Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Matthias Kauer <software-BcOvE4HMK+oBgvTcOBJZHwC/G2K4zDHf <at> public.gmane.org>
Subject: Re: Login via ~/.ssh/authorized_keys fails
Newsgroups: gmane.linux.terminal-server.x2go.user
Date: Wednesday 28th August 2013 21:15:30 UTC (over 3 years ago)
Hi Mike,
thanks for the confirmation and the submission.

If anyone is interested, one thing I did for now, to address this issue
was to allow password-based access from my LAN addresses as described
here:
http://askubuntu.com/questions/101670/how-can-i-allow-ssh-password-authentication-from-only-certain-ip-addresses
(Note that the match block should be at the end of sshd_config file as
it affects all statements below it if I understand it correctly)

Use a |Match| block in |/etc/ssh/sshd_config|.

|PasswordAuthentication no

Match address 192.0.2.0/24
    PasswordAuthentication yes
|

Best,
Matthias

PS: Is there a comfortable way to reply to individual messages from the
digest email that doesn't involve plenty of copy &paste + praying that
it will be sorted correctly like just now? Probably no, right?

On 28/8/2013 12:00 PM,
[email protected] wrote:
> Hi Matthias,
>
> On Mo 26 Aug 2013 23:54:55 CEST Matthias Kauer wrote:
>
>> Hi,
>> I am looking for input on how to set up an ssh key-based authentication.
>>
>> I generated an RSA key pair with puttygen and added it to
>> ~/.ssh/authorized_keys2 => confirmed that I can login with putty.
>> Now, I specify the same private key in x2goclient (windows). I enter my
>> password and I am then prompted for the password of the ssh key. I enter
>> it and the same ssh key password prompt reappears. This seems to be an
>> infinite loop. When I cancel it, I get a message saying that only
>> publickey is supported as login method (which corresponds to my
>> sshd_config settings).
>>
>> I then tried renaming ~/.ssh/authorized_keys and using a DSA key pair.
>> putty still works as expected with both of these alternatives.
>> x2goclient still shows the same problems however. It only lets me login
>> if I adapt my sshd_config and authenticate via user / password
combination.
>>
>> Is this a known limitation?
>> What is the best way to achieve high security? Can I limit the x2go
>> connections to only LAN IPs (without restricting the pure ssh
connections)?
> I have just forwarded this issue to our bug tracker. I have observed  
> similar irregularities that desperately need a fix.
>
> Mike
>
>
 
CD: 13ms