Discussion:
I can't log in into LDM | SL 6.1 thin client image
Radek Bursztynowski
2013-07-12 10:19:28 UTC
Permalink
Hello,

Owing to help a lot people at this discussion list I solved most of my problem with LTSP 5.4.5-23.
Remains only one at this moment.

I restored my older thin client image (Scintific Linux 6.1 i386). Thin client boots, I can use Windows with xfreerdp and rdesktop packages, but I can't log in to the system via LDM.

I executed ltsp-update-sshkes (with -u parameter too) but with no result.

Could anybody support me with this problem?

Best regards,
Radek
Barry Cisna
2013-07-12 11:05:19 UTC
Permalink
Radek,

On your server browse to the /tmp folder.
Delete all files ( as root) within the /tmp folder.
After deleting these files try and log into a thin client as a regular
user.
Also as a backup..try logging into a thin client as root and see if root
can do a log in to a thin client to your SL(older) image.

Barry
Radek Bursztynowski
2013-07-12 12:14:24 UTC
Permalink
Baryy,

It could be that I don't understand you exactly, so let me present my steps:

1. I log into my server as a root and I deleted all files from /tmp directory.
2. I rebooted my thin client.
3. I switched SCREEN on my thin client to xtermm.
4. Then: ssh -X ***@my_server
5. I logged into my server (I accepted certificate). Next I exited.
6. From my thin client (still xterm SCREEN)I made:
# su -
# ssh -X ***@my_server (I accepted certificate), and I logged into, next I exited.
7. I switched SCREEN to LDM.
8. Now I can log into as a regular user and root.

But it is temporary success because after rebooting thin client I lose certificate and still I couldn't log into.

How to save proper set-up?

Radek

---
Radek,

On your server browse to the /tmp folder.
Delete all files ( as root) within the /tmp folder.
After deleting these files try and log into a thin client as a regular
user.
Also as a backup..try logging into a thin client as root and see if root
can do a log in to a thin client to your SL(older) image.

Barry



_______________________________________________
K12OSN mailing list
***@redhat.com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>;
Burke Almquist
2013-07-12 21:38:05 UTC
Permalink
When I installed and booted thin clients from SL6.4 running the latest stable LTSP from the repo I didn't have to do any of this.
It should just work, if it doesn't, then we are missing something. Did you ever do ltsp-update-sshkeys?
Post by Radek Bursztynowski
Baryy,
1. I log into my server as a root and I deleted all files from /tmp directory.
2. I rebooted my thin client.
3. I switched SCREEN on my thin client to xtermm.
5. I logged into my server (I accepted certificate). Next I exited.
# su -
7. I switched SCREEN to LDM.
8. Now I can log into as a regular user and root.
But it is temporary success because after rebooting thin client I lose certificate and still I couldn't log into.
How to save proper set-up?
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>;
Barry Cisna
2013-07-15 17:45:49 UTC
Permalink
Radek

When you get toa point were a regular user can no longer do a login,,

Go to the /tmp folder,,,,,delete ALL files in the /tmp folder

# I use Webmin file browser for doing this,,
Now as that same user try doing a login,,,see if you get a successful
login...

Barry
Radek Bursztynowski
2013-07-15 21:22:55 UTC
Permalink
Barry,

Many thanks for your all support. I will be able to do it on Wednesday and I will report you.

Could you explain why Webmin, no rm (this I did on Friday with no result)?

Best regards,
Radek

---

Radek

When you get toa point were a regular user can no longer do a login,,

Go to the /tmp folder,,,,,delete ALL files in the /tmp folder

# I use Webmin file browser for doing this,,
Now as that same user try doing a login,,,see if you get a successful
login...

Barry


_______________________________________________
K12OSN mailing list
***@redhat.com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>;
Radek Bursztynowski
2013-07-17 08:50:30 UTC
Permalink
Barry,

Thanks again for interesting of my troubles and your patience to me.

It is my report.

Deleting all files from /tmp didn't help. But now I am more clever. In my opinion ltsp-update-sshkeys in LTSP 5.4 is not compatible with old thin clients.

