Problems with NX Server [SOLVED]
My Linode is up, running, and "happy." When connecting from home, NX connects, authenticates, and runs like a champ. At work is a different story.
My company uses a Microsoft ISA server to proxy all internet traffic (with authentication), and only allows ports 80, 8080, and 443. I can use putty and SSH directly into my Linode without any problems whatsoever on port 443. However, when I try to direct my NX client there it fails authentication without any details.
I have checked to see which ports SSH/NX is listening on. I have checked to make sure that the IP and public key are correct. I'm connecting with the static IP address so that I don't accidentally get the Lish shell.
…What am I doing wrong?
6 Replies
> I can use putty and SSH directly into my Linode without any problems whatsoever on port 443.
From work ? Everything ok within your linode logs when you ssh in (use -v with putty/ssh to see what's happening at your end). Nothing odd's happening at the ISA proxy ?
@mjrich:
I've never used NX, but for starters it would be worth checking the logs on your linode and NX client for clues, and enable verbose mode on the NX client.
I've checked through every log for NX I can think of, but they're anything but verbose. I'll see if there's a way to get NX to log more information.
@mjrich:
> I can use putty and SSH directly into my Linode without any problems whatsoever on port 443.
From work ? Everything ok within your linode logs when you ssh in (use -v with putty/ssh to see what's happening at your end). Nothing odd's happening at the ISA proxy ?
I know, it's really strange. I have no idea why putty would be able to connect flawlessly and NX wouldn't. They're both using ssh to connect/tunnel traffic, and both are on the same port. I'll see if I can check the putty output, but I don't think it's a problem with ssh; I'm putting my money on a problem with NX. That being said, I've used NX through my company's proxy with more than 5 other PCs and never had a single problem.
EDIT:
I was wrong in my first assumption. Essentially port 443 is a no-go from both locations. I can ssh to my Linode on 443 from both locations, but NX only works on port 22 from home. I'm able to NX to my home machine using 443. Can anyone think of why this wouldn't work on a Linode?
Assuming that SSHD is on 443, it sounds like you haven't set up your Linode nx server (freenx ?) to listen on that same port. According to a quick search, you need to edit /etc/nxserver/node.conf (uncomment #SSHD_PORT=22, and change appropriately). You should also be able to increase the verbosity of logging via this file. Check for overriding values in ~/.nx.
As a side note, you really need to be more precise with your posts. What distribution, packages, versions were you talking about ? Which locations ? The following needed several passes to make any sense at all: > I was wrong in my first assumption. Essentially port 443 is a no-go from both locations. I can ssh to my Linode on 443 from both locations, but NX only works on port 22 from home. I'm able to NX to my home machine using 443.
Anyway, good luck :)
I am attempting to connect to the Linode from two separate locations; home, and work. Home is a standard internet connection with router/firewall. Work connects through an ISA proxy that only allows traffic out via 443.
I have set sshd on the Linode to listen on port 443. I have set server.cfg to listen there as well, and restarted both services multiple times.
At home, my router simply redirects outside (in-bound) traffic from 443 to port 22, and I can NX to my home computer from work without trouble. When I try to connect to the Linode either from home or work via port 443 authentication fails every time.
I set the logging to level 7 to get more info, but I'm not seeing more information in the usual places (/var/log, /usr/NX/var/log, etc) so maybe I'm looking in the wrong places for that info?
I'm just wondering why when I attempt to connect via the standard ssh port everything works like it should, but then when I simply change the port to 443, it doesn't.
But then I thought that perhpas since it's the port for SSL perhaps apache was causing trouble, so I stopped it…it didn't change anything.