I guess to for completeness, if someone needs more help, the following
is the simple patch I am using (Ubuntu ppa server)
@@ -90,6 +90,7 @@
{
my ($uid, $uidNumber, $gidNumber, $home, $pubkey, $authkeyfile)=@_;
+ $pubkey =~ s/no-pty,//;
# rewrite %%, %u, %U, %G and %h in authkeyfile string
$authkeyfile =~ s/%u/$uid/;
$authkeyfile =~ s/%U/$uidNumber/;
On Tue, Jan 18, 2022 at 11:35 AM Brian Sanders
<brian.sand...@gmail.com> wrote:
Thank you, I was on the right track but this confirms it. I am
going to edit my ansible playbook to deploy this as a patch to the
file. Hopefully it will just keep working for a while.
Through digging around I can tell you that the broker is the one
which generates the keys. It then calls the server to add the
key, and passes the private key back to the client to then use in
the connection. So I am going to guess this is a bug in the
broker, surely this isn't intentional to exclude PTY in the key.
On Tue, Jan 18, 2022 at 9:52 AM Martin Lange <m.la...@pumpe24.de>
wrote:
Hi Brian,
I had the same problem using plasma.
This is because the generated ssh key includes a no-pty option.
I don't know where this key is generated, so I "hacked"
/usr/lib/x2go/x2gobroker-agent.pl <http://x2gobroker-agent.pl>
on every server and added
$pubkey =~ s/no-pty,//;
on the beginning of AddAuthKey() and DelAuthKey() functions
right before the line
$authkeyfile =~ s/%u/$uid/;
This removes this option from the key and works fine.
Keep in mind you have to do this after every update of x2go
server software.
Maybe someone can tell us where the key is generated (I assume
in the client executable?) - or even better - if there is a
configuration flag for no-pty?
Greetings
Martin
Am 18.01.22 um 15:33 schrieb Brian Sanders:
Actually, I also turned on debug on the client, and it seems
to indicate that I do auth, but am refused PTY access.
2go-DEBUG-../src/httpbrokerclient.cpp:684> Starting parser.
x2go-DEBUG-../src/httpbrokerclient.cpp:703> Server IP
address: "192.168.56.228"
x2go-DEBUG-../src/httpbrokerclient.cpp:704> Server port: "22"
x2go-DEBUG-../src/onmainwindow.cpp:3695> Server: "192.168.56.228"
x2go-INFO-8> "Starting connection to server:
192.168.56.228:22 <http://192.168.56.228:22>"
x2go-DEBUG-../src/onmainwindow.cpp:2853> Starting new ssh
connection to server:"192.168.56.228":"22" krbLogin: false
x2go-DEBUG-../src/sshmasterconnection.cpp:168>
SshMasterConnection, host "192.168.56.228"; port 22; user
"brians"; useproxy false; proxyserver ""; proxyport 22
x2go-DEBUG-../src/sshmasterconnection.cpp:248> Starting SSH
connection without Kerberos authentication.
x2go-DEBUG-../src/sshmasterconnection.cpp:250>
SshMasterConnection, instance
SshMasterConnection(0x7f05c0007c50) created.
x2go-DEBUG-../src/httpbrokerclient.cpp:717> Parsing has finished.
x2go-DEBUG-../src/sshmasterconnection.cpp:495>
SshMasterConnection, instance
SshMasterConnection(0x7f05c0007c50) entering thread.
x2go-DEBUG-../src/sshmasterconnection.cpp:797> Session port
before config file parse: 22
x2go-DEBUG-../src/sshmasterconnection.cpp:807> Session port
after config file parse: 22
x2go-DEBUG-../src/sshmasterconnection.cpp:870> Session port
before config file parse (part 2): 22
x2go-DEBUG-../src/sshmasterconnection.cpp:880> Session port
after config file parse (part 2): 22
x2go-DEBUG-../src/sshmasterconnection.cpp:904> cserverAuth
x2go-DEBUG-../src/sshmasterconnection.cpp:943> state: 1
x2go-DEBUG-../src/sshmasterconnection.cpp:1324> Trying to
authenticate user with private key.
x2go-DEBUG-../src/sshmasterconnection.cpp:1340> Temporarily
saved key in "/home/brians/.x2go/ssh/gen/key.DkiWvu"
x2go-DEBUG-../src/sshmasterconnection.cpp:1507>
Authenticating with key: 0
x2go-DEBUG-../src/sshmasterconnection.cpp:687> User
authentication OK.
x2go-DEBUG-../src/sshmasterconnection.cpp:1671>
"ssh_channel_request_pty failed": "Channel request pty-req
failed"
I do in fact allow PTY in the sshd_config, however doesn't
the broker disallow this with the key that it adds? I see it
adding the key with "no-X11-forwarding,no-pty,no-user-rc".
