Dear x2go developers,
first I'd like to thank you all for creating such a helpful product! Hope I've addressed the right mailing list?
I'm trying to integrate the x2go system into our own (MPA-)Linux system which we are using and developing for centuries now (it's used non commercial in an research institute). While the client connection from my (MPA-)system to a pre-installed Ubuntu server works without a problem, the connection to a (MPA-)Linux server doesn't work yet.
I'd appreciate it very much if you could be of any help to me! I have enabled some debugging and enclosed these log files:
client-session1.log - shows the x2goclient 'session.log' to an (MPA-)Linux server. It fails on line 59 with a 'Protocol mismatch or no X authentication data'
client-sessions1 - shows the x2goclient 'sessions' file where the problem seems to show up on line 386 where only 14 instead of 50 bytes (which I see in a working connection to the Ubuntu installation) are identified. Followed by "handleAuthorization: WARNING! Failed to match the fake cookie for FD#6." in line 392. Does this mean that the server wasn't able to apply the fake cookie? What could be the reason for this? Where might I look further on? In which code part is the fake cookie written to .Xauthority? Which debug might I enable to track down the problem?
server-session1.log - server site log: there I found an Exception on line 91 resulting from an I/O error.
Any hint would be very welcome!
Where do I find a diagram or description of the data streams/login establishing in x2go?
Cheers,
Ado
Dipl.-Ing. Heinz-Ado Arnolds
MPI für Astrophysik Karl-Schwarzschild-Strasse 1 Postfach 1317 D-85748 Garching D-85741 Garching Phone: +49/89/30000-2217 FAX : +49/89/30000-2388 email: arnolds[at]MPA-Garching.MPG.DE
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Am 05.08.2015 um 12:05 schrieb Heinz-Ado Arnolds:
I'm trying to integrate the x2go system into our own (MPA-)Linux system which we are using and developing for centuries now (it's used non commercial in an research institute). While the client connection from my (MPA-)system to a pre-installed Ubuntu server works without a problem, the connection to a (MPA-)Linux server doesn't work yet.
Since you're using a custom-built Linux distribution, it would most likely be helpful to know what it is based on - Debian, Ubuntu, Fedora Core, Red Hat, ... and the corresponding version number.
Did you use one of our repositories for .deb or .rpm packages, or did you build x2goserver from source?
Also, are you using stable or nightly builds?
A list of installed packages, if you have some sort of package management on your self-built distribution, would be helpful to spot any missing packages required by X2Go.
Another thing to check: Are you using banners, like, for example in /etc/hosts.allow?
Something like "sshd: <list of IPs here> : banners /etc/banners" maybe? If yes, disable that and see if it helps.
Kind Regards, Stefan Baur
BAUR-ITCS UG (haftungsbeschränkt) Geschäftsführer: Stefan Baur Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364 Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQEcBAEBCAAGBQJVweWzAAoJEG7d9BjNvlEZuGsH/jROA2iR0ZP/zMMwWuKM+Zz8 Vp+sNJK7W2lOH8KqWNheN6wWOiT+FjIwYTcpBpfUaBXXMy4tskWz4zh5yzIcUmVJ q8ZkeHAJ6U281O8sjM6k6X7vFqMX+rRRoaOqfHFLdIsRtZtb37htAQmIliXPnpAs 9Eq5bSPg00EU2hxA05gytFmIfhKplByvhO6683H1b4V0ICdQ+F0oWxeutEhFRI0S gPrZ/X1lnlmcEWCim6GBeTkHrl5gmO6SCE/RZj90Wj+SUnVrBTKzuIc8JHsB37wi ru7BTeTSuNIeUNKK+zU+Qv1AVzobmgMTyaAz4SO4V99g1OeSnwgOGNyUpltZHZ0= =VvXl -----END PGP SIGNATURE-----
Dear Mr. Bauer,
thanks for your immediate response!
On 05.08.2015 12:30, Stefan Baur wrote: ...
Since you're using a custom-built Linux distribution, it would most likely be helpful to know what it is based on - Debian, Ubuntu, Fedora Core, Red Hat, ... and the corresponding version number.
Our system is build from scratch, no package manager. I used x2goclient-4.0.5.0 x2goserver-4.0.1.19 nx-libs-3.5.0.32.tar.gz
System environment: gcc-5.2.0 glibc-2.21 linux-4.1.3
Another thing to check: Are you using banners, like, for example in /etc/hosts.allow?
No banners, no .profile, no /etc/profile
Would be really great if you have a look at client-sessions1:
Proxy: Identified message of 14 bytes for FD#6 channel ID#1. handleWrite: Called for FD#6. handleWrite: Decoding messages for FD#6 with 14 bytes in the buffer.
a working connection shows
Proxy: Identified message of 50 bytes for FD#6 channel ID#1. handleWrite: Called for FD#6. handleWrite: Decoding messages for FD#6 with 50 bytes in the buffer.
