- This topic has 2 replies, 3 voices, and was last updated 6 years ago by
.
-
Posts
-
I keep my private keys encrypted in keepass and use kee-agent combined with openssh ssh-agent to access my private keys for ssh terminal sessions. This works great. I can ssh to a host and private key it needs will be send by ssh-agent.
Previously I have no problem connecting to my NoMachine server using NX if I make my private key file available but for security reasons I have moved to using keepass/ssh-agent to hold my private keys as private key files laying about on multiple machines is a security issue
I have read this https://www.nomachine.com/DT07M00088&dn=key%20agent
And did set up my NoMachine server to use ssh as it seems nx protocol does not support client side key agents.
But here is the holdup in the NoMachine client it insists on having an actual file available (Please set a key file..) on the client machine even though I have checked the “Forward Authentication” choice
So I am stuck here. I can’t get by this point as long as the client insists on a file.
Using an agent the NoMachine client shouldn’t even need to know which private key is needed as the ssh-agent will provide the ssh server whatever is needed just like it does when I connect via the ssh commandline.
How to resolve this issue?
Attachments:
You should be able to authenticate with added ssh-agent key by providing any key which isn’t configured to allow authentication to the server.
But unfortunately at the moment forward authentication won’t work in this scenario. The issue is under investigation. It should be fixed as soon as possible.
We’ve inserted a Feature Request to handle correct functioning of SSH-agent authentication forwarding. Until that is implemented, users can authenticate using SSH protocol through Password, Private key, Smart card and Kerberos.
Adding SSH agent forward-authentification method
https://www.nomachine.com/FR04P03602
This topic was marked as closed, you can't post.