Fortunately I have an old LTSP installation (K12 5.2), and I used ltsp-update-sshkeys -u ltsp-5.4-server on old installation, next I copied /opt/ltsp/chroot/etc/ssh/ssh_known_hosts exited on LTSP 5.2 server to /opt/ltsp/chroot/etc/ssh/ssh_known_hosts on LTSP 5.4 server.

After rebooting thin client all work fine - I can log in to the server via LDM.

But how to force ltsp-update-sshkeys from LTSP 5.4 to compatibility with Fedora 11, Scientific Linux 6.1 images?

Best regards,
Radek

----
Radek

When you get toa point were a regular user can no longer do a login,,

Go to the /tmp folder,,,,,delete ALL files in the /tmp folder

# I use Webmin file browser for doing this,,
Now as that same user try doing a login,,,see if you get a successful
login...

Barry


_______________________________________________
K12OSN mailing list
***@redhat.com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>;
e***@ekrotech.com
2013-07-19 20:05:12 UTC
Permalink
84a85,87
# Use ciphers known to the local system
KNOWN_ALGO=$(for fn in /etc/ssh/ssh_host_*_key; do echo `basename $fn`; done | awk -F_ '{if(FNR>1)printf ",";printf $3}')
93c96
< ssh-keyscan -t dsa,rsa,ecdsa ${PORT:+-p $PORT} "$@" 2>&1 >"$EXPORT" |
---
Radek Bursztynowski
2013-07-21 19:48:51 UTC
Permalink
Emil,

Many thanks for your ltsp-update-sshkeys script correction. Now I can
log in into SL 6.1 thin client image (K12Linux 5.2) on CentOS 6.4
x86_64.

Best regards,
Radek


===
Hi all,
I've found the "ltsp-update-sshkeys" script failing on CentOS 6.4.
Reason is, script attempts to create keys for rsa, dsa and ecdsa while
the last one (ecdsa) is not available in this distro.
One may install ecdsa, however I've failed to find it. Disregarding
that I would suggest to fix the script making it a bit smarter about
what is possible in the system where it is running.
Assuming, that list of the private key files stored in /etc/ssh
resembles what is possible in the system (each file is created using
different algorithm), one may derive names
from /etc/ssh/ssh_host_*_key files.
84a85,87
# Use ciphers known to the local system
KNOWN_ALGO=$(for fn in /etc/ssh/ssh_host_*_key; do echo `basename
$fn`; done | awk -F_ '{if(FNR>1)printf ",";printf $3}')
93c96
|
---
"$EXPORT" |
With above fix applied, script is using what is available and creates
keys. It will use ecdsa (or any other algorithm) if it might ever been
installed later and appropriate private key file will get created,
without need to fix it again.
For your convenience, both - diff file and modified script are
attached.
Kind regards
Emil Krotki
EkroTech
PL: +48 693 463 115
-------- Original Message --------
Subject: Re: [K12OSN] I can't log in into LDM | SL 6.1 thin
client image
Date: Fri, July 12, 2013 1:14 pm
To: "Support list for open source software in schools."
Baryy,
It could be that I don't understand you exactly, so let me
1. I log into my server as a root and I deleted all files
from /tmp directory.
2. I rebooted my thin client.
3. I switched SCREEN on my thin client to xtermm.
5. I logged into my server (I accepted certificate). Next I
exited.
# su -
into, next I exited.
7. I switched SCREEN to LDM.
8. Now I can log into as a regular user and root.
But it is temporary success because after rebooting thin
client I lose certificate and still I couldn't log into.
How to save proper set-up?
Radek
---
Radek,
On your server browse to the /tmp folder.
Delete all files ( as root) within the /tmp folder.
After deleting these files try and log into a thin client as a
regular
user.
Also as a backup..try logging into a thin client as root and
see if root
can do a log in to a thin client to your SL(older) image.
Barry
_______________________________________________
K12OSN mailing list
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>;
_______________________________________________
K12OSN mailing list
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>
_______________________________________________
K12OSN mailing list
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>
Loading...