!M Client Debian RSA “Authentication failed”

Forum / NoMachine for Linux / !M Client Debian RSA “Authentication failed”

Tagged: 

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • May 19, 2025 at 08:21 #53000
    Steve92
    Participant

    Hi!

    On !M Client 8.16.1 on Debian, when trying to authenticate with his private key+passphrase to an ECS, a user gets “Authentication failed” error.

    The “connection” log on the client says:

    NX> 250 Properties: publicKey required for ECS-xyz port: 4000 service login:username=x12345&publicKey=ssh-rsa+AA……….298778%40XXX………..02P%0a&keyType=unknown

    NX> 405 ERROR: Clé publique non reconnue. (=unrecognized key)

     

    In “session” log :

    Info: Connection to w.x.y.z port 4000 started at 17:01:40 970,795.

    231140 231140 2025-05-16 17:01:40 971,044 Connection: Started connection at 0x2a6fc40.

    231140 231140 2025-05-16 17:01:40 987,306 ClientSession: Started session at 0x289f530.

    Info: Slave server running with pid 99999.

    Info: Listening to slave connections on port 50047.

    231140 231140 2025-05-16 17:01:41 001,050 Main: Entering the GUI event loop.

    231140 231151 2025-05-16 17:01:41 562,935 ClientSession: A valid certificate for this server was found.

    231140 231151 2025-05-16 17:01:50 549,875 DaemonLogin/DaemonLogin: ERROR! Error in context[B].

    Error: Error in context[B].

    231140 231151 2025-05-16 17:01:50 550,537 DaemonLogin/DaemonLogin: ERROR! Error message ‘Clé publique non reconnue.’.

    Error: Error message ‘Clé publique non reconnue.’.

    231140 231146 2025-05-16 17:01:50 550,944 DaemonClientApplication/DaemonClientApplication: WARNING! Session terminated abnormally.

    231140 231146 2025-05-16 17:01:50 550,962 DaemonClientApplication/DaemonClientApplication: WARNING! Error is 1, ‘Opération non permise’.

    Warning: Connection to w.x.y.z port 4000 failed at 17:01:50 550,967.

    Warning: Error is 1, ‘Opération non permise’.

    231140 231140 2025-05-16 17:01:50 551,673 Connection: WARNING! Ignoring the I/O error and waiting for the daemon error reporting.

    231140 231140 2025-05-16 17:01:50 565,570 Connection: Connection at 0x2a6fc40 failed.

    231140 231140 2025-05-16 17:01:50 565,593 ClientSession: Runnable at 0x2a6fc40 caused the session at 0x289f530 to fail.

    231140 231140 2025-05-16 17:01:50 565,601 ClientSession: Failing reason is ‘L’authentification a échoué pour l’utilisateur t0262730’.

    231140 231140 2025-05-16 17:01:50 568,540 Connection: Finishing connection at 0x2a6fc40.

     

     

    RSA keys pair generated on the client:

    $ ssh -V

    OpenSSH_8.4p1 Debian-5+deb11u3, OpenSSL 1.1.1k 25 Mar 2021

    $  ssh-keygen -m PEM -t rsa -b 4096

    A passphrase is used (only numbers).

    What could be the problem ?

    Is this version of ssh known to generate bad keys ?

    NB: it’s OK for another user who used an older release of ssh to generate his keys:  “OpenSSH_7.8p1 OpenSSL 1.1.1 FIPS 11/9/2018” under RHEL8.

    Any solution ?

    Thanks!

    Regards,

    Steve

     

    May 20, 2025 at 15:03 #53033
    Britgirl
    Keymaster

    Hi, it sounds very similar to this bug report.

    Cannot login by NX protocol and private key when option ‘Import the private key to the connection file’ is checked
    https://kb.nomachine.com/TR05S10271

    As a temporary workaround, do not check option ‘Import the private key to the connection file’ in the UI.

    May 20, 2025 at 15:13 #53035
    Britgirl
    Keymaster

    I see you used ssh-keygen -m PEM -t rsa -b 4096 to generate the keypair.

    Did you try to use a keypair generated by running: ssh-keygen -t rsa -b 4096 ?

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic. Please login .