Re: [X2Go-User] Problem connecting to Centos 7 (x2go 4.0.1.19).
Ill keep investigating. Many thanks for your input. Best wishes, Will. Sent:Thursday, August 06, 2015 at 1:10 AM From:Mihai Moldovan io...@ionic.de To:Will Smith _wi...@mail.com, x2go-user@lists.x2go.org Subject:Re: [X2Go-User] Problem connecting to Centos 7 (x2go 4.0.1.19). On 05.08.2015 06:37 PM, Will Smith wrote: Dear Mahai, Many thanks for your response. I can ssh localhost from the server no problems. I wasnt talking just about connecting to localhost:22, but connections to localhost with random ports. Indeed, all services on localhost are trsuted. Having investigated further, I can see that it uses the public IP address when attempting to bind to localhost rather than 127.0.0.1 when firewalld is running. Cf. with firewalld running, the logs contain Info: Agent running with pid 204654. Session: Starting session at Wed Aug 5 14:57:49 2015. Info: Proxy running in server mode with pid 204654. Info: Waiting for connection from localhost on port 30011. Warning: Refusing connection from 131.***.***.100. 100 on port 30011, Urgh, yeah. It checks whether the connection comes from 127.0.0.1. If your localhost entry does not map to that, connections WILL fail. and Im unable to connect, but after stopping the firewalld service, and reconnecting, they contain Info: Agent running with pid 214487. Session: Starting session at Wed Aug 5 15:19:53 2015. Info: Proxy running in server mode with pid 214487. Info: Waiting for connection from localhost on port 30011. Info: Accepted connection from 127.0.0.1. Info: Connection with remote proxy completed. and I can connect no problem. The routing table is the same in both cases. My /etc/hosts file contains the localhost line first and the public hostname/IP address line second. Perhaps this is more of a firewalld question, but any further light which can be shed on the issue would be most useful. Maybe your resolver does weird things with firewalld running? In any case, whether firewalld is running or not, localhost should (not just for X2Go, but in general) not resolve to a public IP address. Sadly I have no idea what could be misbehaving, other than the resolver. The hosts file should be prioritized in /etc/nsswitch.conf, but theres probably ways to screw that up. Mihai ___ x2go-user mailing list x2go-user@lists.x2go.org http://lists.x2go.org/listinfo/x2go-user
Re: [X2Go-User] Problem connecting to Centos 7 (x2go 4.0.1.19).
On 05.08.2015 03:30 PM, Will Smith wrote: Dear All, I'm having a stange problem when attemping to connect to my Centos server using x2goclients (Ubuntu mac, 4.0.5.0). I'm running firewalld, but port 22 is unblocked and I am able to ssh into the machine and forward X traffic. When accessing from both a mac and an ubuntu client the session appears to start, but then immediately disconnects. The client logs say: Info: Proxy running in client mode with pid '12054'. Session: Starting session at 'Wed Aug 5 12:38:47 2015'. Info: Using abstract X11 socket in kernel namespace for accessing DISPLAY=:0. Info: Connecting to remote host 'localhost:31003'. Info: Connection to remote proxy 'localhost:31003' established. Error: The remote NX proxy closed the connection. Error: Failure negotiating the session in stage '7'. Error: Wrong version or invalid session authentication cookie. Session: Terminating session at 'Wed Aug 5 12:38:53 2015'. Session: Session terminated at 'Wed Aug 5 12:38:53 2015'. If I attempt to reconnect, I can see the session, but am unable to resume it. The strange thing is that if I stop firewalld, I'm able to access the server from both clients with no issues, which implies it's a firewall issue, but as I say port 22 is unblocked and I can forward X traffic. Is there some other obvious firewall setting I've failed do? Any assistance in fixing or diagnosing this issue would be highly appreciated. X2Go makes extensive use of SSH tunnels. I suspect your firewall is too strict and denies access from localhost to localhost. Please make sure that locally, all connections are allowed. Mihai signature.asc Description: OpenPGP digital signature ___ x2go-user mailing list x2go-user@lists.x2go.org http://lists.x2go.org/listinfo/x2go-user
Re: [X2Go-User] Problem connecting to Centos 7 (x2go 4.0.1.19).
