Gentoo Archives: gentoo-user

From: Joseph <syscon780@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] nxserver-freenx - user nx not allowed because account is locked
Date: Thu, 19 Mar 2009 16:10:27
Message-Id: 20090319161052.GF28160@syscon4.inet
In Reply to: Re: [gentoo-user] nxserver-freenx - user nx not allowed because account is locked by Paul Hartman
1 On 03/19/09 10:51, Paul Hartman wrote:
2 >>
3 >> Yes, I tried it already:
4 >>
5 >> passwd -u nx
6 >> passwd: unlocking the user would result in a passwordless account.
7 >> You should set password with usermod -p to unlock this user account.
8 >> Password changed.
9 >>
10 >> What do you do next?
11 >>
12 >> When I try to run again:
13 >> nxsetup --install --setup-nomachine-key --clean --purge
14 >>
15 >> I get:
16 >> ...
17 >> Setting up /var/log/nxserver.log ...done
18 >> Setting up special user "nx" ...passwd: unlocking the user would result in a
19 >> passwordless account.
20 >> You should set a password with usermod -p to unlock this user account.
21 >> Password changed.
22 >> done.
23 >> ...
24 >> ----> Testing your nxserver connection ...
25 >> Permission denied (publickey,keyboard-interactive).
26 >> Fatal error: Could not connect to NX Server.
27 >>
28 >> Please check your ssh setup:
29 >>
30 >> The following are _examples_ of what you might need to check.
31 >>
32 >> - Make sure "nx" is one of the AllowUsers in sshd_config.
33 >> (or that the line is outcommented/not there)
34 >> - Make sure "nx" is one of the AllowGroups in sshd_config.
35 >> (or that the line is outcommented/not there)
36 >> - Make sure your sshd allows public key authentication.
37 >> - Make sure your sshd is really running on port 22.
38 >> - Make sure your sshd_config AuthorizedKeysFile in sshd_config is set
39 >> to authorized_keys2.
40 >> (this should be a filename not a pathname+filename)
41 >> - Make sure you allow ssh on localhost, this could come from some
42 >> restriction of:
43 >> -the tcp wrapper. Then add in /etc/hosts.allow: ALL:localhost
44 >> -the iptables. add to it:
45 >> $ iptables -A INPUT -i lo -j ACCEPT
46 >> $ iptables -A OUTPUT -o lo -j ACCEPT
47 >>
48 >>
49 >> So at this point I'm back to square one in log/messages I get:
50 >> User nx not allowed because account is locked
51 >
52 >Oh, try to give user nx a password on your system. It uses ssh keys
53 >to login, so it doesn't even matter what the password is. Just don't
54 >make it something easily guessed/brute-force like "nx" or "1234" or
55 >else you might have some unwanted guests in your system :)
56
57 I did give it a password
58 usermod -p something nx
59
60 it accepted the password, now do I run the setup again:
61 nxsetup --install --setup-nomachine-key --clean --purge
62
63 If I try to login from another machine do I login as user "nx"?
64 When I try to login from another machine on my network I get:
65 Your guest account has expired...
66
67 --
68 #Joseph
69 GPG KeyID: ED0E1FB7

Replies

Subject Author
Re: [gentoo-user] nxserver-freenx - user nx not allowed because account is locked Paul Hartman <paul.hartman+gentoo@×××××.com>