Cannot write to .Xauthority

Forum / NoMachine Terminal Server Products / Cannot write to .Xauthority

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #22045
    Armaggedon
    Participant

    Hi all,

    I’m using the evaluation period for testing a cluster consisting in one Enterprise Terminal Server and one Terminal Server Node using default configuration. Both are CentOS 7 and running NoMachine products version 6.5.6. KDE as desktop and properly configured on DefaultDesktopCommand setting.

    Node Protocol Label Status Load-B Manual-S Weight Limit
    --------------- -------- ----- ------- ------ -------- ------ -----
    node:4000 NX running yes yes
    localhost:4000 NX running yes yes

    Class Type Value
    --------- -------------------------- ------
    feature manual-node-selection no
    feature server-clipboard yes
    feature enable-profiles yes
    feature enable-guest no
    feature enable-multiserver no
    feature enable-multinode yes
    feature node-load-balancing yes
    feature client-clipboard yes
    feature bandwidth no

    So when creating a virtual desktop on the ETS everything works like a charm. However, when selecting the TSN, I get prompted with:

    The session negotiation failed.

    Error: Cannot write to .Xauthority file in on the local host. Please verify permission attributes for that file.

    My home directory is on my corporate network file system. .Xauthority file has the right permissions (0600) and nothing changes if I delete it: TSN is unable to create it but TSN can.

    Does anyone have an idea what might be going on?

    #22056
    Armaggedon
    Participant

    Apparently I cannot edit my post… When I said TSN is unable to create it but TSN can, I meant “TSN is unable to create it but ETS can”.

    #22049
    brotech
    Participant

    Hello,
    Lets focus on remote node. If you have correct permissions when logging in there using SSH, please create backup of /etc/pam.d/nx and then copy /etc/pam.d/sshd over /etc/pam.d/nx. After that, try to start NX session again on the TSN.

    If your remote node uses pam_mount module, then this article might be helpful: https://www.nomachine.com/AR09N00902

    #22115
    Armaggedon
    Participant

    Hello brotech,

    I’m a bit lost with this but I think I did it correctly. As my user could ssh normally inside the node, I overrode /etc/pam.d/nx with the contents of /etc/pam.d/sshd. Still nothing happened.

    I’m not sure how the pam_mount module is configured in my organization, but just in case I followed the steps of your article (both methods) and yet nothing happens.

    #22117
    brotech
    Participant

    Hello,
    please enable debug, reproduce issue, then gather logs as described in article: https://www.nomachine.com/DT10O00163 and send to forum[at]nomachine[dot]com

    Please ensure that mail’s subject is ‘Cannot write to .Xauthority’ so we can track properly that
    issue. If you could attach also the /etc/pam.d directory, it might be useful.
    To make one file which contains the whole pam.d directory, run in a terminal:
    tar -zcf myownpamd.tar.gz /etc/pam.d

    #22137
    Cato
    Participant

    Hello Armaggedon,

    There are few possible reasons of problem with accessing .Xauthority file. Check if you can establish NoMachine session after following instructions for each of the listed scenarios separately.

    1. The home directory is not mounted.

    Start terminal ssh session to remote node host, to make sure that home directory is mounted.

    2. Home directory is mounted, but SELinux is preventing access.

    Follow this article to temporarily disable selinux or set it to permissive mode:

    https://linuxize.com/post/how-to-disable-selinux-on-centos-7

    3. The file has correct permission, but not the correct owner.

    Make sure that the owner of the file is the same as user who attempts to establish NoMachine session.

    4. There’s some difference in configuration between server machine and remote node machine.

    Look for potential differences in /etc/pam.d directories on ETS and TSN.

Viewing 6 posts - 1 through 6 (of 6 total)

This topic was marked as solved, you can't post.