I assume that the fake cookie can't be set. Di you have any hint where to look for this?
Kind regards,
H.-A. Arnolds
On 05.08.2015 12:30, Stefan Baur wrote:
Am 05.08.2015 um 12:05 schrieb Heinz-Ado Arnolds:
I'm trying to integrate the x2go system into our own (MPA-)Linux system which we are using and developing for centuries now (it's used non commercial in an research institute). While the client connection from my (MPA-)system to a pre-installed Ubuntu server works without a problem, the connection to a (MPA-)Linux server doesn't work yet.
Since you're using a custom-built Linux distribution, it would most likely be helpful to know what it is based on - Debian, Ubuntu, Fedora Core, Red Hat, ... and the corresponding version number.
Did you use one of our repositories for .deb or .rpm packages, or did you build x2goserver from source?
Also, are you using stable or nightly builds?
A list of installed packages, if you have some sort of package management on your self-built distribution, would be helpful to spot any missing packages required by X2Go.
Another thing to check: Are you using banners, like, for example in /etc/hosts.allow?
Something like "sshd: <list of IPs here> : banners /etc/banners" maybe? If yes, disable that and see if it helps.
Kind Regards, Stefan Baur
x2go-dev mailing list x2go-dev@lists.x2go.org http://lists.x2go.org/listinfo/x2go-dev
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Am 05.08.2015 um 14:27 schrieb Heinz-Ado Arnolds:
Dear Mr. Bauer,
thanks for your immediate response!
On 05.08.2015 12:30, Stefan Baur wrote: ...
Since you're using a custom-built Linux distribution, it would most likely be helpful to know what it is based on - Debian, Ubuntu, Fedora Core, Red Hat, ... and the corresponding version number.
Our system is build from scratch, no package manager. I used x2goclient-4.0.5.0 x2goserver-4.0.1.19 nx-libs-3.5.0.32.tar.gz
System environment: gcc-5.2.0 glibc-2.21 linux-4.1.3
Another thing to check: Are you using banners, like, for example in /etc/hosts.allow?
No banners, no .profile, no /etc/profile
Would be really great if you have a look at client-sessions1:
Proxy: Identified message of 14 bytes for FD#6 channel ID#1. handleWrite: Called for FD#6. handleWrite: Decoding messages for FD#6 with 14 bytes in the buffer.
a working connection shows
Proxy: Identified message of 50 bytes for FD#6 channel ID#1. handleWrite: Called for FD#6. handleWrite: Decoding messages for FD#6 with 50 bytes in the buffer.
I assume that the fake cookie can't be set. Di you have any hint where to look for this?
In the meantime, Mihai Moldovan (ionic@ionic.de) took a look at your logfiles. He suggested you run a compile of nx-libs using the "typescript" logging tool, and to post the logfile(s) here.
Two more bits of information:
- The message "Loop: Assuming NX client location '/home/arnolds/opt/x2go/bin/x2goclient'." looked weird to Mihai. I'm not sure what exactly he was referring to, the path of X2GoClient residing in a subdirectory of your home directory, maybe? Is that intentional?
- It would be interesting to see what happens when you connect to an MPA-Linux-based X2GoServer from an Ubuntu Client. You tested it from an Ubuntu client to an MPA server, and from an MPA client to an MPA server. Testing it in the other direction would help to rule out or confirm that it is an issue that requires an MPA Linux on both ends to occur.
Kind Regards, Stefan Baur
BAUR-ITCS UG (haftungsbeschränkt) Geschäftsführer: Stefan Baur Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364 Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQEcBAEBCAAGBQJVwywfAAoJEG7d9BjNvlEZW/wH/1PN2RE4ZoSsnsx93qA9lN4O 2sUUO3kkre82Wat1ZS8Tp0b5oiBsazrGcjm4gzDHD3+Yof0r6LmbFrJ42FNK+7Gg 1lJYUSN7ghu1mzpgfyK25VHgpoVEoiMpTFb9kmL4+53/91hoEx9v7nrHWO0kVb9U AqLVNn44JZHOv5xtQbfbDDcSPfYvQNXv+kKMWta3mrRAwUCVHiVVY1BXqbgcRgx3 zT364eH1fLommHoH+H3djhoQEmqSJeT4m2WSPtRZUjfQWeX2v1EV5TcpfsFelvf6 QT4qwqCAKOT4rNLp5keegLN6nnlFzxkEk9wyXM7XA1olROWkqIcX8yBhB+DDw54= =WfOU -----END PGP SIGNATURE-----
On 06.08.2015 11:42, Stefan Baur wrote:
Am 05.08.2015 um 14:27 schrieb Heinz-Ado Arnolds:
Dear Mr. Bauer,
thanks for your immediate response!
