Re: [X2Go-Dev] [pkg-x2go-devel] Bug#784565: nx-libs-lite: parts are derived from non-free code
Hi Francesco, On Mi 06 Mai 2015 19:35:32 CEST, Francesco Poli (wintermute) wrote: Package: nx-libs-lite Version: 3.5.0.27-1 Severity: serious Justification: Policy 2.2.1 Hello and thanks for maintaining this package in Debian! I noticed that the debian/copyright states: [...] | Parts of this software are derived from DXPC project. These copyright | notices apply to original DXPC code: | |Redistribution and use in source and binary forms are permitted provided |that the above copyright notice and this paragraph are duplicated in all |such forms. | |THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED |WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF |MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. | |Copyright (c) 1995,1996 Brian Pane |Copyright (c) 1996,1997 Zachary Vonler and Brian Pane |Copyright (c) 1999 Kevin Vigor and Brian Pane |Copyright (c) 2000,2001 Gian Filippo Pinzari and Brian Pane [...] This license lacks the permission to modify the DXPC code. Hence, the original DXPC code does not appear to comply with the DFSG. And the nx-libs-lite is in part derived from DXPC code. This basically means that nx-libs-lite includes parts which are non-free (as they are derived from non-modifiable code) and are also possibly legally undistributable (as they are non-modifiable, but actually modified). The combination with the rest of nx-libs-lite (which is GPL-licensed) may also be legally undistributable (since the license with no permission to modify is GPL-incompatible). If there's anything I misunderstood, please clarify. Otherwise, please address this issue as soon as possible. The copyright owners for the original DXPC code should be contacted and persuaded to re-license under GPL-compatible terms. Thanks for your time. Bye. Please follow-up with reading [1]. As it seems, dxpc has been long ago relicensed to BSD-2-clause (for v3.8.1 in/around 2002). I have no exact clue, if NoMachine forked prior to that (if they quote the old licensing terms, then probably they did). However, how do you see the situation considering that upstream changed to BSD-2-clause a long time ago. What approach do you propose for nx-libs-lite to get the issue fully fixed? Mike [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=142028 -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgp122gMY2ykE.pgp Description: Digitale PGP-Signatur ___ x2go-dev mailing list x2go-dev@lists.x2go.org http://lists.x2go.org/listinfo/x2go-dev
Re: [X2Go-Dev] [pkg-x2go-devel] Bug#784565: nx-libs-lite: parts are derived from non-free code
Hi Francesco, Cc:ing a couple of people/groups being affected by the below. On Mi 06 Mai 2015 19:35:32 CEST, Francesco Poli (wintermute) wrote: Package: nx-libs-lite Version: 3.5.0.27-1 Severity: serious Justification: Policy 2.2.1 Hello and thanks for maintaining this package in Debian! I noticed that the debian/copyright states: [...] | Parts of this software are derived from DXPC project. These copyright | notices apply to original DXPC code: | |Redistribution and use in source and binary forms are permitted provided |that the above copyright notice and this paragraph are duplicated in all |such forms. | |THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED |WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF |MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. | |Copyright (c) 1995,1996 Brian Pane |Copyright (c) 1996,1997 Zachary Vonler and Brian Pane |Copyright (c) 1999 Kevin Vigor and Brian Pane |Copyright (c) 2000,2001 Gian Filippo Pinzari and Brian Pane [...] This license lacks the permission to modify the DXPC code. Hence, the original DXPC code does not appear to comply with the DFSG. And the nx-libs-lite is in part derived from DXPC code. This basically means that nx-libs-lite includes parts which are non-free (as they are derived from non-modifiable code) and are also possibly legally undistributable (as they are non-modifiable, but actually modified). The combination with the rest of nx-libs-lite (which is GPL-licensed) may also be legally undistributable (since the license with no permission to modify is GPL-incompatible). If there's anything I misunderstood, please clarify. Otherwise, please address this issue as soon as possible. The copyright owners for the original DXPC code should be contacted and persuaded to re-license under GPL-compatible terms. Thanks for your time. Bye. I/we will investigate this asap. Thanks for bringing this up. Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgpTHpXivb5am.pgp Description: Digitale PGP-Signatur ___ x2go-dev mailing list x2go-dev@lists.x2go.org http://lists.x2go.org/listinfo/x2go-dev
Re: [X2Go-Dev] [pkg-x2go-devel] Bug#784565: nx-libs-lite: parts are derived from non-free code
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 hi everyone, looking at the current homepage of DXPC, the following can be found in their changelog http://www.vigor.nu/dxpc/CHANGES: 3.8.1 Release: [...] Changed license to BSD license. - -Stefan Am 11.05.2015 um 11:07 schrieb Mike Gabriel: Hi Francesco, Cc:ing a couple of people/groups being affected by the below. On Mi 06 Mai 2015 19:35:32 CEST, Francesco Poli (wintermute) wrote: Package: nx-libs-lite Version: 3.5.0.27-1 Severity: serious Justification: Policy 2.2.1 Hello and thanks for maintaining this package in Debian! I noticed that the debian/copyright states: [...] | Parts of this software are derived from DXPC project. These copyright | notices apply to original DXPC code: | | Redistribution and use in source and binary forms are permitted provided |that the above copyright notice and this paragraph are duplicated in all |such forms. | |THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED | WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF |MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. | | Copyright (c) 1995,1996 Brian Pane |Copyright (c) 1996,1997 Zachary Vonler and Brian Pane |Copyright (c) 1999 Kevin Vigor and Brian Pane |Copyright (c) 2000,2001 Gian Filippo Pinzari and Brian Pane [...] This license lacks the permission to modify the DXPC code. Hence, the original DXPC code does not appear to comply with the DFSG. And the nx-libs-lite is in part derived from DXPC code. This basically means that nx-libs-lite includes parts which are non-free (as they are derived from non-modifiable code) and are also possibly legally undistributable (as they are non-modifiable, but actually