So is this not the key that gets used, and I still have some
sshd_config settings somewhere, or do I have to tell the
broker to allow this and it will update the key's settings?
On Tue, Jan 18, 2022 at 8:52 AM Brian Sanders
<brian.sand...@gmail.com> wrote:
I am trying to get the broker to work with the auto login
feature, and I can't seem to get it to work. I am using
an ansible playbook and building a broker, and then 2
workstations. I setup wks1 to autologin and wks2 with
out. I can use wks2 just fine, but when I try and use
wk1, It seems the new key is added, and the workstation
indicates that it accepts a session for my user. However
the X2go client then shows me a login/password box rather
than logging me into the session.
I have logs from the server and the workstation, can
someone help point me in the right direction?
Session configuration:
[DEFAULT]
command=TERMINAL
defsndport=true
useiconv=false
iconvfrom=UTF-8
height=600
width=800
export=
quality=9
fullscreen=false
layout=
useexports=true
speed=2
soundsystem=pulse
print=true
type=auto
sndport=4713
xinerama=true
variant=
usekbd=true
fstunnel=true
applications=TERMINAL,WWWBROWSER,MAILCLIENT,OFFICE
multidisp=false
sshproxyport=22
sound=true
rootless=true
iconvto=UTF-8
soundtunnel=true
dpi=96
sshport=22
setdpi=0
pack=16m-jpeg
directrdp=false
user=BROKER_USER
[[wks1]]
acl-groups-allow=test_group
broker-session-autologin=true
command=xfce
host=192.168.56.228
name=Molecule Wks1
[[wks2]]
command=xfce
host=192.168.56.229
name=Molecule Wks2
Broker logs:
==> /var/log/x2gobroker/broker.log <==
2022-01-18 13:45:07,395 - broker - INFO - client address
is 192.168.56.1
2022-01-18 13:45:07,397 - broker - DEBUG -
broker_username: brians, server_username: brians,
password: XXXXX, task: selectsession, profile_id: [wks1,
cookie: 83ddbd2d-c4ca-4f22-bb0b-b3629d522fc5
2022-01-18 13:45:07,397 - broker - DEBUG -
base_broker.X2GoBroker.check_access(): checking if our
configured cookie was submitted: False
2022-01-18 13:45:07,397 - broker - DEBUG -
base_broker.X2GoBroker.check_access(): found valid auth
key for user cookie:
brians_83ddbd2d-c4ca-4f22-bb0b-b3629d522fc5
2022-01-18 13:45:07,398 - broker - DEBUG -
base_broker.X2GoBroker.check_access(): Giving cookie:
0ca4bea5-f216-4f59-ae6b-1e103243814e to ip 192.168.56.1
2022-01-18 13:45:07,402 - broker - DEBUG -
base_broker.X2GoBroker.get_agent_query_mode(): found
default-agent-query-mode in global config section: ssh
2022-01-18 13:45:07,407 - broker - DEBUG -
base_broker.X2GoBroker.get_agent_hostkey_policy(): found
default-agent-hostkey-policy in global config section:
WarningPolicy
2022-01-18 13:45:07,475 - broker - INFO - Executing agent
command on remote host 192.168.56.228 (192.168.56.228):
sh -c '/usr/lib/x2go/x2gobroker-agent foo ping'
2022-01-18 13:45:08,258 - broker - INFO - Broker agent
answered: OK;
2022-01-18 13:45:08,304 - broker - INFO - Executing agent
command on remote host 192.168.56.228 (192.168.56.228):
sh -c '/usr/lib/x2go/x2gobroker-agent brians listsessions'
2022-01-18 13:45:09,164 - broker - INFO - Broker agent
answered: OK;
2022-01-18 13:45:09,165 - broker - DEBUG -
base_broker.X2GoBroker.get_agent_query_mode(): found
default-agent-query-mode in global config section: ssh
2022-01-18 13:45:09,165 - broker - DEBUG -
base_broker.X2GoBroker.get_portscan_x2goservers(): found
default-portscan-x2goservers in global config section: True
2022-01-18 13:45:09,167 - broker - DEBUG -
base_broker.X2GoBroker.get_session_autologin(): found
broker-session-autologin in session profile with ID
[wks1: True. This one has precendence over the default value.
