTP id C271F5DB05; Tue, 27 Aug 2013 14:17:16 +0200 (CEST) Received: from [192.168.0.3] (HSI-KBW-149-172-200-27.hsi13.kabel-badenwuerttemberg.de [149.172.200.27]) by mrelayeu.kundenserver.de (node=mreu4) with ESMTP (Nemesis) id 0M6c88-1VzUm32Hdk-00wW9v; Tue, 27 Aug 2013 14:04:39 +0200 Message-ID: <521C95D7.2080508@stefanbaur.de> Date: Tue, 27 Aug 2013 14:04:39 +0200 From: Stefan Baur User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20130801 Thunderbird/17.0.8 MIME-Version: 1.0 To: Mike Gabriel , 290@bugs.x2go.org, x2go-dev@lists.berlios.de CC: submit@bugs.x2go.org References: <20130827123401.1559208fzp3qfrtl@mail.das-netzwerkteam.de> In-Reply-To: <20130827123401.1559208fzp3qfrtl@mail.das-netzwerkteam.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Provags-ID: V02:K0:G3EDX8+ZrVlG96hngm0E+Ikj52unmIqEVFOA/jX5+tH 4mEB5/DVsxsZb6qKaVBHPgsxOBvyObDb9y/1zHIYlBrylnFWKG 1GAqOcszRqtS8mfiqK6lKkI6rHL1k84xbmWDcMsiPX8v8hKEvp 0iwjYVQsljfLhr9bS0BvAebkflIlSa8sbQJ4IqUvxVSHa3fbCp 5t2olkjCtB7kSpmp4UfWzvUt+ap/BKFq6jpnedFd4vMdrWdpp/ 06b93w1Kg2z+v/eRn4/2L1s/8ZkgnikjbSAmzg+gn+4d6pKRuQ Xo6igwwDceXZv6Ac4TLWsShVzs7JlRQmmbC5koMn4rczpbyhxn zm52RwSgTM5Pq9ubEd2WiHO9VAN7z9xH4qa6U67t2 Hi Guys! As a suggestion/workaround: I am using Pageant from the PuTTY suite, this is where I have my users load their keys. Pageant is a SSH agent for Windows, under the same license as PuTTY and PuTTYgen. The reason why I'm using it is that my users also use WinSCP for file transfers and thus have to authenticate only once - when loading/unlocking their key file in pageant. Thus, I'm telling both x2goclient and WinSCP to use the SSH agent, and everything works (for me). Please ALSO note that PuTTYgen saves the private key files in its own special format (as indicated by the *.ppk extension). You might have to use one of the "Export" Options in PuTTYgen's "Conversions" menu so that x2goclient is able to process the key. -Stefan Am 27.08.2013 12:34, schrieb Mike Gabriel: > Package: x2goclient > Tags: confirmed > Version: 4.0.1.0 > Severity: important > x-debbugs-cc: software@matthiaskauer.com > > I myself have also observed the issue reported by Matthias. Adding > this as a bug. This should get fixed before the release of 4.0.1.1. > > Mike > > ----- Weitergeleitete Nachricht von software@matthiaskauer.com ----- > Datum: Mon, 26 Aug 2013 23:54:55 +0200 > Von: Matthias Kauer > Betreff: [X2Go-User] Login via ~/.ssh/authorized_keys fails > An: x2go-user@lists.berlios.de > > Hi, > I am looking for input on how to set up an ssh key-based authentication. > > I generated an RSA key pair with puttygen and added it to > ~/.ssh/authorized_keys2 => confirmed that I can login with putty. > Now, I specify the same private key in x2goclient (windows). I enter my > password and I am then prompted for the password of the ssh key. I enter > it and the same ssh key password prompt reappears. This seems to be an > infinite loop. When I cancel it, I get a message saying that only > publickey is supported as login method (which corresponds to my > sshd_config settings). > > I then tried renaming ~/.ssh/authorized_keys and using a DSA key pair. > putty still works as expected with both of these alternatives. > x2goclient still shows the same problems however. It only lets me login > if I adapt my sshd_config and authenticate via user / password > combination. > > Is this a known limitation? > What is the best way to achieve high security? Can I limit the x2go > connections to only LAN IPs (without restricting the pure ssh > connections)? > > Best Wishes, > Matthias Kauer > _______________________________________________ > X2Go-User mailing list > X2Go-User@lists.berlios.de > https://lists.berlios.de/mailman/listinfo/x2go-user > > > ----- Ende der weitergeleiteten Nachricht ----- > > > > > _______________________________________________ > X2Go-Dev mailing list > X2Go-Dev@lists.berlios.de > https://lists.berlios.de/mailman/listinfo/x2go-dev