x2goserver 连接问题

The remote proxy closed the connection while negotiating the session. This may be due to the wrong authentication credentials passed to the server.

 

x2goserver 运行在Ubuntu 12.04.5 LTS上

安装好后x2go客户端连接不上,报如下错误:

The remote proxy closed the connection while negotiating the session. This may be due to the wrong authentication credentials passed to the server.

截图如下:

首先查看x2goserver 服务器端的日志 /var/log/syslog 并无异常,截取部分结果如下:

May 24 13:16:44 ubuntu /usr/sbin/x2gocleansessions[29064]: user-51-1464067003_stDGNOME_dp32: state file for this session does not exist: /tmp/.x2go-user/C-user-51-1464067003_stDGNOME_dp32/state (this can be ignored during session startups)
May 24 13:16:45 ubuntu /usr/bin/x2gostartagent: successfully started X2Go agent session with ID user-51-1464067003_stDGNOME_dp32

接着多次用x2go客户端连接x2goserver并在服务器端用netstat -tuplen | grep x2go* 查看结果,发现x2goserver除了使用ssh端口外还在监听某个tcp端口(大于30000),某次grep结果如下

于是先在iptables中加入如下规则,开启30013端口

sudo iptables  -I INPUT 1 -p tcp --dport 30013 -j ACCEPT

用x2go 客户端重新连接,成功!

但是x2goserver的这个监听端口并不固定,所以这个解决方法不是一劳永逸的而且危险。通过google大量查找终于找到了靠谱的解决方法,大意就是x2goserver使用了nxclient的库文件,需要某种本地ssh代理,并且要在30001端口监听,因此需要在防火墙上打开这个端口。具体如下:

# x2go
-A INPUT -p tcp -m tcp -s 127.0.0.1/32 --dport 30001 -j ACCEPT
-A INPUT -p tcp -m tcp -s 127.0.0.1/32 --dport 30002 -j ACCEPT
-A INPUT -p tcp -m tcp -s 127.0.0.1/32 --dport 30003 -j ACCEPT

而上面的截图中端口明显大于30003,所以我干脆把30001~30099的本地tcp端口全部打开

命令如下:

iptables -I INPUT 1 -p tcp -m tcp -s 127.0.0.1/32 --dport 30001:30099 -j ACCEPT

用x2go客户端连接,成功 :)

 

posted on 2016-05-24 13:50  warnon  阅读(1646)  评论(0编辑  收藏  举报