2022-01-18 13:45:09,177 - broker - DEBUG -
base_broker.X2GoBroker.get_authorized_keys_file(): found
default-authorized-keys in global config section:
%h/.x2go/authorized_keys
2022-01-18 13:45:09,221 - broker - INFO - Executing agent
command on remote host 192.168.56.228 (192.168.56.228):
sh -c '/usr/lib/x2go/x2gobroker-agent brians addauthkey
"no-X11-forwarding,no-pty,no-user-rc ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQC5JtTMMkSa3yus8ciCIcYvzl7FYvEsFtoppLFyce3zEfc8+zg4xH3qSwDIHP/2f0nUBiuOESIRjsVQa0nIxjQljXegJO82p/6ixP1eZHzNZUuTCHBL4vA7QAVteHJgBFhUYz4rqPQIwyrQR9STu/cLu0fGIKvFxIf0LIC0zs2Xf+B6qQwoXQF4aR9G2AGOaeGcvwBItyLhVxWwzHmoxAHAqWMCisFPGACItfdDixhZl9IyCdcmsyFxWsndjgKPXAJGBxUREIkntaXgtZ7IrIDhrTtY9xWy0mJUwKlIdqluViMxyWagQM5TX38OVYH+fR2DaNV3WxCuO8pKHgH24ExV
brians@192.168.56.1" "%h/.x2go/authorized_keys"'
2022-01-18 13:45:09,921 - broker - INFO - Broker agent
answered: OK;
2022-01-18 13:45:09,921 - broker - DEBUG -
base_broker.X2GoBroker.get_authorized_keys_file(): found
default-authorized-keys in global config section:
%h/.x2go/authorized_keys
2022-01-18 13:45:09,923 - broker - DEBUG - Scheduled
deletion of authorized key in 20s: user=brians,
hostname=192.168.56.228, hostaddr=192.168.56.228
2022-01-18 13:45:29,981 - broker - INFO - Executing agent
command on remote host 192.168.56.228 (192.168.56.228):
sh -c '/usr/lib/x2go/x2gobroker-agent brians delauthkey
"no-X11-forwarding,no-pty,no-user-rc ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQC5JtTMMkSa3yus8ciCIcYvzl7FYvEsFtoppLFyce3zEfc8+zg4xH3qSwDIHP/2f0nUBiuOESIRjsVQa0nIxjQljXegJO82p/6ixP1eZHzNZUuTCHBL4vA7QAVteHJgBFhUYz4rqPQIwyrQR9STu/cLu0fGIKvFxIf0LIC0zs2Xf+B6qQwoXQF4aR9G2AGOaeGcvwBItyLhVxWwzHmoxAHAqWMCisFPGACItfdDixhZl9IyCdcmsyFxWsndjgKPXAJGBxUREIkntaXgtZ7IrIDhrTtY9xWy0mJUwKlIdqluViMxyWagQM5TX38OVYH+fR2DaNV3WxCuO8pKHgH24ExV
brians@192.168.56.1" "%h/.x2go/authorized_keys"'
2022-01-18 13:45:30,816 - broker - INFO - Broker agent
answered: OK;
Workstation auth.log
Jan 18 13:45:07 ubuntu-focal sshd[36704]: error:
kex_exchange_identification: Connection closed by remote host
Jan 18 13:45:07 ubuntu-focal sshd[36705]: error:
kex_exchange_identification: Connection closed by remote host
Jan 18 13:45:07 ubuntu-focal sshd[36706]: Accepted
publickey for x2gobroker from 192.168.56.230 port 58526
ssh2: RSA SHA256:dBs4pnJUuc0/h4OUI52+D8aKAbTaDC1QYtbB8/eH/l4
Jan 18 13:45:07 ubuntu-focal sshd[36706]:
pam_unix(sshd:session): session opened for user
x2gobroker by (uid=0)
Jan 18 13:45:07 ubuntu-focal systemd-logind[713]: New
session 32 of user x2gobroker.
Jan 18 13:45:07 ubuntu-focal systemd:
pam_unix(systemd-user:session): session opened for user
x2gobroker by (uid=0)
Jan 18 13:45:07 ubuntu-focal sshd[36706]:
pam_unix(sshd:session): session closed for user x2gobroker
Jan 18 13:45:07 ubuntu-focal systemd-logind[713]: Session
32 logged out. Waiting for processes to exit.
