[X2Go-Dev] Bug#290: SSH key based authentication problems

Matthias Kauer software at matthiaskauer.com
Wed Aug 28 23:12:22 CEST 2013 

Hi Mike,
thanks for the confirmation and the submission.

If anyone is interested, one thing I did for now, to address this issue
was to allow password-based access from my LAN addresses as described
here:
http://askubuntu.com/questions/101670/how-can-i-allow-ssh-password-authentication-from-only-certain-ip-addresses
(Note that the match block should be at the end of sshd_config file as
it affects all statements below it if I understand it correctly)

Use a |Match| block in |/etc/ssh/sshd_config|.

|PasswordAuthentication no

Match address 192.0.2.0/24
    PasswordAuthentication yes
|

Best,
Matthias

On 27/8/2013 12:34 PM, Mike Gabriel wrote:
> Package: x2goclient
> Tags: confirmed
> Version: 4.0.1.0
> Severity: important
> x-debbugs-cc: software at matthiaskauer.com
>
> I myself have also observed the issue reported by Matthias. Adding
> this as a bug. This should get fixed before the release of 4.0.1.1.
>
> Mike
>
> ----- Weitergeleitete Nachricht von software at matthiaskauer.com -----
>      Datum: Mon, 26 Aug 2013 23:54:55 +0200
>        Von: Matthias Kauer <software at matthiaskauer.com>
>    Betreff: [X2Go-User] Login via ~/.ssh/authorized_keys fails
>         An: x2go-user at lists.berlios.de
>
> Hi,
> I am looking for input on how to set up an ssh key-based authentication.
>
> I generated an RSA key pair with puttygen and added it to
> ~/.ssh/authorized_keys2 => confirmed that I can login with putty.
> Now, I specify the same private key in x2goclient (windows). I enter my
> password and I am then prompted for the password of the ssh key. I enter
> it and the same ssh key password prompt reappears. This seems to be an
> infinite loop. When I cancel it, I get a message saying that only
> publickey is supported as login method (which corresponds to my
> sshd_config settings).
>
> I then tried renaming ~/.ssh/authorized_keys and using a DSA key pair.
> putty still works as expected with both of these alternatives.
> x2goclient still shows the same problems however. It only lets me login
> if I adapt my sshd_config and authenticate via user / password
> combination.
>
> Is this a known limitation?
> What is the best way to achieve high security? Can I limit the x2go
> connections to only LAN IPs (without restricting the pure ssh
> connections)?
>
> Best Wishes,
> Matthias Kauer
> _______________________________________________
> X2Go-User mailing list
> X2Go-User at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/x2go-user
>
>
> ----- Ende der weitergeleiteten Nachricht -----
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20130828/769e7145/attachment.html>

More information about the x2go-dev mailing list