Dear Mahai, Many thanks for your response. I can ssh localhost from the server no problems. Indeed, all services on localhost are trsuted. Having investigated further, I can see that it uses the public IP address when attempting to bind to localhost rather than 127.0.0.1 when firewalld is running. Cf.with firewalld running, the logs contain Info: Agent running with pid 204654. Session: Starting session at Wed Aug 5 14:57:49 2015. Info: Proxy running in server mode with pid 204654. Info: Waiting for connection from localhost on port 30011. Warning: Refusing connection from 131.***.***.100. 100 on port 30011, and Im unable to connect, but after stopping the firewalld service, and reconnecting, they contain Info: Agent running with pid 214487. Session: Starting session at Wed Aug 5 15:19:53 2015. Info: Proxy running in server mode with pid 214487. Info: Waiting for connection from localhost on port 30011. Info: Accepted connection from 127.0.0.1. Info: Connection with remote proxy completed. and I can connect no problem. The routing table is the same in both cases. My /etc/hosts file contains the localhost line first and the public hostname/IP address line second.Perhaps this is more of a firewalld question, but any further light which can be shed on the issue would be most useful. Many thanks, Will. Sent:Wednesday, August 05, 2015 at 5:10 PM From:Mihai Moldovan io...@ionic.de To:Will Smith _wi...@mail.com, x2go-user@lists.x2go.org Subject:Re: [X2Go-User] Problem connecting to Centos 7 (x2go 4.0.1.19). On 05.08.2015 03:30 PM, Will Smith wrote: Dear All, Im having a stange problem when attemping to connect to my Centos server using x2goclients (Ubuntu mac, 4.0.5.0). Im running firewalld, but port 22 is unblocked and I am able to ssh into the machine and forward X traffic. When accessing from both a mac and an ubuntu client the session appears to start, but then immediately disconnects. The client logs say: Info: Proxy running in client mode with pid 12054. Session: Starting session at Wed Aug 5 12:38:47 2015. Info: Using abstract X11 socket in kernel namespace for accessing DISPLAY=:0. Info: Connecting to remote host localhost:31003. Info: Connection to remote proxy localhost:31003 established. Error: The remote NX proxy closed the connection. Error: Failure negotiating the session in stage 7. Error: Wrong version or invalid session authentication cookie. Session: Terminating session at Wed Aug 5 12:38:53 2015. Session: Session terminated at Wed Aug 5 12:38:53 2015. If I attempt to reconnect, I can see the session, but am unable to resume it. The strange thing is that if I stop firewalld, Im able to access the server from both clients with no issues, which implies its a firewall issue, but as I say port 22 is unblocked and I can forward X traffic. Is there some other obvious firewall setting Ive failed do? Any assistance in fixing or diagnosing this issue would be highly appreciated. X2Go makes extensive use of SSH tunnels. I suspect your firewall is too strict and denies access from localhost to localhost. Please make sure that locally, all connections are allowed. Mihai ___ x2go-user mailing list x2go-user@lists.x2go.org http://lists.x2go.org/listinfo/x2go-user
Re: [X2Go-User] Problem connecting to Centos 7 (x2go 4.0.1.19).
On 05.08.2015 06:37 PM, Will Smith wrote: Dear Mahai, Many thanks for your response. I can ssh localhost from the server no problems. I wasn't talking just about connecting to localhost:22, but connections to localhost with random ports. Indeed, all services on localhost are trsuted. Having investigated further, I can see that it uses the public IP address when attempting to bind to localhost rather than 127.0.0.1 when firewalld is running. Cf. with firewalld running, the logs contain Info: Agent running with pid '204654'. Session: Starting session at 'Wed Aug 5 14:57:49 2015'. Info: Proxy running in server mode with pid '204654'. Info: Waiting for connection from 'localhost' on port '30011'. Warning: Refusing connection from '131.***.***.100'. 100' on port '30011', Urgh, yeah. It checks whether the connection comes from 127.0.0.1. If your localhost entry does not map to that, connections WILL fail. and I'm unable to connect, but after stopping the firewalld service, and reconnecting, they contain Info: Agent running with pid '214487'. Session: Starting session at 'Wed Aug 5 15:19:53 2015'. Info: Proxy running in server mode with pid '214487'. Info: Waiting for connection from 'localhost' on port '30011'. Info: Accepted connection from '127.0.0.1'. Info: Connection with remote proxy completed. and I can connect no problem. The routing table is the same in both cases. My /etc/hosts file contains the localhost line first and the public hostname/IP address line second. Perhaps this is more of a firewalld question, but any further light which can be shed on the issue would be most useful. Maybe your resolver does weird things with firewalld running? In any case, whether firewalld is running or not, localhost should (not just for X2Go, but in general) not resolve to a public IP address. Sadly I have no idea what could be misbehaving, other than the resolver. The hosts file should be prioritized in /etc/nsswitch.conf, but there's probably ways to screw that up. Mihai signature.asc Description: OpenPGP digital signature ___ x2go-user mailing list x2go-user@lists.x2go.org http://lists.x2go.org/listinfo/x2go-user
