[X2go-User] Problems with ssh keys and intermediate ssh hop
Mike Gabriel
mike.gabriel at das-netzwerkteam.de
Tue Jun 28 07:04:45 CEST 2011
Hi Karsten (good old friend!!!),
On Do 23 Jun 2011 16:07:23 CEST Karsten Heymann wrote:
> we're currently evaluating x2go on debian squeeze (server) / ubuntu
> natty (client). Basic functionality works, but some of our users will
> need access via an intermediate ssh hop. Now if the x2go clients (I
> tested x2goclient and pyhoca-gui) would honour ~/.ssh/config, I could
> simply roll out a ProxyCommand line, but so I have to resolve to setting
> up the relevant tunnels manually. pyhoca claims to have some support for
> intermediate hops, but I was not able to use it in any understandable
> way. What's the recommended way to achieve this feature?
x2goclient uses libssh for setting up the ssh connection. PyHoca-GUI
uses Python Paramiko for handling everything SSH'ish. Paramiko is not
able (without explicit coding) to handle SSH config files.
PyHoca-GUI can handle SSH proxying (forwarding tunnels) for SSH
connections. Please take a look at the profile manager in PyHoca-GUI
and esp a closer look at the connection settings. If this stays a
riddle, I can send you an example session profile config privately.
> Also, pyhoca-gui was not able to accept my rsa private key and claims
> it's a invalid dsa key (which is correct but not helpful ;) ).
This might just be a misleading error message. I always use RSA keys
with PyHOca-GUI and they work fine. The error message you encountered
could mean that the SSH priv key used with PyHoca-GUI is not in the
server-side authorized_keys file. The error message should honour this
experience and I should maybe rewrite it (it's a Paramiko message that
I catch up and push to libnotify->the-screen).
Greets,
Mike
--
DAS-NETZWERKTEAM
mike gabriel, dorfstr. 27, 24245 barmissen
fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digitale PGP-Unterschrift
URL: <http://lists.x2go.org/pipermail/x2go-user/attachments/20110628/067e9dfe/attachment.pgp>
More information about the x2go-user
mailing list