Can’t login “Authentication failed, please try again.”

Forum / NoMachine for Linux / Can’t login “Authentication failed, please try again.”

Viewing 15 posts - 1 through 15 (of 60 total)
  • Author
    Posts
  • #25098
    Zenith
    Participant

    Hello everybody,

    I’m trying to remotely access a Linux machine (server, Mint 19.2 (Tina) Cinnamon) through my (gaming) PC which is a Windows machine (client, 10 Pro x64). So if this is supposed to be in the Windows subforum I’m sorry. Maybe a mod or admin could place it there if this is the case!?

    So I can’t login on my Linux machine from my Windows machine. NoMachine (I’m using the free version) shows the Linux machine, so that’s not the problem. Just when I try to login with the credentials of my Linux machine I get the error: “Authentication failed, please try again.”.

    So I edited the server.cfg file (first only on the Linux machine, later both) and changed these settings:
    #EnableUserDB 1
    #
    EnablePasswordDB 1

    at the bottom of the server.cfg file:
    # Host      192.168.1.12
    # Port      4000
    # User      *****
    # Password  *********

    But I’m still getting the same error. I also added a new user on the Linux machine in the terminal with this command:
    sudo /usr/NX/bin/nxserver –useradd *****

    I also restarted the server in between each change. What am I still missing?

    And also, how can I restore the settings.cfg file back to default? I know… I should have made a duplicate (back up) before editing it, but I forgot.

    Reason I’m asking this last thing, is because I think I used the wrong username of my Linux machine when I tried to login. So I could also still try that with the parameters in the settings.cfg returned to default. But I would like to learn how to change the login credentials regardless as I feel this might be useful in the future.

    Hope somebody can help me out, thanks in advance! 🙂

    #25138
    Zenith
    Participant

    So someone on Reddit told that I should remove the brackets, so I did and now it looks like this:

    #
    # When WebRTC is enabled, set parameters for STUN/TURN utilities to
    # permit NAT traversal for peer to peer direct video, audio and data
    # streaming. Replace ‘hostname’ and ‘portnumber’ with the ip or host
    # name of the network server; replace ‘username’ and ‘password’ with
    # username and password to be used for authenticating to such server.
    # If a TURN server has to be contacted, duplicate section below, set
    # it to Section “TURN” and provide the appropriate values for Host,
    # Port, User and Password parameters. Define multiple sections for
    # different STUN or TURN servers to provide an alternative server
    # in case the first of the list is not reachable.
    #
    # Section “STUN”
    #
    Host          192.168.1.12
    Port           4000
    User          username
    Password  password
    #
    # EndSection

    But it still doesn’t work. So I must still be doing something wrong. Even the server on my Linux Machine gives the authentication error now:

    Hope somebody can help me out…

    #25154
    Mth
    Contributor

    Hello

    First thing about NoMachine config, the information you got is correct, when you set it like that:

    #EnableUserDB 1
    #
    EnablePasswordDB 1

    Even if you change the EnableUserDB key to 1, the whole line is still treated as comment line and ignored. You need to get rid of ‘#’ character for config line to be parsed.

    Second, at the bottom of the config file, the Section “Server” and Section “STUN” are only when you are connecting to the server using web interface (usually through a web browser) and not NoMachine player application. And for standard usage the modifications here are usually
    not required.

    Also if you are using free version, the HTTP protocol is disabled, so those fragments can be simply ignored.

    Then for the config file backups, I’m afraid there is no way to restore it in easy way. We provide some generic cfg.sample files, but the main .cfg are created during the installation procedure depending of operating system configuration. In other words, you can restore some of the keys by comparing
    .cfg to .cfg-sample files, but the most important ones have to be created on installation.

    And for the problem. Part of it of course may be that currently you have EnableUserDB key commented and by default it is set to 0. Although when EnablePasswordDB is set to 1 it should not provide the problem with login.

    First what does EnablePasswordDB do. If it is set to 0, you can connect to the NoMachine server using any user account that is on that operating system by providing its username and system password.
    When you set it to 1, by default you will not be able to connect at all.

    So by doing ‘sudo /usr/NX/bin/nxserver –useradd *****’ you have provided the NoMachine database with the user.
    When doing so you should have been prompted by the:

    nxserver --useradd test
    NX> 906 Setting password for user: test.
    NX> 251 Password:
    NX> 102 Confirm password:
    NX> 110 Password for user 'test' has been added to the NX password DB.

    And now, as long as EnablePasswordDB is set to 1, you need to provide this new password to connect.

    There is a problem though, if you added that user before setting EnablePasswordDB to 1, there would have
    been no new password prompt, and the user would not have its NoMachine password provided.
    You would need to do the useraddd command again to fix it.

    There is one exception to this, when using SSH connection protocol you still need to provide system password as per the SSH configuration, then after this you will be again prompted by the NoMachine password question.