modified). The combination with the rest of nx-libs-lite (which is GPL-licensed) may also be legally undistributable (since the license with no permission to modify is GPL-incompatible). If there's anything I misunderstood, please clarify. Otherwise, please address this issue as soon as possible. The copyright owners for the original DXPC code should be contacted and persuaded to re-license under GPL-compatible terms. Thanks for your time. Bye. I/we will investigate this asap. Thanks for bringing this up. Greets, Mike ___ x2go-dev mailing list x2go-dev@lists.x2go.org http://lists.x2go.org/listinfo/x2go-dev - -- BAUR-ITCS UG (haftungsbeschränkt) Geschäftsführer: Stefan Baur Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364 Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJVUHRuAAoJEG7d9BjNvlEZsCYH/i0GArfIg0xNQ91srhMtMxVf NcaQ5uOJLLZ+e0WOcRMm5Kprg9f6uKQNFRo1dv9NCFNxjrpdR/5/LMmeSYxafIQA beoYbnuMMRBvcjoUN5ScGD/jjng/9VCiwviBVjUc6AhDebGjVone2OtaIXPoMELI ClKnDShC41qQpSUgEESUYHiIIptkkmSrIJS6Ostsby5rhT1mApv7ulBqVvADUKCX OtNZmG+O6Bvur63G2fBTrdQwZAed0+Q6/XlhfOkf5QNG4I9fd5KlrMDpSmO8w7Cm h4rVnveLS5+0afZXs9sImhNW4I7Ah8zh5sAUFNCGXEuO60XRRysUO4i1WjRgnZw= =sgsA -END PGP SIGNATURE- ___ x2go-dev mailing list x2go-dev@lists.x2go.org http://lists.x2go.org/listinfo/x2go-dev
[X2Go-Dev] Fwd: libssh 0.7.0
-- Forwarded message -- From: Andreas Schneider a...@cryptomilk.org Date: Mon, May 11, 2015 at 5:24 AM Subject: libssh 0.7.0 To: lib...@libssh.org Hello, we have finally a new libssh release [1]. This version has support for ed25519 private and public keys as they are supported by OpenSSH since version 6.5. We would like to release more often but libssh is a spare time project of Aris and me. It is great that a lot of people contributed to this release! Thanks to all people who sent patches or reported bugs! We have several things on the TODO list for the next version: a) Public API for known_hosts file parsing b) All tests should run with cwrap.org libraries c) Support chacha20-poly1...@openssh.com cipher d) Support for more MACs Help is appreciated :) [1] https://www.libssh.org/2015/05/11/libssh-0-7-0/ -- Andreas Schneider GPG-ID: CC014E3D www.cryptomilk.orga...@cryptomilk.org ___ x2go-dev mailing list x2go-dev@lists.x2go.org http://lists.x2go.org/listinfo/x2go-dev
[X2Go-Dev] Bug#859: Bug#859: Copy-paste limitations not working
Le 30/04/2015 19:21, Mihai Moldovan a écrit : On 27.04.2015 03:16 PM, Thibaut Pouzet wrote: I use x2go to connect to a remote machine for almost a year now. When I configured it last year, I put inside the file /etc/x2go/x2goagent.options the option : X2GO_NXAGENT_DEFAULT_OPTIONS=$ uname -a Linux rob.lbg.office.lyra 3.10.0-123.20.1.el7.x86_64 #1 SMP Thu Jan 29 18:05:33 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux Heh. Speaking of paste failures... That's probably not the real string. Mihai Well... Sorry, I meant the following : X2GO_NXAGENT_DEFAULT_OPTIONS=-clipboard client Cheers, -- Thibaut Pouzet Lyra Network Ingénieur Systèmes et Réseaux (+33) 5 31 22 40 08 www.lyra-network.com ___ x2go-dev mailing list x2go-dev@lists.x2go.org http://lists.x2go.org/listinfo/x2go-dev
Re: [X2Go-Dev] X2go Mac client and Red Hat 7 server
Tried this again and when I got to executing netstat -ant | grep ':18935' | wc -l the server returned the number 2, however the client still gave protocol mismatch: x2go-INFO-8 Starting connection to server: 127.0.0.1:18935 x2go-ERROR-2 Connection Error(Cannot connect to 127.0.0.1:18935): Protocol mismatch: On 5/11/15, 9:44 AM, Real, Elizabeth (392K) elizabeth.r...@jpl.nasa.gov wrote: if my previous message with the $(which sshd) line didn't produce any useful debug output, here's something else you could try. However, if you *did* get debug output from that previous step, there's no need to try the following as well. These are mainly connectivity tests. On the client's commandline, execute: ssh -L18935:128.149.23.102:22 128.149.23.102 If that connects, leave the ssh session running. Client connects and I¹m able to authenticate. Then, change your X2GoClient session to point to 127.0.0.1:18935 instead of 128.149.23.102:22 Try and see if it connects. (Expected result: Protocol mismatch error message) 2015-05-11 09:28:59.009 x2goclient[21467:1656748] modalSession has been exited prematurely - check for a reentrant call to endModalSession: x2go-INFO-8 Starting connection to server: 127.0.0.1:18935 x2go-ERROR-2 Connection Error(Cannot connect to 127.0.0.1:18935): Protocol mismatch: Close X2GoClient, close the SSH session, then repeat it like this: ssh -L18935:127.0.0.1:22 128.149.23.102 # ^ note the different IP here Try and see if it connects. (Expected result: Protocol mismatch error message) x2go-INFO-8 Starting connection to server: 127.0.0.1:18935 x2go-ERROR-2 Connection Error(Cannot connect to 127.0.0.1:18935): Protocol mismatch: Again, close X2GoClient, close the SSH session. Repeat with ssh -L18935:127.0.0.1:18935 128.149.23.102 # ^ note the different port number here Able to connect and authenticate verify that an SSHD is listening on the server by using the command netstat -ant | grep ':18935' | wc -l on the *server*. It should return a number greater than 0. Returned 0 Now, try to connect X2GoClient using 127.0.0.1:18935 again. 2015-05-11 09:36:04.970 x2goclient[21660:1659334] modalSession has been exited prematurely - check for a reentrant call to endModalSession: x2go-INFO-8 Starting connection to server: 127.0.0.1:18935 x2go-ERROR-2 Connection Error(Cannot connect to 127.0.0.1:18935): Connection refused On 5/11/15, 9:16 AM, Real, Elizabeth (392K) elizabeth.r...