<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hi Mike,<br>
thanks for the confirmation and the submission.<br>
<br>
If anyone is interested, one thing I did for now, to address this
issue was to allow password-based access from my LAN addresses as
described here:
<a class="moz-txt-link-freetext" href="http://askubuntu.com/questions/101670/how-can-i-allow-ssh-password-authentication-from-only-certain-ip-addresses">http://askubuntu.com/questions/101670/how-can-i-allow-ssh-password-authentication-from-only-certain-ip-addresses</a>
(Note that the match block should be at the end of sshd_config file
as it affects all statements below it if I understand it correctly)<br>
<div class="post-text">
<p>Use a <code>Match</code> block in <code>/etc/ssh/sshd_config</code>.</p>
<pre><code>PasswordAuthentication no
Match address 192.0.2.0/24
PasswordAuthentication yes
</code></pre>
</div>
Best,<br>
Matthias<br>
<br>
<div class="moz-cite-prefix">On 27/8/2013 12:34 PM, Mike Gabriel
wrote:<br>
</div>
<blockquote
cite="mid:20130827123401.1559208fzp3qfrtl@mail.das-netzwerkteam.de"
type="cite">Package: x2goclient
<br>
Tags: confirmed
<br>
Version: 4.0.1.0
<br>
Severity: important
<br>
x-debbugs-cc: <a class="moz-txt-link-abbreviated" href="mailto:software@matthiaskauer.com">software@matthiaskauer.com</a>
<br>
<br>
I myself have also observed the issue reported by Matthias. Adding
this as a bug. This should get fixed before the release of
4.0.1.1.
<br>
<br>
Mike
<br>
<br>
----- Weitergeleitete Nachricht von <a class="moz-txt-link-abbreviated" href="mailto:software@matthiaskauer.com">software@matthiaskauer.com</a>
-----
<br>
Datum: Mon, 26 Aug 2013 23:54:55 +0200
<br>
Von: Matthias Kauer <a class="moz-txt-link-rfc2396E" href="mailto:software@matthiaskauer.com"><software@matthiaskauer.com></a>
<br>
Betreff: [X2Go-User] Login via ~/.ssh/authorized_keys fails
<br>
An: <a class="moz-txt-link-abbreviated" href="mailto:x2go-user@lists.berlios.de">x2go-user@lists.berlios.de</a>
<br>
<br>
Hi,
<br>
I am looking for input on how to set up an ssh key-based
authentication.
<br>
<br>
I generated an RSA key pair with puttygen and added it to
<br>
~/.ssh/authorized_keys2 => confirmed that I can login with
putty.
<br>
Now, I specify the same private key in x2goclient (windows). I
enter my
<br>
password and I am then prompted for the password of the ssh key. I
enter
<br>
it and the same ssh key password prompt reappears. This seems to
be an
<br>
infinite loop. When I cancel it, I get a message saying that only
<br>
publickey is supported as login method (which corresponds to my
<br>
sshd_config settings).
<br>
<br>
I then tried renaming ~/.ssh/authorized_keys and using a DSA key
pair.
<br>
putty still works as expected with both of these alternatives.
<br>
x2goclient still shows the same problems however. It only lets me
login
<br>
if I adapt my sshd_config and authenticate via user / password
combination.
<br>
<br>
Is this a known limitation?
<br>
What is the best way to achieve high security? Can I limit the
x2go
<br>
connections to only LAN IPs (without restricting the pure ssh
connections)?
<br>
<br>
Best Wishes,
<br>
Matthias Kauer
<br>
_______________________________________________
<br>
X2Go-User mailing list
<br>
<a class="moz-txt-link-abbreviated" href="mailto:X2Go-User@lists.berlios.de">X2Go-User@lists.berlios.de</a>
<br>
<a class="moz-txt-link-freetext" href="https://lists.berlios.de/mailman/listinfo/x2go-user">https://lists.berlios.de/mailman/listinfo/x2go-user</a>
<br>
<br>
<br>
----- Ende der weitergeleiteten Nachricht -----
<br>
<br>
<br>
</blockquote>
<br>
</body>
</html>