On 05.08.2015 12:30, Stefan Baur wrote: ...
Since you're using a custom-built Linux distribution, it would most likely be helpful to know what it is based on - Debian, Ubuntu, Fedora Core, Red Hat, ... and the corresponding version number.
Our system is build from scratch, no package manager. I used x2goclient-4.0.5.0 x2goserver-4.0.1.19 nx-libs-3.5.0.32.tar.gz
System environment: gcc-5.2.0 glibc-2.21 linux-4.1.3
Another thing to check: Are you using banners, like, for example in /etc/hosts.allow?
No banners, no .profile, no /etc/profile
Would be really great if you have a look at client-sessions1:
Proxy: Identified message of 14 bytes for FD#6 channel ID#1. handleWrite: Called for FD#6. handleWrite: Decoding messages for FD#6 with 14 bytes in the buffer.
a working connection shows
Proxy: Identified message of 50 bytes for FD#6 channel ID#1. handleWrite: Called for FD#6. handleWrite: Decoding messages for FD#6 with 50 bytes in the buffer.
I assume that the fake cookie can't be set. Di you have any hint where to look for this?
In the meantime, Mihai Moldovan (ionic@ionic.de) took a look at your logfiles. He suggested you run a compile of nx-libs using the "typescript" logging tool, and to post the logfile(s) here.
Two more bits of information:
The message "Loop: Assuming NX client location '/home/arnolds/opt/x2go/bin/x2goclient'." looked weird to Mihai. I'm not sure what exactly he was referring to, the path of X2GoClient residing in a subdirectory of your home directory, maybe? Is that intentional?
It would be interesting to see what happens when you connect to an MPA-Linux-based X2GoServer from an Ubuntu Client. You tested it from an Ubuntu client to an MPA server, and from an MPA client to an MPA server. Testing it in the other direction would help to rule out or confirm that it is an issue that requires an MPA Linux on both ends to occur.
Kind Regards, Stefan Baur
Dear Mr. Baur,
you'll find the log of my last build enclosed (STAGE1-nx-libs.log.bz2). Additionally there is a patch file which adjusts some paths and enables logging at different places (x2go-patch). Finally you'll find a listing of the directory structure (x2go-dir-struct). Perhaps I'm missing something in my installation?
Yes, the x2goclient is installed in my home dir intentionally. Just to play with statically linked qt-4.8.6 libs in an otherwise qt-5 based system. Is anything wrong with this location? (The problem is the same if I try to connect from a qt-4.8.6 based system with a x2goclient built with shared qt libs).
Cheers,
H.-A. Arnolds
On 06.08.2015 12:56, Heinz-Ado Arnolds wrote:
On 06.08.2015 11:42, Stefan Baur wrote:
Am 05.08.2015 um 14:27 schrieb Heinz-Ado Arnolds:
Dear Mr. Bauer,
thanks for your immediate response!
On 05.08.2015 12:30, Stefan Baur wrote: ...
Since you're using a custom-built Linux distribution, it would most likely be helpful to know what it is based on - Debian, Ubuntu, Fedora Core, Red Hat, ... and the corresponding version number.
Our system is build from scratch, no package manager. I used x2goclient-4.0.5.0 x2goserver-4.0.1.19 nx-libs-3.5.0.32.tar.gz
System environment: gcc-5.2.0 glibc-2.21 linux-4.1.3
Another thing to check: Are you using banners, like, for example in /etc/hosts.allow?
No banners, no .profile, no /etc/profile
Would be really great if you have a look at client-sessions1:
Proxy: Identified message of 14 bytes for FD#6 channel ID#1. handleWrite: Called for FD#6. handleWrite: Decoding messages for FD#6 with 14 bytes in the buffer.
a working connection shows
Proxy: Identified message of 50 bytes for FD#6 channel ID#1. handleWrite: Called for FD#6. handleWrite: Decoding messages for FD#6 with 50 bytes in the buffer.
I assume that the fake cookie can't be set. Di you have any hint where to look for this?
In the meantime, Mihai Moldovan (ionic@ionic.de) took a look at your logfiles. He suggested you run a compile of nx-libs using the "typescript" logging tool, and to post the logfile(s) here.
Two more bits of information:
The message "Loop: Assuming NX client location '/home/arnolds/opt/x2go/bin/x2goclient'." looked weird to Mihai. I'm not sure what exactly he was referring to, the path of X2GoClient residing in a subdirectory of your home directory, maybe? Is that intentional?
