Forum / NoMachine for Linux / Yubikey support
- This topic has 22 replies, 4 voices, and was last updated 3 weeks, 4 days ago by Britgirl.
-
AuthorPosts
-
September 11, 2024 at 14:51 #49618GuroContributor
Hello
To be able to provide more advises there is need to have more detailed log data. As for security reason, authentication logs are disabled by default.
But if you are willing to install new debug package on your working machine and test the authentication process to provide us more detailed information about this error, we can send you a debug package.Thanks
September 12, 2024 at 11:32 #49641BritgirlKeymasterOne thing worth noting here because it’s not been mentioned is that if you want to start SSH connections from the Mac machine to your Ubuntu host with NoMachine, on the server you need to have a product from the Enterprise family. If you have NoMachine free version installed on the server side, it cannot accept SSH connections. I think Guro assumed that you did (e.g Enterprise Desktop is the same as the free version but provides SSH support, web-based connections and other features) when he suggested trying an SSH connection.
September 13, 2024 at 11:43 #49659GuroContributorHello
Please could you provide exact information of NoMachine server you are trying to connect to?
The free NoMachine version does not support SSH connections.Thanks
September 14, 2024 at 01:17 #49666Chatter5352ParticipantIf there are no security risks to installing the debug package, then I’m happy for you to send it to me and use it. What is the security reason for them to be disabled by default?
I am using NoMachine 8.13.1 on my Mac client and the latest version on my Ubuntu device to be accessed. I have the free version so I guess that explains why ssh doesn’t work. Is there any way to use the Yubikey to protect the free version of NoMachine? Is the ssh tunnelling method I mentioned earlier in this thread sensible? That is:
In the mean time I have found a possible workaround. This is to use the Yubikey to ssh tunnel the 4000 port to my localhost. Then I can connect to localhost using NoMachine. This works and may be an acceptable workaround, unless you see problems with this method? One possible issue is that I have found this connection less reliable than directly using NoMachine to the remote IP and port eg. session freezes and I have to reconnect. Is there a way to make the connection more stable with this approach?
September 16, 2024 at 14:44 #49683GuroContributorhello
“If there are no security risks to installing the debug package, then I’m happy for you to send it to me and use it.” – It’s safe to install and use. It’s a regular package with extra debug enabled to allow us to go much deeper into why a particular error is happening so they will contain information about exchange protocol flow data, ssh key fingerprints and accepted encryption methods.
” Is the ssh tunnelling method I mentioned earlier in this thread sensible?” – Yes it is. You can see details here: https://kb.nomachine.com/AR10K00728
“Is there a way to make the connection more stable with this approach?” – I think the session freeze needs further investigation. First, can you send us server side logs? Logs would also allow us to check why the connection is failing without an appropriate error even without adding yubikey as a device. You can extract them using the instructions here: https://kb.nomachine.com/DT07S00243.
Send them to forum[at]nomachine[dot]com. Please use the title of this topic as the subject of your email. Thanks!
October 4, 2024 at 08:31 #49931BritgirlKeymasterChatter5352, just to clarify, we don’t need to send you a debug package for the SSH issue because you we now know that you are using the free version which doesn’t support incoming SSH connections. If you are still experiencing the session freezes, we would be interested in seeing the server side logs (see Guro’s post just above). Let us know.
October 10, 2024 at 03:08 #50093Chatter5352ParticipantSorry for the delay, I’ve been out of contact. I am still experiencing the freezing issue. Sometimes it happens quite regularly eg. multiple times every few minutes. Sometimes it seems fine for even an hour but does eventually seem to come back. When it freezes, the mouse cursor often vibrates back and forth on the screen but can no longer be moved nor does anything else respond. The only way forward is to quit the session and log in again (the tunneled ssh link is fine throughout).
Are there specific things in the logs I need to remove to maintain privacy and security? I don’t want to be sending personal information over the internet in this way. If that can be clarified, I’m happy to send the relevant parts of the logs. Or are there any other things I can try in the mean time to debug this?
Thanks for your help with this!
October 10, 2024 at 15:49 #50111BritgirlKeymasterHi, please send them privately to our email address rather than here. IPs and usernames (not passwords) are present in nxserver.log, nxinstall.log, nxservice.log. If you wish to remove this information before sending, you should edit those in a text editor before sending.
-
AuthorPosts
You must be logged in to reply to this topic. Please login here.