[X2go-User] Problems with ssh keys and intermediate ssh hop

Mike Gabriel mike.gabriel at das-netzwerkteam.de
Tue Jun 28 07:04:45 CEST 2011 

Hi Karsten (good old friend!!!),

On Do 23 Jun 2011 16:07:23 CEST Karsten Heymann wrote:

> we're currently evaluating x2go on debian squeeze (server) / ubuntu
> natty (client). Basic functionality works, but some of our users will
> need access via an intermediate ssh hop. Now if the x2go clients (I
> tested x2goclient and pyhoca-gui) would honour ~/.ssh/config, I could
> simply roll out a ProxyCommand line, but so I have to resolve to setting
> up the relevant tunnels manually. pyhoca claims to have some support for
> intermediate hops, but I was not able to use it in any understandable
> way. What's the recommended way to achieve this feature?

x2goclient uses libssh for setting up the ssh connection. PyHoca-GUI  
uses Python Paramiko for handling everything SSH'ish. Paramiko is not  
able (without explicit coding) to handle SSH config files.

PyHoca-GUI can handle SSH proxying (forwarding tunnels) for SSH  
connections. Please take a look at the profile manager in PyHoca-GUI  
and esp a closer look at the connection settings. If this stays a  
riddle, I can send you an example session profile config privately.

> Also, pyhoca-gui was not able to accept my rsa private key and claims
> it's a invalid dsa key (which is correct but not helpful ;) ).

This might just be a misleading error message. I always use RSA keys  
with PyHOca-GUI and they work fine. The error message you encountered  
could mean that the SSH priv key used with PyHoca-GUI is not in the  
server-side authorized_keys file. The error message should honour this  
experience and I should maybe rewrite it (it's a Paramiko message that  
I catch up and push to libnotify->the-screen).

Greets,
Mike

-- 

DAS-NETZWERKTEAM
mike gabriel, dorfstr. 27, 24245 barmissen
fon: +49 (4302) 281418, fax: +49 (4302) 281419

GnuPG Key ID 0xB588399B
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digitale PGP-Unterschrift
URL: <http://lists.x2go.org/pipermail/x2go-user/attachments/20110628/067e9dfe/attachment.pgp>

More information about the x2go-user mailing list