Jan 18 13:45:07 ubuntu-focal systemd-logind[713]: Removed
session 32.
Jan 18 13:45:07 ubuntu-focal sshd[36820]: error:
kex_exchange_identification: Connection closed by remote host
Jan 18 13:45:08 ubuntu-focal sshd[36821]: Accepted
publickey for x2gobroker from 192.168.56.230 port 58530
ssh2: RSA SHA256:dBs4pnJUuc0/h4OUI52+D8aKAbTaDC1QYtbB8/eH/l4
Jan 18 13:45:08 ubuntu-focal sshd[36821]:
pam_unix(sshd:session): session opened for user
x2gobroker by (uid=0)
Jan 18 13:45:08 ubuntu-focal systemd-logind[713]: New
session 34 of user x2gobroker.
Jan 18 13:45:08 ubuntu-focal sudo: root : TTY=unknown
; PWD=/var/lib/x2gobroker ; USER=brians ;
COMMAND=/usr/bin/x2golistsessions --all-servers
Jan 18 13:45:08 ubuntu-focal sudo:
pam_unix(sudo:session): session opened for user brians by
(uid=0)
Jan 18 13:45:08 ubuntu-focal sudo:
pam_unix(sudo:session): session closed for user brians
Jan 18 13:45:08 ubuntu-focal sshd[36821]:
pam_unix(sshd:session): session closed for user x2gobroker
Jan 18 13:45:08 ubuntu-focal systemd-logind[713]: Session
34 logged out. Waiting for processes to exit.
Jan 18 13:45:08 ubuntu-focal systemd-logind[713]: Removed
session 34.
Jan 18 13:45:08 ubuntu-focal sshd[36921]: error:
kex_exchange_identification: Connection closed by remote host
Jan 18 13:45:08 ubuntu-focal sshd[36922]: error:
kex_exchange_identification: Connection closed by remote host
Jan 18 13:45:08 ubuntu-focal sshd[36923]: Accepted
publickey for x2gobroker from 192.168.56.230 port 58536
ssh2: RSA SHA256:dBs4pnJUuc0/h4OUI52+D8aKAbTaDC1QYtbB8/eH/l4
Jan 18 13:45:08 ubuntu-focal sshd[36923]:
pam_unix(sshd:session): session opened for user
x2gobroker by (uid=0)
Jan 18 13:45:08 ubuntu-focal systemd-logind[713]: New
session 35 of user x2gobroker.
Jan 18 13:45:09 ubuntu-focal sudo: root : TTY=unknown
; PWD=/var/lib/x2gobroker ; USER=brians ;
COMMAND=/usr/bin/mkdir -p /home/brians/.x2go
Jan 18 13:45:09 ubuntu-focal sudo:
pam_unix(sudo:session): session opened for user brians by
(uid=0)
Jan 18 13:45:09 ubuntu-focal sudo:
pam_unix(sudo:session): session closed for user brians
Jan 18 13:45:09 ubuntu-focal sudo: root : TTY=unknown
; PWD=/var/lib/x2gobroker ; USER=brians ;
COMMAND=/usr/bin/touch /home/brians/.x2go/authorized_keys
Jan 18 13:45:09 ubuntu-focal sudo:
pam_unix(sudo:session): session opened for user brians by
(uid=0)
Jan 18 13:45:09 ubuntu-focal sudo:
pam_unix(sudo:session): session closed for user brians
Jan 18 13:45:09 ubuntu-focal sudo: root : TTY=unknown
; PWD=/var/lib/x2gobroker ; USER=brians ;
COMMAND=/usr/bin/cat /home/brians/.x2go/authorized_keys
Jan 18 13:45:09 ubuntu-focal sudo:
pam_unix(sudo:session): session opened for user brians by
(uid=0)
Jan 18 13:45:09 ubuntu-focal sudo:
pam_unix(sudo:session): session closed for user brians
Jan 18 13:45:09 ubuntu-focal sudo: root : TTY=unknown
; PWD=/var/lib/x2gobroker ; USER=brians ;
COMMAND=/usr/bin/tee -a /home/brians/.x2go/authorized_keys
Jan 18 13:45:09 ubuntu-focal sudo:
pam_unix(sudo:session): session opened for user brians by
(uid=0)
Jan 18 13:45:09 ubuntu-focal sudo:
pam_unix(sudo:session): session closed for user brians
Jan 18 13:45:09 ubuntu-focal sshd[36923]:
pam_unix(sshd:session): session closed for user x2gobroker
Jan 18 13:45:09 ubuntu-focal systemd-logind[713]: Session
35 logged out. Waiting for processes to exit.