@jpl.nasa.gov wrote: See my replies below: When using sudo sshd -ddd -p 18935 like suggested by Mihai, I'm getting sshd re-exec requires execution with an absolute path and the shell prompt returns. I got this last Friday and figured the absolute path Which means there is no SSHD running on port 18935. (Verifiable with netstat -ant | grep ':18935' | wc -l - that should return a number greater than 0 if SSHD is running on Port 18935.) Returned the number 2 sudo $(which sshd) -ddd -p 18935 Leave that commandline window open, important debug information will appear there. # $(which sshd) -ddd -p 18935 debug2: load_server_config: filename /etc/ssh/sshd_config debug2: load_server_config: done config len = 848 debug2: parse_server_config: config /etc/ssh/sshd_config len 848 debug3: /etc/ssh/sshd_config:28 setting HostKey /etc/ssh/ssh_host_rsa_key debug3: /etc/ssh/sshd_config:30 setting HostKey /etc/ssh/ssh_host_ecdsa_key debug3: /etc/ssh/sshd_config:42 setting SyslogFacility AUTHPRIV debug3: /etc/ssh/sshd_config:44 setting LogLevel VERBOSE debug3: /etc/ssh/sshd_config:56 setting MaxAuthTries 5 debug3: /etc/ssh/sshd_config:64 setting AuthorizedKeysFile .ssh/authorized_keys debug3: /etc/ssh/sshd_config:73 setting RhostsRSAAuthentication yes debug3: /etc/ssh/sshd_config:76 setting HostbasedAuthentication yes debug3: /etc/ssh/sshd_config:82 setting IgnoreRhosts no debug3: /etc/ssh/sshd_config:87 setting PasswordAuthentication yes debug3: /etc/ssh/sshd_config:91 setting ChallengeResponseAuthentication yes debug3: /etc/ssh/sshd_config:102 setting GSSAPIAuthentication yes debug3: /etc/ssh/sshd_config:104 setting GSSAPICleanupCredentials yes debug3: /etc/ssh/sshd_config:120 setting UsePAM yes debug3: /etc/ssh/sshd_config:126 setting X11Forwarding yes debug3: /etc/ssh/sshd_config:133 setting UsePrivilegeSeparation sandbox debug3: /etc/ssh/sshd_config:149 setting Banner /etc/banners/sshd debug3: /etc/ssh/sshd_config:152 setting AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES debug3: /etc/ssh/sshd_config:153 setting AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT debug3: /etc/ssh/sshd_config:154 setting AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE debug3: /etc/ssh/sshd_config:155 setting AcceptEnv XMODIFIERS debug3: /etc/ssh/sshd_config:158 setting Subsystem sftp /usr/libexec/openssh/sftp-server debug1: sshd version OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013 debug3: Incorrect RSA1 identifier debug1:
Re: [X2Go-Dev] X2go Mac client and Red Hat 7 server
Permissions seem ok: Run the following command on the server: ls -lah /etc/ssh/*host* Please post that output to the list. -rw-r-. 1 root ssh_keys 227 Aug 21 2014 ssh_host_ecdsa_key -rw-r--r--. 1 root root 162 Aug 21 2014 ssh_host_ecdsa_key.pub -rw-r-. 1 root ssh_keys 1.7K Aug 21 2014 ssh_host_rsa_key -rw-r--r--. 1 root root 382 Aug 21 2014 ssh_host_rsa_key.pub Once you verified/fixed that, try running $(which sshd) -ddd -p 18935 again and check if at least the error message regarding the RSA key from above are gone. THE RSA key error came up again: debug1: sshd version OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013 debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type RSA debug3: Incorrect RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_rsa_key as a RSA1 public key debug1: private host key: #0 type 1 RSA debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type ECDSA debug3: Incorrect RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_ecdsa_key as a RSA1 public key debug1: private host key: #1 type 3 ECDSA debug1: rexec_argv[0]='/sbin/sshd' debug1: rexec_argv[1]='-ddd' debug1: rexec_argv[2]='-p' debug1: rexec_argv[3]='18935' debug3: oom_adjust_setup Set /proc/self/oom_score_adj from 0 to -1000 debug2: fd 3 setting O_NONBLOCK debug1: Bind to port 18935 on 0.0.0.0. Server listening on 0.0.0.0 port 18935. debug2: fd 4 setting O_NONBLOCK debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY debug1: Bind to port 18935 on ::. Server listening on :: port 18935. move and regenere rsa keys using the following command, as root: ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -rw-r-. 1 root ssh_keys 227 Aug 21 2014 ssh_host_ecdsa_key -rw-r--r--. 1 root root 162 Aug 21 2014 ssh_host_ecdsa_key.pub -rw---. 1 root root 1.7K May 11 13:46 ssh_host_rsa_key -rw-r--r--. 1 root root 404 May 11 13:46 ssh_host_rsa_key.pub Then perform the above checks again (presence of files, ownership, permissions) and verify that $(which sshd) -ddd -p 18935 no longer spits out the error message regarding the RSA key from above. SAME RSA key error :/ debug1: sshd version OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013 debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type RSA debug3: Incorrect RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_rsa_key as a RSA1 public key debug1: private host key: #0 type 1 RSA debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type ECDSA debug3: Incorrect RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_ecdsa_key as a RSA1 public key debug1: private host key: #1 type 3 ECDSA debug1: rexec_argv[0]='/sbin/sshd' debug1: rexec_argv[1]='-ddd' debug1: rexec_argv[2]='-p' debug1: rexec_argv[3]='18935' debug3: oom_adjust_setup Set /proc/self/oom_score_adj from 0 to -1000 debug2: fd 3 setting O_NONBLOCK debug1: Bind to port 18935 on 0.0.0.0. Server listening on 0.0.0.0 port 18935. debug2: fd 4 setting O_NONBLOCK debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY debug1: Bind to port 18935 on ::. Server listening on :: port 18935. On 5/11/15, 10:28 AM, Real, Elizabeth (392K) elizabeth.r...@jpl.nasa.gov wrote: Tried this again and when I got to executing netstat -ant | grep ':18935' | wc -l the server returned the number 2, however the client still gave protocol mismatch: x2go-INFO-8 Starting connection to server: 127.0.0.1:18935 x2go-ERROR-2 Connection Error(Cannot connect to 127.0.0.1:18935): Protocol mismatch: On 5/11/15, 9:44 AM, Real, Elizabeth (392K) elizabeth.r...@jpl.nasa.gov wrote: if my previous message with the $(which sshd) line didn't produce any useful debug output, here's something else you could try. However, if you *did* get debug output from that previous step, there's no need to try the following as well. These are mainly connectivity tests. On the client's commandline, execute: ssh -L18935:128.149.23.102:22 128.149.23.102 If that connects, leave the ssh session running. Client connects and I¹m able to authenticate. Then, change your X2GoClient session to point to 127.0.0.1:18935 instead of 128.149.23.102:22 Try and see if it connects. (Expected result: Protocol mismatch error message) 2015-05-11 09:28:59.009 x2goclient[21467:1656748] modalSession has been exited prematurely - check for a reentrant call to endModalSession: x2go-INFO-8 Starting connection to server: 127.0.0.1:18935 x2go-ERROR-2 Connection Error(Cannot connect to 127.0.0.1:18935): Protocol mismatch: Close X2GoClient, close the SSH session, then repeat it like this: ssh -L18935:127.0.0.1:22 128.149.23.102 # ^ note the different IP here Try and see if it connects. (Expected result: Protocol mismatch error message) x2go-INFO-8 Starting connection to server: 127.0.0.1:18935 x2go-ERROR-2 Connection Error(Cannot connect to 127.0.0.1:18935): Protocol mismatch: Again, close X2GoClient, close the SSH session. Repeat with
Re: [X2Go-Dev] [X2Go-User] Last Call! X2Go: The Gathering 2015, Registration ends in one week from today!