It would be interesting to see what happens when you connect to an MPA-Linux-based X2GoServer from an Ubuntu Client. You tested it from an Ubuntu client to an MPA server, and from an MPA client to an MPA server. Testing it in the other direction would help to rule out or confirm that it is an issue that requires an MPA Linux on both ends to occur.
Kind Regards, Stefan Baur
Dear Mr. Baur,
you'll find the log of my last build enclosed (STAGE1-nx-libs.log.bz2). Additionally there is a patch file which adjusts some paths and enables logging at different places (x2go-patch). Finally you'll find a listing of the directory structure (x2go-dir-struct). Perhaps I'm missing something in my installation?
Yes, the x2goclient is installed in my home dir intentionally. Just to play with statically linked qt-4.8.6 libs in an otherwise qt-5 based system. Is anything wrong with this location? (The problem is the same if I try to connect from a qt-4.8.6 based system with a x2goclient built with shared qt libs).
Cheers,
H.-A. Arnolds
Hello,
I'm quite sure that my first guess is the real reason for my problem: The fake cookie is never saved to ~/.Xauthority.
When I look at the server side,
XOpenDisplay() X11TransConnectDisplay() GetAuthorization(..., auth_namep, auth_namelenp, auth_datap, auth_datalenp)
I see that GetAuthorization() doesn't return any values in xauth_name and xauth_data (which I can even verify with a simple "xauth list"). Debug output shows: in GetAuthorizatioin() xauth_name: (null), xauth_data: (null). in GetAuthorizatioin() family: 256, saddrlen: 6, saddr: ncd-11, strlen (dpynumbuf): 2, dpynumbuf: 50, authptr: (null).
Can anybody give me a hint where (in the code) the fake cookie is stored into ~/.Xauthority please?
Thanks a lot,
Ado
On 06.08.2015 05:36 PM, Heinz-Ado Arnolds wrote:
On 06.08.2015 12:56, Heinz-Ado Arnolds wrote:
On 06.08.2015 11:42, Stefan Baur wrote:
Am 05.08.2015 um 14:27 schrieb Heinz-Ado Arnolds:
Dear Mr. Bauer,
thanks for your immediate response!
On 05.08.2015 12:30, Stefan Baur wrote: ...
Since you're using a custom-built Linux distribution, it would most likely be helpful to know what it is based on - Debian, Ubuntu, Fedora Core, Red Hat, ... and the corresponding version number.
Our system is build from scratch, no package manager. I used x2goclient-4.0.5.0 x2goserver-4.0.1.19 nx-libs-3.5.0.32.tar.gz
System environment: gcc-5.2.0 glibc-2.21 linux-4.1.3
The reason I asked for how you built nx-libs is because I'd like to make sure that you included all patches prior to building.
Our nx-libs source tree is pretty much what NoMachine released as their 3.5.0 version. The "good bits" are really packed up as patches, that need to be applied before running the actual compile job.
If you used the official tarballs, the patches should already be included, though, and no special handling required.
The nx-libs.spec file is my favorite documentation of how to build nx-libs.
Would be really great if you have a look at client-sessions1:
Proxy: Identified message of 14 bytes for FD#6 channel ID#1. handleWrite: Called for FD#6. handleWrite: Decoding messages for FD#6 with 14 bytes in the buffer.
a working connection shows
Proxy: Identified message of 50 bytes for FD#6 channel ID#1. handleWrite: Called for FD#6. handleWrite: Decoding messages for FD#6 with 50 bytes in the buffer.
I assume that the fake cookie can't be set. Di you have any hint where to look for this?
It looks suspicious, I agree. Like missing data.
I'm quite sure that my first guess is the real reason for my problem: The fake cookie is never saved to ~/.Xauthority.
When I look at the server side,
XOpenDisplay() X11TransConnectDisplay() GetAuthorization(..., auth_namep, auth_namelenp, auth_datap, auth_datalenp)
I see that GetAuthorization() doesn't return any values in xauth_name and xauth_data (which I can even verify with a simple "xauth list"). Debug output shows: in GetAuthorizatioin() xauth_name: (null), xauth_data: (null). in GetAuthorizatioin() family: 256, saddrlen: 6, saddr: ncd-11, strlen (dpynumbuf): 2, dpynumbuf: 50, authptr: (null).
Can anybody give me a hint where (in the code) the fake cookie is stored into ~/.Xauthority please?
I currently do not know where the auth cookie is saved, sorry. Will need to take a closer look (and even then...)
Mihai
-
Heinz-Ado Arnolds -
Mihai Moldovan -
Stefan Baur