Jan 18 13:45:09 ubuntu-focal systemd-logind[713]: Removed
session 35.
Jan 18 13:45:09 ubuntu-focal sshd[37020]: Accepted
publickey for brians from 192.168.56.1 port 42394 ssh2:
RSA SHA256:4fPeupT3DmbLhiYOu08NOn1H8wYDYxEVVpHSg+gWLtw
Jan 18 13:45:09 ubuntu-focal sshd[37020]:
pam_unix(sshd:session): session opened for user brians by
(uid=0)
Jan 18 13:45:09 ubuntu-focal systemd-logind[713]: New
session 36 of user brians.
Jan 18 13:45:09 ubuntu-focal systemd:
pam_unix(systemd-user:session): session opened for user
brians by (uid=0)
Jan 18 13:45:10 ubuntu-focal sshd[37020]:
pam_unix(sshd:session): session closed for user brians
Jan 18 13:45:10 ubuntu-focal systemd-logind[713]: Session
36 logged out. Waiting for processes to exit.
Jan 18 13:45:10 ubuntu-focal systemd-logind[713]: Removed
session 36.
Jan 18 13:45:29 ubuntu-focal sshd[37159]: error:
kex_exchange_identification: Connection closed by remote host
Jan 18 13:45:29 ubuntu-focal sshd[37160]: Accepted
publickey for x2gobroker from 192.168.56.230 port 58540
ssh2: RSA SHA256:dBs4pnJUuc0/h4OUI52+D8aKAbTaDC1QYtbB8/eH/l4
Jan 18 13:45:29 ubuntu-focal sshd[37160]:
pam_unix(sshd:session): session opened for user
x2gobroker by (uid=0)
Jan 18 13:45:29 ubuntu-focal systemd-logind[713]: New
session 38 of user x2gobroker.
Jan 18 13:45:29 ubuntu-focal systemd:
pam_unix(systemd-user:session): session opened for user
x2gobroker by (uid=0)
Jan 18 13:45:30 ubuntu-focal sudo: root : TTY=unknown
; PWD=/var/lib/x2gobroker ; USER=brians ;
COMMAND=/usr/bin/sed -e
s!^no-X11-forwarding,no-pty,no-user-rc ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQC5JtTMMkSa3yus8ciCIcYvzl7FYvEsFtoppLFyce3zEfc8+zg4xH3qSwDIHP/2f0nUBiuOESIRjsVQa0nIxjQljXegJO82p/6ixP1eZHzNZUuTCHBL4vA7QAVteHJgBFhUYz4rqPQIwyrQR9STu/cLu0fGIKvFxIf0LIC0zs2Xf+B6qQwoXQF4aR9G2AGOaeGcvwBItyLhVxWwzHmoxAHAqWMCisFPGACItfdDixhZl9IyCdcmsyFxWsndjgKPXAJGBxUREIkntaXgtZ7IrIDhrTtY9xWy0mJUwKlIdqluViMxyWagQM5TX38OVYH+fR2DaNV3WxCuO8pKHgH24ExV
brians@192.168.56.1$!! -e /^$/d -i
/home/brians/.x2go/authorized_keys
Jan 18 13:45:30 ubuntu-focal sudo:
pam_unix(sudo:session): session opened for user brians by
(uid=0)
Jan 18 13:45:30 ubuntu-focal sudo:
pam_unix(sudo:session): session closed for user brians
Jan 18 13:45:30 ubuntu-focal sshd[37160]:
pam_unix(sshd:session): session closed for user x2gobroker
Jan 18 13:45:30 ubuntu-focal systemd-logind[713]: Session
38 logged out. Waiting for processes to exit.
Jan 18 13:45:30 ubuntu-focal systemd-logind[713]: Removed
session 38.
Jan 18 13:45:32 ubuntu-focal dbus-daemon[701]: [system]
Failed to activate service 'org.bluez': timed out
(service_start_timeout=25000ms)
_______________________________________________
x2go-user mailing list
x2go-user@lists.x2go.org
https://lists.x2go.org/listinfo/x2go-user
_______________________________________________
x2go-user mailing list
x2go-user@lists.x2go.org
https://lists.x2go.org/listinfo/x2go-user
_______________________________________________
x2go-user mailing list
x2go-user@lists.x2go.org
https://lists.x2go.org/listinfo/x2go-user