Sounds like your'e all having fun, wish I could join but funds and time don't allow travel at present. I recently upgraded both my workstation and server to Ububtu 15.04 and happy to report X2Go still works on both except that sound is broken on the server, but I don't think that is an X2Go issue but rather an issue with my using a different kernel and audio modules not loading. I'll chase it down while you're all relaxin' and having fun. -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_- Eskimo North Linux Friendly Internet Access, Shell Accounts, and Hosting. Knowledgeable human assistance, not telephone trees or script readers. See our web site: http://www.eskimo.com/ (206) 812-0051 or (800) 246-6874. On Mon, 11 May 2015, Stefan Baur wrote: Date: Mon, 11 May 2015 22:07:17 +0200 From: Stefan Baur x2go-m...@baur-itcs.de Reply-To: x2go-proj...@lists.x2go.org x2go-proj...@lists.x2go.org To: x2go-proj...@lists.x2go.org x2go-proj...@lists.x2go.org, x2go-dev@lists.x2go.org x2go-dev@lists.x2go.org, x2go-u...@lists.x2go.org x2go-u...@lists.x2go.org Subject: [X2Go-User] Last Call! X2Go: The Gathering 2015, Registration ends in one week from today! -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 +-+ | X2Go: The Gathering 2015 - 2015-06-19 - 2015-06-21 @ Linuxhotel | +-+ Hello, everyone! This is an update on the X2Go: The Gathering 2015 situation. ** Please pay special attention to the sections containing the ** ** word UPDATE in capital letters. ** Registration ends in one week from today! UPDATE: All beds are booked out by our ten participants! These are, in alphabetical order: - - Alonso, Nicolas Arenas (TheQVD) - - Baur, Stefan (BAUR-ITCS) - - DePaulo, Michael Swinick - - Fleten, Kjetil Andre (fleten.net) - - Gabriel, Mike (DAS-NETZWERKTEAM) - - Heinold, Henning - - Martinez, Nito (TheQVD) - - Moldovan, Mihai (BAUR-ITCS) - - Pedersen-Cook, Mark (fleten.net) - - Wicke, Florian (Hetzner) UPDATE: Thanks to Florian Wicke's employer, Hetzner, we will be able to cover the accomodation costs of at least 4 participants, and we will probably spend the remaining money of Hetzner's sponsorship on food and/or travel expenses. Also, special thanks to Linuxhotel for jumping in and renewing their kind offer, as we had originally selected another location that didn't work out. If you still want to join us, you have the following options: - - You can bring your own sleeping bag and sleep on the conference room floor (in theory, bringing your own tent and setting it up on the lawn should work, too - it has been done before - but if you're really that desperate, please *do* tell me in advance that you're bringing a tent, so I can check back with the Linuxhotel owners). - - You can visit us on a day-by-day basis, sleeping elsewhere. - - UPDATE: You can ask me to be put on a waiting list, in case more beds become available. Regardless of which option you choose: Please DO contact me at x2go-m...@baur-itcs.de with the text The Gathering somewhere in the subject and bug me publicly on the X2Go-Project list if you don't receive a confirmation by e-mail after a day or two. For those sleeping elsewhere, there's no such hard deadline as for the room reservations, but you will need to check in (see Admission fee below) for our gathering with the Linuxhotel staff, so please *do* let us know in advance. *Cost overview* UPDATE: An overview of the costs, updated for people interested in taking the sleeping bag or day-to-day approach, is available at: http://wiki.x2go.org/doku.php/events:x2go-gathering-2015#cost_overview *Payment* UPDATE: You will have to pay in cash *on Saturday morning* - or *upon arriving at Linuxhotel*, if you're not staying over night. Sorry, we can't accept credit cards, debit cards, bitcoins or other forms of payment for this event - *cash only*. UPDATE: The only exception to the rule are wire transfers for those participants wanting to pay in advance. Also, all payments must be made in *Euro, not in foreign currencies*. If you wish to pay in advance, please contact me via E-Mail at x2go-m...@baur-itcs.de for the SEPA banking details. *Lunch/Dinner/BBQ* UPDATE: We have reached critical mass so that we could order lunch/dinner from Linuxhotel as well, if all participants agree. Dear participants: Please let me know whether you would like to [ ] have lunch served by Linuxhotel on [ ] Saturday [ ] Sunday [ ] both [ ] have dinner served by Linuxhotel on Saturday [ ] have dinner at Unperfekthaus on Saturday, like last year [ ] bring your own food/order pizza/fire up the BBQ whenever you want I need your answer by 2015-05-18, so I can make the proper reservations and arrangements!!! Linuxhotel charges 5 EUR per person and lunch/dinner, however, you can expect a discount on that
Re: [X2Go-Dev] X2go Mac client and Red Hat 7 server
Permissions seem ok: Run the following command on the server: ls -lah /etc/ssh/*host* Please post that output to the list. -rw-r-. 1 root ssh_keys 227 Aug 21 2014 ssh_host_ecdsa_key -rw-r--r--. 1 root root 162 Aug 21 2014 ssh_host_ecdsa_key.pub -rw-r-. 1 root ssh_keys 1.7K Aug 21 2014 ssh_host_rsa_key -rw-r--r--. 1 root root 382 Aug 21 2014 ssh_host_rsa_key.pub Once you verified/fixed that, try running $(which sshd) -ddd -p 18935 again and check if at least the error message regarding the RSA key from above are gone. THE RSA key error came up again: debug1: sshd version OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013 debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type RSA debug3: Incorrect RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_rsa_key as a RSA1 public key debug1: private host key: #0 type 1 RSA debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type ECDSA debug3: Incorrect RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_ecdsa_key as a RSA1 public key debug1: private host key: #1 type 3 ECDSA debug1: rexec_argv[0]='/sbin/sshd' debug1: rexec_argv[1]='-ddd' debug1: rexec_argv[2]='-p' debug1: rexec_argv[3]='18935' debug3: oom_adjust_setup Set /proc/self/oom_score_adj from 0 to -1000 debug2: fd 3 setting O_NONBLOCK debug1: Bind to port 18935 on 0.0.0.0. Server listening on 0.0.0.0 port 18935. debug2: fd 4 setting O_NONBLOCK debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY debug1: Bind to port 18935 on ::. Server listening on :: port 18935. move and regenere rsa keys using the following command, as root: ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -rw-r-. 1 root ssh_keys 227 Aug 21 2014 ssh_host_ecdsa_key -rw-r--r--. 1 root root 162 Aug 21 2014 ssh_host_ecdsa_key.pub -rw---. 1 root root 1.7K May 11 13:46 ssh_host_rsa_key -rw-r--r--. 1 root root 404 May 11 13:46 ssh_host_rsa_key.pub Then perform the above checks again (presence of files, ownership, permissions) and verify that $(which sshd) -ddd -p 18935 no longer spits out the error message regarding the RSA key from above. SAME RSA key error :/ # $(which sshd) -ddd -p 18935 debug2: load_server_config: filename /etc/ssh/sshd_config debug2: load_server_config: done config len = 848 debug2: parse_server_config: config /etc/ssh/sshd_config len 848 debug3: /etc/ssh/sshd_config:28 setting HostKey /etc/ssh/ssh_host_rsa_key debug3: /etc/ssh/sshd_config:30 setting HostKey /etc/ssh/ssh_host_ecdsa_key debug3: /etc/ssh/sshd_config:42 setting SyslogFacility AUTHPRIV debug3: /etc/ssh/sshd_config:44 setting LogLevel VERBOSE debug3: /etc/ssh/sshd_config:56 setting MaxAuthTries 5 debug3: /etc/ssh/sshd_config:64 setting AuthorizedKeysFile .ssh/authorized_keys debug3: /etc/ssh/sshd_config:73 setting RhostsRSAAuthentication yes debug3: /etc/ssh/sshd_config:76 setting HostbasedAuthentication yes debug3: /etc/ssh/sshd_config:82 setting IgnoreRhosts no debug3: /etc/ssh/sshd_config:87 setting PasswordAuthentication yes debug3: /etc/ssh/sshd_config:91 setting ChallengeResponseAuthentication yes debug3: /etc/ssh/sshd_config:102 setting GSSAPIAuthentication yes debug3: /etc/ssh/sshd_config:104 setting GSSAPICleanupCredentials yes debug3: /etc/ssh/sshd_config:120 setting UsePAM yes debug3: /etc/ssh/sshd_config:126 setting