Hi,
I am seeing a problems with a new set up environment using the broker
with SSH tunneling and session autologin. I start x2goclient connecting
to my broker, log in, receive a list of session profiles, select the one
that uses auto login, enter my SSH proxy password and get asked to enter
a password for some key.
Authentication to the broker is no problem:
--
2014-03-24 13:49:12,972 - broker - INFO - X2Go Session Broker (0.0.3.0),
2014-03-24 13:49:12,973 - broker - INFO - written by Mike Gabriel
(X2Go Project) <mike.gabriel@das-netzwerkteam.de>
2014-03-24 13:49:12,973 - broker - INFO - Setting up the broker's
environment...
2014-03-24 13:49:12,974 - broker - INFO - X2GOBROKER_DEBUG: True
2014-03-24 13:49:12,974 - broker - INFO - X2GOBROKER_CONFIG:
/etc/x2go/x2gobroker.conf
2014-03-24 13:49:12,974 - broker - INFO - X2GOBROKER_AGENT_CMD:
/usr/lib/x2go/x2gobroker-agent
2014-03-24 13:49:12,974 - broker - INFO -
X2GOBROKER_AUTHSERVICE_SOCKET: /run/x2gobroker/x2gobroker-authservice.socket
2014-03-24 13:49:12,975 - broker - INFO - X2GOBROKER_DEFAULT_BACKEND:
inifile
2014-03-24 13:49:12,975 - broker - INFO - X2GOBROKER_SSL_CERTFILE:
2014-03-24 13:49:12,975 - broker - INFO - X2GOBROKER_SSL_KEYFILE:
2014-03-24 13:49:12,981 - broker - INFO - client address is 127.0.0.1
2014-03-24 13:49:12,981 - broker - DEBUG - username: mathias, password:
XXXXX, task: selectsession, profile_id: termsrv, cookie:
2014-03-24 13:49:12,982 - broker - DEBUG -
base_broker.X2GoBroker.get_authentication_mechanism(): found
default-auth-mech in global config section: pam
2014-03-24 13:49:12,982 - broker - DEBUG -
base_broker.X2GoBroker._do_authenticate(): authenticating user=mathias
with password=<hidden> against backend=inifile.
2014-03-24 13:49:12,982 - broker - DEBUG - connecting to authentication
service socket /run/x2gobroker/x2gobroker-authservice.socket
2014-03-24 13:49:12,983 - broker - DEBUG - sending username=mathias,
password=<hidden>, service=x2gobroker to authentication service
2014-03-24 13:49:12,999 - broker - INFO - authentication against PAM
service »x2gobroker« succeeded for user »mathias«
2014-03-24 13:49:12,999 - broker - DEBUG -
base_broker.X2GoBroker.check_access(): result of authentication check
is: True
2014-03-24 13:49:13,006 - broker - DEBUG -
base_broker.X2GoBroker.get_agent_query_mode(): found
default-agent-query-mode in global config section: none
After entering the SSH Proxy password auth.log says
--
Mar 24 13:52:43 access sshd[24551]: Accepted password for x2gosshproxy
from 80.187.108.145 port 8948 ssh2
Mar 24 13:52:43 access sshd[24551]: pam_unix(sshd:session): session
opened for user x2gosshproxy by (uid=0)
so that worked, too!
On the x2goserver, I see this in auth.log right after I entered the
proxy password:
--
Mar 24 17:49:31 termsrv sshd[10065]: Did not receive identification
string from 10.173.20.3
Mar 24 17:49:31 termsrv sshd[10067]: Did not receive identification
string from 10.173.20.3
10.173.20.3 is the inner IP address of my ssh proxy and x2go broker. I
think this is where the problem lies. I assume at this point x2gobroker
should connect to x2goserver using the x2gobroker account and the
installed public key. Manually, I can create this connection from the
broker though:
--
root@access:~# su - x2gobroker
x2gobroker@access:~$ ssh 10.173.20.2
Welcome to Ubuntu 13.10 (GNU/Linux 3.11.0-12-generic x86_64)
Last login: Mon Mar 24 17:17:29 2014 from 10.173.20.3
x2gobroker@termsrv:~$
Anybody with good troubleshooting skills? :D
cheers
Mathias