    So for now please try those things:

    1. Remove the ‘#’ from server.cfg ‘#EnableUserDB 1’ line.

    2. Run ‘sudo /usr/NX/bin/nxserver –useradd <username>’ again and see if you have password prompt, if yes, please
    provide it and use that password to login. Be sure you are using NX protocol.

    3. If still no use please run ‘sudo /usr/NX/bin/nxserver –passwd <username>’ and set new password again, just to rule
    out there was no typos, and use that password to login.

    4. If it still does not work, please set in server.cfg

    EnableUserDB 0
    EnablePasswordDB 0

    And try to login using the system credentials.

    5. If that attempt also fails, there may be more to this problem, and we would like to see the logs as there might me unexpected bug behind this.

    Article on how to collect logs:

    https://www.nomachine.com/DT10O00163 (“How to gather debug logs for support requests”)

    Please enable the debug and then try to login again and send the logs to forum[at]nomachine[dot]com using the title of that forum’s thread as the mail’s subject.

    /Mth

    #25192
    Zenith
    Participant

    Hello,

    Thanks for the reply! I’m aware of the differences between STUN and Server, I just copied the wrong part. But since every post has to await moderation I couldn’t edit it anymore.

    Logging in with system credentials simply doesn’t work (with EnableUserDB and EnablePasswordDB set to: 0). I want to control my Linux machine remotely, so I checked my username with the command: whoami (= oem (no clue why, haven’t chosen this myself)

    I have to use my password often in Linux for certain proceedings, so there can’t really go much wrong there I feel (nothing?).

    2. Run ‘sudo /usr/NX/bin/nxserver –useradd <username>’ again and see if you have password prompt, if yes, please
    provide it and use that password to login. Be sure you are using NX protocol.

    After that I get:
    [sudo] password for oem:

    Once I set that it seems to be good. I get a lot of info, but no errors or such it seems. At the bottom it says: Run a new nxserver shell.
    When I run NoMachine server on the Linux machine it looks like this:
    https://imgur.com/a/EBVSvou

    So it does mention ‘Changes disabled’ at the left bottom. I don’t feel that always has been there.

    When I try to login on the Windows client now I get the same error. Just to be clear… I edited the server.cfg fiel on both machines the same way! I assume that this is correct?!

    4. If it still does not work, please set in server.cfg

    When changing EnableUserDB and EnablePasswordDB back to 0 (zero) and try to login using the system credentials (so user: oem + password) I also still get the same error.
    Again to be sure, I changed both server.cfg files. The one on the Linux machine (server) and the Windows machine (client). And only before EnableUserDB, EnablePasswordDB and the server details I removed the # symbol. All the other text still has the # symbol in front of each line.

    I made a compressed archive of the .nx directory and I will e-mail this. There is no nxtrace.log present/generated.

    #25193
    Zenith
    Participant

    I just now see that I get an error for this command:
    sudo /usr/NX/bin/nxserver –useradd <username>

    After I try to set the password I get the following error:
    NX> 500 ERROR: Invalid command: ‘-useradd’

    And then followed by a lot info about the various commands and options. So in hindsight, something has gone wrong at this step it seems…

    #25214
    Mth
    Contributor

    Hello

    I’m sorry, this forum seems to change double “-” signs to this big “–” when not written in code tags. The commands to use are:

    sudo /usr/NX/bin/nxserver --useradd <username>
    sudo /usr/NX/bin/nxserver --passwd <username>

    But it seems this does not matter in this case.

    I’m sorry I have not noticed before, but on that screenshot you sent you are in a completely wrong page.

    This is not an connection attempt to the remote machine. This is an attempt to change settings on the server for the local machine.
    If you click on this “lock icon” and the “Changes disabled”, you should get prompt for the local administrator account and password to enable the
    settings changes, same if you try to change anything.

    I am really not sure what is the case here, but to connect to another machine please use “New connection” instead of “Service status”
    screen from the monitor tray icon, or use ‘nxplayer’ application.

    /Mth

    #25233
    Zenith
    Participant

    I’m sorry I have not noticed before

    No problem of course!

    This is not an connection attempt to the remote machine. This is an attempt to change settings on the server for the local machine.

    That is correct, but since I noticed that “Changes disabled” lock icon there. Which I never seen before, I thought I made a screenshot of that.

    A screenshot of the Windows Client saying “Authentication failed, please try again.” didn’t seem necessary to post here.

    I’m not quite sure what you mean with “use New connection” or the “nxplayer” application. Here are two screenshots of what I’m seeing in the Windows client:

    So nothing strange there, except the error of course. I emailed the log like you said. Have you any idea what kind of ETA I can expect on an answer?

    Thanks again for the reply!

    #25243
    Mth
    Contributor

    Hello.

    The player logs had nothing really meaningful, so I think we need the server side logs here.

    Please check the system logs. For mint system the /var/log/auth.log should
    say if the logging attempt was blocked by the system (entries for nx:auth).