X11Forwarding yes debug3: /etc/ssh/sshd_config:133 setting UsePrivilegeSeparation sandbox debug3: /etc/ssh/sshd_config:149 setting Banner /etc/banners/sshd debug3: /etc/ssh/sshd_config:152 setting AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES debug3: /etc/ssh/sshd_config:153 setting AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT debug3: /etc/ssh/sshd_config:154 setting AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE debug3: /etc/ssh/sshd_config:155 setting AcceptEnv XMODIFIERS debug3: /etc/ssh/sshd_config:158 setting Subsystem sftp/usr/libexec/openssh/sftp-server debug1: sshd version OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013 debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type RSA debug3: Incorrect RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_rsa_key as a RSA1 public key debug1: private host key: #0 type 1 RSA debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type ECDSA debug3: Incorrect RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_ecdsa_key as a RSA1 public key debug1: private host key: #1 type 3 ECDSA debug1: rexec_argv[0]='/sbin/sshd' debug1: rexec_argv[1]='-ddd' debug1: rexec_argv[2]='-p' debug1: rexec_argv[3]='18935' debug3: oom_adjust_setup Set /proc/self/oom_score_adj from 0 to -1000 debug2: fd 3 setting O_NONBLOCK debug1: Bind to port 18935 on 0.0.0.0. Server listening on 0.0.0.0 port 18935. debug2: fd 4 setting O_NONBLOCK debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY debug1: Bind to port 18935 on ::. Server listening on :: port 18935. On 5/11/15, 10:28 AM, Real, Elizabeth
[X2Go-Dev] Last Call! X2Go: The Gathering 2015, Registration ends in one week from today!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 +-+ | X2Go: The Gathering 2015 - 2015-06-19 - 2015-06-21 @ Linuxhotel | +-+ Hello, everyone! This is an update on the X2Go: The Gathering 2015 situation. ** Please pay special attention to the sections containing the ** ** word UPDATE in capital letters. ** Registration ends in one week from today! UPDATE: All beds are booked out by our ten participants! These are, in alphabetical order: - - Alonso, Nicolas Arenas (TheQVD) - - Baur, Stefan (BAUR-ITCS) - - DePaulo, Michael Swinick - - Fleten, Kjetil Andre (fleten.net) - - Gabriel, Mike (DAS-NETZWERKTEAM) - - Heinold, Henning - - Martinez, Nito (TheQVD) - - Moldovan, Mihai (BAUR-ITCS) - - Pedersen-Cook, Mark (fleten.net) - - Wicke, Florian (Hetzner) UPDATE: Thanks to Florian Wicke's employer, Hetzner, we will be able to cover the accomodation costs of at least 4 participants, and we will probably spend the remaining money of Hetzner's sponsorship on food and/or travel expenses. Also, special thanks to Linuxhotel for jumping in and renewing their kind offer, as we had originally selected another location that didn't work out. If you still want to join us, you have the following options: - - You can bring your own sleeping bag and sleep on the conference room floor (in theory, bringing your own tent and setting it up on the lawn should work, too - it has been done before - but if you're really that desperate, please *do* tell me in advance that you're bringing a tent, so I can check back with the Linuxhotel owners). - - You can visit us on a day-by-day basis, sleeping elsewhere. - - UPDATE: You can ask me to be put on a waiting list, in case more beds become available. Regardless of which option you choose: Please DO contact me at x2go-m...@baur-itcs.de with the text The Gathering somewhere in the subject and bug me publicly on the X2Go-Project list if you don't receive a confirmation by e-mail after a day or two. For those sleeping elsewhere, there's no such hard deadline as for the room reservations, but you will need to check in (see Admission fee below) for our gathering with the Linuxhotel staff, so please *do* let us know in advance. *Cost overview* UPDATE: An overview of the costs, updated for people interested in taking the sleeping bag or day-to-day approach, is available at: http://wiki.x2go.org/doku.php/events:x2go-gathering-2015#cost_overview *Payment* UPDATE: You will have to pay in cash *on Saturday morning* - or *upon arriving at Linuxhotel*, if you're not staying over night. Sorry, we can't accept credit cards, debit cards, bitcoins or other forms of payment for this event - *cash only*. UPDATE: The only exception to the rule are wire transfers for those participants wanting to pay in advance. Also, all payments must be made in *Euro, not in foreign currencies*. If you wish to pay in advance, please contact me via E-Mail at x2go-m...@baur-itcs.de for the SEPA banking details. *Lunch/Dinner/BBQ* UPDATE: We have reached critical mass so that we could order lunch/dinner from Linuxhotel as well, if all participants agree. Dear participants: Please let me know whether you would like to [ ] have lunch served by Linuxhotel on [ ] Saturday [ ] Sunday [ ] both [ ] have dinner served by Linuxhotel on Saturday [ ] have dinner at Unperfekthaus on Saturday, like last year [ ] bring your own food/order pizza/fire up the BBQ whenever you want I need your answer by 2015-05-18, so I can make the proper reservations and arrangements!!! Linuxhotel charges 5 EUR per person and lunch/dinner, however, you can expect a discount on that due to the Hetzner sponsorship. Dinner at Unperfekthaus is 15,90 EUR minimum (for 1 hour), 4 EUR extra if you want to extend your stay to a total of 5 hours. Mihai: Bring your student ID for a discount. *Event schedule* The event schedule is still in the making. Note that this year, we will have the option to split up into smaller groups in different rooms for more effective co-working on individual topics, hands-on demonstrations, and for side-topic presentations that may not be of interest to the entire group. Please let me know if you would like to volunteer for a presentation/talk!!! E-Mail me at x2go-m...@baur-itcs.de So far, we have two or three topics by Mike#1, one by Mike#2, one by me (probably/hopefully together with Mike#1), and something like 2-4 topics by the TheQVD foilks. As always, we will be updating the Wiki page http://wiki.x2go.org/doku.php/events:x2go-gathering-2015 as more information becomes available. Sincerely, Stefan Baur, X2Go: The Gathering event organizer - -- BAUR-ITCS UG (haftungsbeschränkt) Geschäftsführer: Stefan Baur Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364 Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243 -BEGIN PGP
Re: [X2Go-Dev] [pkg-x2go-devel] Bug#784565: nx-libs-lite: parts are derived from non-free code
On Mon, 11 May 2015 09:26:36 + Mike Gabriel wrote: [...] As it seems, dxpc has been long ago relicensed to BSD-2-clause (for v3.8.1 in/around 2002). This is great news, indeed! I have no exact clue, if NoMachine forked prior to that (if they quote the old licensing terms, then probably they did). Yep, it's plausible... However, how do you see the situation considering that upstream changed to BSD-2-clause a long time ago. What approach do you propose for nx-libs-lite to get the issue fully fixed? If the fork has been performed before the DXPC re-licensing (as it's likely), I see two possible strategies: (A) someone gets in touch with DXPC copyright owners and asks them whether the re-licensing may be considered retroactive (applicable to older versions of DXPC); in case the answer is negative, DXPC copyright owners should be persuaded to make the re-licensing retroactive (B) nx-libs-lite upstream developers re-fork from scratch, basing the new code on a BSD-licensed version of DXPC (I suspect this may turn out to be somewhat painful...) Obviously, the optimal solution is (A). I hope it may work... Thanks for your time and for your prompt and kind replies. -- http://www.inventati.org/frx/ There's not a second to spare! To the laboratory! . Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE pgpZrBaGaocAM.pgp Description: PGP signature ___ x2go-dev mailing list x2go-dev@lists.x2go.org http://lists.x2go.org/listinfo/x2go-dev
[X2Go-Dev] Bug#845: Bug#845: Bug#845: Intentional forced language?
