Unable to add nodes NX protocol – Cannot authenticate

Forum / NoMachine Cloud Server Products / Unable to add nodes NX protocol – Cannot authenticate

Tagged: ,

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #3774
    esarmien
    Participant

    Hi,

    I am running a Cloud Server and attempting to add remote nodes using the NX protocol; I am running NoMachine-4.2.23-5.x86_64. I ran these commands–

    First, I removed SSH connectivity, then added NX connectivity. As you can see, this failed.

    /[root@rce6-portal-1 esarmien]# /usr/NX/bin/nxserver –list

    NX> 127 Available sessions:

    Display Username Remote IP Session ID Node

    ——- ——————————– ————— ——————————– ——————

    [root@rce6-portal-1 esarmien]# /usr/NX/bin/nxserver –nodelist

    NX> 104 Node list:

    Status Connection Node Type LB Weight Limit Label

    ——- ———- ——————————- —- — —— —– —–

    running encrypted rce6-1.priv.hmdc.harvard.edu:22 NX yes

    running encrypted localhost:22 NX yes

    running encrypted rce6-2.priv.hmdc.harvard.edu:22 NX yes

    [root@rce6-portal-1 esarmien]# /usr/NX/bin/nxserver –nodedel localhost:22

    NX> 125 Node: localhost:22 has been removed.

    [root@rce6-portal-1 esarmien]# /usr/NX/bin/nxserver –nodedel rce6-1.priv.hmdc.harvard.edu:22

    NX> 125 Node: rce6-1.priv.hmdc.harvard.edu:22 has been removed.

    [root@rce6-portal-1 esarmien]# /usr/NX/bin/nxserver –nodedel rce6-2.priv.hmdc.harvard.edu:22

    NX> 125 Node: rce6-2.priv.hmdc.harvard.edu:22 has been removed.

    [root@rce6-portal-1 esarmien]# /usr/NX/bin/nxserver –nodeadd rce6-1.priv.hmdc.harvard.edu –protcol NX

    NX> 596 ERROR: Cannot authenticate to the requested node.

    NX> 999 Bye.

    [root@rce6-portal-1 esarmien]# /usr/NX/bin/nxserver –nodeadd rce6-2.priv.hmdc.harvard.e

    du –protcol NX

    NX> 769 The authenticity of host ‘rce6-2.priv.hmdc.harvard.edu (10.0.0.94)’ can’t be established.

    NX> 769 The certificate fingerprint is:

    NX> 769 ‘9A:E6:19:14:23:37:0E:D5:D1:A1:D0:10:0F:C3:A9:3C:78:CB:EA:4A’

    NX> 769 Are you sure you want to continue connecting? [yes|no]: yes

    NX> 763 Could not authenticate on the remote node using servers public key.

    NX> 763 Would you like to login on remote node as a privileged user to add

    NX> 763 this key and try again? [yes|no]: yes

    NX> 765 Username: esarmien

    NX> 766 Password:

    NX> 596 ERROR: Cannot authenticate to the requested node.

    NX> 999 Bye.

    I am including the configurations and logs (debugging on) for rce6-portal-1, rce6-1.priv and rce6-2.priv.

    Because there is a 1MB limit on attachments, am adding here in Dropbox

    https://www.dropbox.com/s/d8921xpkw1mqmkn/nx4-cant-add-nx-node.zip

    Thanks,

    Evan

    #3793
    Haven
    Participant

    Hello, we suspect that problem is related to authorization on the remote node with the public key

    Can you please check if the issue persists also when you generate a new pair of keys?

    Rename the original keys to preserve them:
    /usr/NX/etc/keys/node.localhost.id_dsa
    /usr/NX/etc/keys/node.localhost.id_dsa.pub
    and generate a new key-pair by running on the server host:
    # export LD_LIBRARY_PATH=/usr/NX/lib
    # /usr/NX/bin/nxkeygen -k /usr/NX/etc/keys/node.localhost.id_dsa -p /usr/NX/etc/keys/node.localhost.id_dsa.pub -t dsa

    Ensure that the new keys have proper permissions and ownership
    and update the node:
    # /usr/NX/bin/nxserver –nodeupdate <node>

    Instructions are available also here:
    https://www.nomachine.com/DT04L00069#4

    • This reply was modified 10 years, 5 months ago by Haven.
    #3796
    esarmien
    Participant

    Works. Thanks!

    #3800
    Haven
    Participant

    hello,

    if it is possible, can you send to us the previous pair of keys? We would like to investigate further in order to prevent a similar situation arising in the future.

Viewing 4 posts - 1 through 4 (of 4 total)

This topic was marked as solved, you can't post.