    Also as the nx service uses su module for authorization, please provide us the /etc/pam.d/su module
    configuration. Also please note that if authorization uses Kerberos tool, you need to specify it before
    connecting in the player (connection details -> advanced).

    And at last please provide the NoMachine server logs. As your server is on Linux, please refer to point
    ‘1.1. Server on Linux’ of the article
    https://www.nomachine.com/DT10O00163

    Please enable logs, try to connect and then gather the logs. Send them to us just like before.

    /Mth

     

    #25381
    Zenith
    Participant

    Hi,

    Sorry for the late response.

    I tried to do what you said. In var/log there is no auth.log file…

    I can’t find ‘connection details/advanced’ in the player (that is the Windows client right?)

    I used the following command as mentioned in the ‘How to gather debug logs for support requests’ from the Knowledge Base.:

    oem@Zenith:~$ sudo tar cvfz NoMachine-log.tar.gz /usr/NX/var/log
    [sudo] password for oem:
    tar: Removing leading `/’ from member names
    /usr/NX/var/log/
    /usr/NX/var/log/archives/
    /usr/NX/var/log/nxd.log
    /usr/NX/var/log/logrotate/
    /usr/NX/var/log/node/
    /usr/NX/var/log/nxinstall.log
    /usr/NX/var/log/nxserver.log
    /usr/NX/var/log/nxerror.log
    oem@Zenith:~$

    This produced the following files and folders (if not already present before I executed the command):

    folders: archives, logrotate, node
    files: nxd, nxerror, nxinstall, nxserver (all .log)

    I can’t copy/paste nxerror.log and nxserver.log to my NAS or Windows machine. I get the following error:
    Error opening file /usr/NX/var/log/nxerror.log: Permission Denied. Despite elevated privileges in the log folder.

    I also can’t find the /usr/NX/etc/pam.d/su module configuration. There is nothing located with the name ‘pam.d’ in the etc folder.

    Where do I go from here?

    Thanks in advance

    #25470
    Mth
    Contributor

    Hello.

    Unfortunately NoMachine logs cannot be read by a normal user, even if the directory
    rights are proper. You will need sudoer or root account to access and copy them.
    You can also use the command

    etc/NX/nxserver --debug --collect

    to make NoMachine collect and package them itself, but this command also requires
    the sudo/root access.

    As for the pam.d directory, it is not NoMachine configuration, but rather system
    configuration, so it will not be in ‘/usr/NX’, but in system directory ‘/etc’.

    /Mth

    #25517
    Zenith
    Participant

    Thanks for the reply!

    I tried the commands:

    etc/NX/nxserver --debug --collect

    and

    etc/NX/server --debug --collect

    since there’s no ‘nxserver’ folder in NX, just ‘server’. Both give me this outcome:

    bash: etc/NX/(nx)server: No such file or directory

    I also tried both commands with sudo in front of it, but that gives me this message:

    sudo etc/NX/(nx)server: command not found

    The only folder present in the ‘server’ folder (in etc/NX) is ‘localhost’.

     

    I DID find the /etc/pam.d folder and found a file called ‘su’. So I copied that to a folder where I save the files needed to provide. But still no luck on collecting the logs from the Linux server… and since I doubt I have a root account or sudoer (?) how will I ever be able to collect the files/logs that you need to be able to help me out?

    I CAN provide the files: nxd.log, nxinstall.log and su. Would that be of any help?

    Thanks in advance

     

    #25614
    Mth
    Contributor

    Hello

    Sorry for the confusion, the proper command would be:

    sudo /etc/NX/nxserver --debug --collect

    This command should point you to the generated archive, like:

    NX> 900 Archive is: /usr/NX/var/log/archives/NoMachine-log-2020.02.12-10.28.14.zip

    Please send this archive and the ‘su’ file to forum[at]nomachine[dot]com using the title of that forum’s thread as the mail’s subject.

    /Mth

    #25766
    Zenith
    Participant

    Sorry for the late response, I was able to collect the debug archive this time. I feel so stupid for forgetting the forward slash before ‘etc’… complete Linux newbie here.

    I mailed the files like you said, can’t wait for the response 🙂

    Thanks in advance

    #25817
    Britgirl
    Keymaster

    Zenith, did you not send the logs in the end? We haven’t received them.

    #25825
    Zenith
    Participant

    Hello Britgirl,

    I did send the e-mail on 25 February 2020 on 14:53u (or 02:53 pm) to forum[at]nomachine.com and it’s marked as sent. I didn’t receive an error, so it seems it has arrived. I used this as title: ‘Can’t login “Authentication failed, please try again.” (Linux forums)’.

    So I added the ‘(Linux forums)’ part to the title, could that be the problem? Should I send it again?

    Please let me know, thanks in advance!

Viewing 15 posts - 1 through 15 (of 60 total)

This topic was marked as solved, you can't post.