On 05.05.2015 10:52 AM, Jaakko Haavisto wrote: Tested that nightly build by uninstalling the old x2go client and then installing that nightly build. It seems that the fix doesn't work because x2go is still in Finnish language. That was Qt fighting back. I believe I finally beat it into submission. Please try http://code.x2go.org/releases/binary-win32/x2goclient/heuler/mingw32-4.8/qt-4.8/x2goclient-4.0.4.0-2015.05.12-181fc10-setup.exe Mihai signature.asc Description: OpenPGP digital signature ___ x2go-dev mailing list x2go-dev@lists.x2go.org http://lists.x2go.org/listinfo/x2go-dev
Re: [X2Go-Dev] [X2Go-User] Last Call! X2Go: The Gathering 2015, Registration ends in one week from today!
I'm caught up working on firewall rules. We experienced a DoS attack of sufficient intensity to take us offline for three hours saturday morning. Part of the problem was the way I had our firewall setup so it was filtering on interfaces outgoing rather than incoming. That meant all the bogus traffic crossed the system bus and ate CPU on the router. I've been working on a fix for that since and got behind on other work. Once I get caught up I'll sort out whether it's a client or server issue (I have other servers that are known working) and go from there. Thanks for the info and hope all goes well. -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_- Eskimo North Linux Friendly Internet Access, Shell Accounts, and Hosting. Knowledgeable human assistance, not telephone trees or script readers. See our web site: http://www.eskimo.com/ (206) 812-0051 or (800) 246-6874. On Tue, 12 May 2015, Mihai Moldovan wrote: Date: Tue, 12 May 2015 05:14:37 +0200 From: Mihai Moldovan io...@ionic.de To: Robert Dinse nan...@eskimo.com, x2go-proj...@lists.x2go.org x2go-proj...@lists.x2go.org Cc: x2go-dev@lists.x2go.org x2go-dev@lists.x2go.org, x2go-u...@lists.x2go.org x2go-u...@lists.x2go.org Subject: Re: [X2Go-Dev] [X2Go-User] Last Call! X2Go: The Gathering 2015, Registration ends in one week from today! On 11.05.2015 10:22 PM, Robert Dinse wrote: Sounds like your'e all having fun, wish I could join but funds and time don't allow travel at present. I'd actually love to have YOU around. Hope we'll be able to meet up some time. I recently upgraded both my workstation and server to Ububtu 15.04 and happy to report X2Go still works on both except that sound is broken on the server, but I don't think that is an X2Go issue but rather an issue with my using a different kernel and audio modules not loading. I'll chase it down while you're all relaxin' and having fun. It's actually a client problem, I think. If 15.05 ships libpulse-6 and you're using the release build of X2Go Client, that's broken. As a workaround, please try the nightly builds. Mihai ___ x2go-dev mailing list x2go-dev@lists.x2go.org http://lists.x2go.org/listinfo/x2go-dev
Re: [X2Go-Dev] [pkg-x2go-devel] Bug#784565: nx-libs-lite: parts are derived from non-free code
Hi Francesco, On Mo 11 Mai 2015 21:36:59 CEST, Francesco Poli wrote: On Mon, 11 May 2015 09:26:36 + Mike Gabriel wrote: [...] As it seems, dxpc has been long ago relicensed to BSD-2-clause (for v3.8.1 in/around 2002). This is great news, indeed! I have no exact clue, if NoMachine forked prior to that (if they quote the old licensing terms, then probably they did). Yep, it's plausible... However, how do you see the situation considering that upstream changed to BSD-2-clause a long time ago. What approach do you propose for nx-libs-lite to get the issue fully fixed? If the fork has been performed before the DXPC re-licensing (as it's likely), I see two possible strategies: (A) someone gets in touch with DXPC copyright owners and asks them whether the re-licensing may be considered retroactive (applicable to older versions of DXPC); in case the answer is negative, DXPC copyright owners should be persuaded to make the re-licensing retroactive This is the way to go, I will pull in Kevin Vigor (the upstream author of DXPC) into this thread with my next email. (B) nx-libs-lite upstream developers re-fork from scratch, basing the new code on a BSD-licensed version of DXPC (I suspect this may turn out to be somewhat painful...) Yeah, indeed painful. Obviously, the optimal solution is (A). I hope it may work... Thanks for your time and for your prompt and kind replies. Also, Michael DePaulo, one of the upstream NX maintainers noted that DXPC simply used a previous version of the BSD license, see [1]. The weakness of that ancient license template is that modification is not explictily allowed, but neither forbidden. I think, regarding the historical usage of the BSD license predecessor and the switch to BSD-2-clause should be fine already (I am not a lawyer, though). I will contact DXPC upstream nonetheless and ask for a statement. Greets, Mike [1] http://en.wikipedia.org/wiki/BSD_licenses#Previous_license -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgpSqxHIrkY60.pgp Description: Digitale PGP-Signatur ___ x2go-dev mailing list x2go-dev@lists.x2go.org http://lists.x2go.org/listinfo/x2go-dev
Re: [X2Go-Dev] X2go Mac client and Red Hat 7 server
On 11.05.2015 11:41 PM, Real, Elizabeth (392K) wrote: Permissions seem ok: -rw-r-. 1 root ssh_keys 227 Aug 21 2014 ssh_host_ecdsa_key -rw-r--r--. 1 root root 162 Aug 21 2014 ssh_host_ecdsa_key.pub -rw-r-. 1 root ssh_keys 1.7K Aug 21 2014 ssh_host_rsa_key -rw-r--r--. 1 root root 382 Aug 21 2014 ssh_host_rsa_key.pub Also looked like that on my RH 7 machine. It's weird that the private keys have group-readable permissions, especially given that the sshd_config man page states Note that sshd(8) will refuse to use a file if it is group/world-accessible. It doesn't seem like sshd cares too much, though. It still loads up the private key and seems to ignore the faulty permissions. I assume the daemon has been patched by Red Hat to support this. THE RSA key error came up again: debug1: sshd version OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013 debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type RSA debug3: Incorrect RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_rsa_key as a RSA1 public key debug1: private host key: #0 type 1 RSA debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type ECDSA debug3: Incorrect RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_ecdsa_key as a RSA1 public key I think we are all misinterpreting the error. Naturally, /etc/ssh/ssh_host_rsa_key is NOT a public key, but a private key, so the error message is accurate. It loaded up the private key correctly: debug1: private host key: #0 type 1 RSA FWIW, the same error message(s) show up on Ubuntu machines, so I guess that's not the problem. What is currently still missing (or have I just overlooked it?) is the sshd output for a connection attempt via X2Go Client. Can you please provide that? Mihai signature.asc Description: OpenPGP digital signature ___ x2go-dev mailing list x2go-dev@lists.x2go.org http://lists.x2go.org/listinfo/x2go-dev
Re: [X2Go-Dev] [pkg-x2go-devel] Bug#784565: nx-libs-lite: parts are derived from non-free code
Dear Kevin, (I Cc: several people involved in this, also the X2Go development mailing list...) [If you feel unconfortable with discussing the details / the impact of the below in public, feel free to answer to me directly first with questions and concerns, before answering to all people who are listed in Cc:.] Someone from the Debian legal team recently brought up a license issue discovered in nx-libs 3.x series. TL;DR; Suggested by Francesco Poli from the Debian legal team: (A) someone gets in touch with DXPC copyright owners and asks them whether the re-licensing [in 2002] may be considered retroactive (applicable to older versions of DXPC); in case the answer is negative, DXPC copyright owners should be persuaded to make the re-licensing retroactive The person contacting you about the above question is me. Mike Gabriel, Debian Developer and one of the current upstream maintainers of nx-libs 3.x (previously also know as NX redistributed for X2Go) [1]. This issue requires some time of reading from you and (hopefully) a public statement, that the original DXPC code can be considered as BSD-2-clause (the current license) also for released versions prior 2002 when the ancient BSD license template [2] was still shipped with DXPC. For a complete follow-up, please check Debian bug #784565 [3]. We are aware that NoMachine forked DXPC at some early stage around the year 2000 and wrote their own commercial product around it. Obviously, this fork happened before 2002 (i.e., before DXPC release 3.8.1), as libxcomp3 in NoMachine's NX ships the previously used BSD license template. I am not sure, if that fork was easy for you or actually a nuisance. I may only guess at this point. I'd be happy to know more (maybe not in this mail thread, though). NoMachine has stopped publishing NXv3 updates a couple of years ago (2011 IIRC), now. The maintenance has been moved into the hands of the currently available FLOSS projects X2Go, Arctica Project [NEW] and TheQVD. Some of us are running a business model on top of that (consultancy, support contracts, feature development contracts), some of us spend a lot of their free time on improving / maintaining nx-libs (as we call NoMachine's NXv3 at the moment). To outline the impact of my mail clearly: If you say that it was not legal by NoMachine to fork DXPC at the given time (before 2002), then all FLOSS remote desktop / remote application would be in real trouble, because then the core component of their software projects could not be considered as free (as in DFSG, Debian free software guidelines[4]) anymore. Also the code changes originally performed by NoMachine might have been illegal in the first place. All current maintenance activities and also planned future development on nx-libs would become questionable. Thus, I hope you can chime in on this: Dear developers of nx-libs, please assume the BSD-2-license as retroactive and applicable to DXPC version earlier than 3.8.1. As the copyright holder, I agree with modifications of code bases that originate before the change to BSD-2-clause license got introduced in 3.8.1 of DXPC. And... I will bring up that question later (but it is burning under my nails)... Be sure: The nx-libs maintainers would be happy to have the original DXPC author on the nx-libs developer team. But I will bring up that question later (when this very issue is settled). ;-) Greets, Mike [1] https://github.com/ArcticaProject/nx-libs [2] http://en.wikipedia.org/wiki/BSD_licenses#Previous_license [3] http://bugs.debian.org/784565 [4] http://de.wikipedia.org/wiki/Debian_Free_Software_Guidelines On Mo 11 Mai 2015 21:36:59 CEST, Francesco Poli wrote: On Mon, 11 May 2015 09:26:36 + Mike Gabriel wrote: [...] As it seems, dxpc has been long ago relicensed to BSD-2-clause (for v3.8.1 in/around 2002). This is great news, indeed! I have no exact clue, if NoMachine forked prior to that (if they quote the old licensing terms, then probably they did). Yep, it's plausible... However, how do you see the situation considering that upstream changed to BSD-2-clause a long time ago. What approach do you propose for nx-libs-lite to get the issue fully fixed? If the fork has been performed before the DXPC re-licensing (as it's likely), I see two possible strategies: (A) someone gets in touch with DXPC copyright owners and asks them whether the re-licensing may be considered retroactive (applicable to older versions of DXPC); in case the answer is negative, DXPC copyright owners should be persuaded to make the re-licensing retroactive (B) nx-libs-lite upstream developers re-fork from scratch, basing the new code on a BSD-licensed version of DXPC (I suspect this may turn out to be somewhat painful...) Obviously, the optimal solution is (A). I hope it may work... Thanks for your time and for your prompt and kind replies. -- DAS-NETZWERKTEAM
Re: [X2Go-Dev] X2go Mac client and Red Hat 7 server
On 12.05.2015 01:31 AM, Real, Elizabeth (392K) wrote: Here¹s the client output: SSH PORT 18935: 2015-05-11 16:28:58.651 x2goclient[23725:1861306] modalSession has been exited prematurely - check for a reentrant call to endModalSession: x2go-INFO-8 Starting connection to server: 128.149.23.102:18935 x2go-ERROR-2 Connection Error(Cannot connect to 128.149.23.102:18935): Connection refused 2015-05-11 16:29:12.653 x2goclient[23725:1861306] modalSession has been exited prematurely - check for a reentrant call to endModalSession: No, that won't help. Please start sshd manually on the server, I assume it's 128.149.23.102: ssh 128.149.23.102 /usr/sbin/sshd -ddd -p 18935 The client must be able to connect to the server/port, so please make sure that's possible. For instance by avoiding the firewall via an SSH tunnel as proposed by Stefan in an earlier mail (though his command was wrong): In another shell, run this command: ssh -L18935:128.149.23.102:18935 128.149.23.102 Then point the client to connect to 127.0.0.1:18935 Try to connect and post the *SSH server* debug output you should now have gathered in the first shell. Mihai P.S.: sorry for the intermingled stuff you have to do, but I hope the SSH server debug output will be helpful... signature.asc Description: OpenPGP digital signature ___ x2go-dev mailing list x2go-dev@lists.x2go.org http://lists.x2go.org/listinfo/x2go-dev
Re: [X2Go-Dev] X2go Mac client and Red Hat 7 server
Here are the outputs from RH7 server and Mac client: RH7 server: # /usr/sbin/sshd -ddd -p 18935 debug2: load_server_config: filename /etc/ssh/sshd_config debug2: load_server_config: done config len = 848 debug2: parse_server_config: config /etc/ssh/sshd_config len 848 debug3: /etc/ssh/sshd_config:28 setting HostKey /etc/ssh/ssh_host_rsa_key debug3: /etc/ssh/sshd_config:30 setting HostKey /etc/ssh/ssh_host_ecdsa_key debug3: /etc/ssh/sshd_config:42 setting SyslogFacility AUTHPRIV debug3: /etc/ssh/sshd_config:44 setting LogLevel VERBOSE debug3: /etc/ssh/sshd_config:56 setting MaxAuthTries 5 debug3: /etc/ssh/sshd_config:64 setting AuthorizedKeysFile .ssh/authorized_keys debug3: /etc/ssh/sshd_config:73 setting RhostsRSAAuthentication yes debug3: /etc/ssh/sshd_config:76 setting HostbasedAuthentication yes debug3: /etc/ssh/sshd_config:82 setting IgnoreRhosts no debug3: /etc/ssh/sshd_config:87 setting PasswordAuthentication yes debug3: /etc/ssh/sshd_config:91 setting ChallengeResponseAuthentication yes debug3: /etc/ssh/sshd_config:102 setting GSSAPIAuthentication yes debug3: /etc/ssh/sshd_config:104 setting GSSAPICleanupCredentials yes debug3: /etc/ssh/sshd_config:120 setting UsePAM yes debug3: /etc/ssh/sshd_config:126 setting X11Forwarding yes debug3: /etc/ssh/sshd_config:133 setting UsePrivilegeSeparation sandbox debug3: /etc/ssh/sshd_config:149 setting Banner /etc/banners/sshd debug3: /etc/ssh/sshd_config:152 setting AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES debug3: /etc/ssh/sshd_config:153 setting AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT debug3: /etc/ssh/sshd_config:154 setting AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE debug3: /etc/ssh/sshd_config:155 setting AcceptEnv XMODIFIERS debug3: /etc/ssh/sshd_config:158 setting Subsystem sftp /usr/libexec/openssh/sftp-server debug1: sshd version OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013 debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type RSA debug3: Incorrect RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_rsa_key as a RSA1 public key debug1: private host key: #0 type 1 RSA debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type ECDSA debug3: Incorrect RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_ecdsa_key as a RSA1 public key debug1: private host key: #1 type 3 ECDSA debug1: rexec_argv[0]='/usr/sbin/sshd' debug1: rexec_argv[1]='-ddd' debug1: rexec_argv[2]='-p' debug1: rexec_argv[3]='18935' debug3: oom_adjust_setup Set /proc/self/oom_score_adj from 0 to -1000 debug2: fd 3 setting O_NONBLOCK debug1: Bind to port 18935 on 0.0.0.0. Server listening on 0.0.0.0 port 18935. debug2: fd 4 setting O_NONBLOCK debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY debug1: Bind to port 18935 on ::. Server listening on :: port 18935. Mac client: % ssh -p 18935 root@joey ssh: connect to host joey port 18935: Connection refused From: Real, Elizabeth (392K) Sent: Thursday, May 07, 2015 3:23 PM To: Mihai Moldovan; x2go-dev@lists.x2go.org Subject: Re: [X2Go-Dev] X2go Mac client and Red Hat 7 server RH7 server: setup debug and set sshd port 18935 Client: configured x2goclient to connect to port 18935 but got connection refused x2go-INFO-8 Starting connection to server: 128.149.23.102:18935 x2go-ERROR-2 Connection Error(Cannot connect to 128.149.23.102:18935): Connection refused On 5/7/15, 12:41 PM, Mihai Moldovan io...@ionic.de wrote: On 06.05.2015 11:55 PM, Real, Elizabeth (392K) wrote: Any other ideas? No new information and you have done nothing wrong. Looks like you will need to get your hands dirty. Please start sshd manually as root on the RH 7 machine: sudo sshd -ddd -p 18935 It should be running in the foreground, outputting debug information and listening on port 18935 (feel free to change this to whatever you feel suitable, it doesn't matter as long it as the port is unused and not colling with anything else you might use. Then, configure x2goclient to connect to that port and start a session. You should see additional debug information printed by sshd... hopefully hinting at what might have gone awry. Mihai ___ x2go-dev mailing list x2go-dev@lists.x2go.org http://lists.x2go.org/listinfo/x2go-dev
Re: [X2Go-Dev] X2go Mac client and Red Hat 7 server
if my previous message with the $(which sshd) line didn't produce any useful debug output, here's something else you could try. However, if you *did* get debug output from that previous step, there's no need to try the following as well. These are mainly connectivity tests. On the client's commandline, execute: ssh -L18935:128.149.23.102:22 128.149.23.102 If that connects, leave the ssh session running. Client connects and I¹m able to authenticate. Then, change your X2GoClient session to point to 127.0.0.1:18935 instead of 128.149.23.102:22 Try and see if it connects. (Expected result: Protocol mismatch error message) 2015-05-11 09:28:59.009 x2goclient[21467:1656748] modalSession has been exited prematurely - check for a reentrant call to endModalSession: x2go-INFO-8 Starting connection to server: 127.0.0.1:18935 x2go-ERROR-2 Connection Error(Cannot connect to 127.0.0.1:18935): Protocol mismatch: Close X2GoClient, close the SSH session, then repeat it like this: ssh -L18935:127.0.0.1:22 128.149.23.102 # ^ note the different IP here Try and see if it connects. (Expected result: Protocol mismatch error message) x2go-INFO-8 Starting connection to server: 127.0.0.1:18935 x2go-ERROR-2 Connection Error(Cannot connect to 127.0.0.1:18935): Protocol mismatch: Again, close X2GoClient, close the SSH session. Repeat with ssh -L18935:127.0.0.1:18935 128.149.23.102 # ^ note the different port number here Able to connect and authenticate verify that an SSHD is listening on the server by using the command netstat -ant | grep ':18935' | wc -l on the *server*. It should return a number greater than 0. Returned 0 Now, try to connect X2GoClient using 127.0.0.1:18935 again. 2015-05-11 09:36:04.970 x2goclient[21660:1659334] modalSession has been exited prematurely - check for a reentrant call to endModalSession: x2go-INFO-8 Starting connection to server: 127.0.0.1:18935 x2go-ERROR-2 Connection Error(Cannot connect to 127.0.0.1:18935): Connection refused On 5/11/15, 9:16 AM, Real, Elizabeth (392K) elizabeth.r...@jpl.nasa.gov wrote: See my replies below: When using sudo sshd -ddd -p 18935 like suggested by Mihai, I'm getting sshd re-exec requires execution with an absolute path and the shell prompt returns. I got this last Friday and figured the absolute path Which means there is no SSHD running on port 18935. (Verifiable with netstat -ant | grep ':18935' | wc -l - that should return a number greater than 0 if SSHD is running on Port 18935.) Returned the number 2 sudo $(which sshd) -ddd -p 18935 Leave that commandline window open, important debug information will appear there. # $(which sshd) -ddd -p 18935 debug2: load_server_config: filename /etc/ssh/sshd_config debug2: load_server_config: done config len = 848 debug2: parse_server_config: config /etc/ssh/sshd_config len 848 debug3: /etc/ssh/sshd_config:28 setting HostKey /etc/ssh/ssh_host_rsa_key debug3: /etc/ssh/sshd_config:30 setting HostKey /etc/ssh/ssh_host_ecdsa_key debug3: /etc/ssh/sshd_config:42 setting SyslogFacility AUTHPRIV debug3: /etc/ssh/sshd_config:44 setting LogLevel VERBOSE debug3: /etc/ssh/sshd_config:56 setting MaxAuthTries 5 debug3: /etc/ssh/sshd_config:64 setting AuthorizedKeysFile .ssh/authorized_keys debug3: /etc/ssh/sshd_config:73 setting RhostsRSAAuthentication yes debug3: /etc/ssh/sshd_config:76 setting HostbasedAuthentication yes debug3: /etc/ssh/sshd_config:82 setting IgnoreRhosts no debug3: /etc/ssh/sshd_config:87 setting PasswordAuthentication yes debug3: /etc/ssh/sshd_config:91 setting ChallengeResponseAuthentication yes debug3: /etc/ssh/sshd_config:102 setting GSSAPIAuthentication yes debug3: /etc/ssh/sshd_config:104 setting GSSAPICleanupCredentials yes debug3: /etc/ssh/sshd_config:120 setting UsePAM yes debug3: /etc/ssh/sshd_config:126 setting X11Forwarding yes debug3: /etc/ssh/sshd_config:133 setting UsePrivilegeSeparation sandbox debug3: /etc/ssh/sshd_config:149 setting Banner /etc/banners/sshd debug3: /etc/ssh/sshd_config:152 setting AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES debug3: /etc/ssh/sshd_config:153 setting AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT debug3: /etc/ssh/sshd_config:154 setting AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE debug3: /etc/ssh/sshd_config:155 setting AcceptEnv XMODIFIERS debug3: /etc/ssh/sshd_config:158 setting Subsystem sftp /usr/libexec/openssh/sftp-server debug1: sshd version OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013 debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type RSA debug3: Incorrect RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_rsa_key as a RSA1 public key debug1: private host key: #0 type 1 RSA debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type ECDSA debug3: Incorrect RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_ecdsa_key as a RSA1 public key debug1: private host key:
