Is this better? Damn Yahoo webmail...
My /var/log/nx/nxserver.log remains at 0 bytes even though in node.conf I set 
NX_LOG_LEVEL to 6 from 0. 

Anyway, I will dump my sshd_config for completeness:

[root@example~]# cat /etc/ssh/sshd_config 
#       $OpenBSD: sshd_config,v 1.84 2011/05/23 03:30:07 djm Exp $ 

# This is the sshd server system-wide configuration file.  See 
# sshd_config(5) for more information. 

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin 

# The strategy used for options in the default sshd_config shipped with 
# OpenSSH is to specify options with their default value where 
# possible, but leave them commented.  Uncommented options override the 
# default value. 

#Port 22 
#AddressFamily any 
#ListenAddress 0.0.0.0 
#ListenAddress :: 

# The default requires explicit activation of protocol 1 
#Protocol 2 

# HostKey for protocol version 1 
#HostKey /etc/ssh/ssh_host_key 
# HostKeys for protocol version 2 
#HostKey /etc/ssh/ssh_host_rsa_key 
#HostKey /etc/ssh/ssh_host_dsa_key 
#HostKey /etc/ssh/ssh_host_ecdsa_key 

# Lifetime and size of ephemeral version 1 server key 
#KeyRegenerationInterval 1h 
#ServerKeyBits 1024 

# Logging 
# obsoletes QuietMode and FascistLogging 
#SyslogFacility AUTH 
SyslogFacility AUTHPRIV 
#LogLevel INFO 

# Authentication: 

#LoginGraceTime 2m 
PermitRootLogin yes 
#StrictModes yes 
#MaxAuthTries 6 
#MaxSessions 10 

#RSAAuthentication yes 
#PubkeyAuthentication yes 

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 
# but this is overridden so installations will only check .ssh/authorized_keys 
#AuthorizedKeysFile     .ssh/authorized_keys 

#AuthorizedKeysCommand none 
#AuthorizedKeysCommandRunAs nobody 

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts 
#RhostsRSAAuthentication no 
# similar for protocol version 2 
#HostbasedAuthentication no 
# Change to yes if you don't trust ~/.ssh/known_hosts for 
# RhostsRSAAuthentication and HostbasedAuthentication 
#IgnoreUserKnownHosts no 
# Don't read the user's ~/.rhosts and ~/.shosts files 
#IgnoreRhosts yes 

# To disable tunneled clear text passwords, change to no here! 
#PasswordAuthentication yes 
#PermitEmptyPasswords no 
PasswordAuthentication yes 

# Change to no to disable s/key passwords 
#ChallengeResponseAuthentication yes 
ChallengeResponseAuthentication no 

# Kerberos options 
#KerberosAuthentication no 
#KerberosOrLocalPasswd yes 
#KerberosTicketCleanup yes 
#KerberosGetAFSToken no 
#KerberosUseKuserok yes 

# GSSAPI options 
#GSSAPIAuthentication no 
GSSAPIAuthentication yes 
#GSSAPICleanupCredentials yes 
GSSAPICleanupCredentials yes 
#GSSAPIStrictAcceptorCheck yes 
#GSSAPIKeyExchange no 

# Set this to 'yes' to enable PAM authentication, account processing, 
# and session processing. If this is enabled, PAM authentication will 
# be allowed through the ChallengeResponseAuthentication and 
# PasswordAuthentication.  Depending on your PAM configuration, 
# PAM authentication via ChallengeResponseAuthentication may bypass 
# the setting of "PermitRootLogin without-password". 
# If you just want the PAM account and session checks to run without 
# PAM authentication, then enable this but set PasswordAuthentication 
# and ChallengeResponseAuthentication to 'no'. 
# WARNING: 'UsePAM no' is not supported in Fedora and may cause several 
# problems. 
#UsePAM no 
UsePAM yes 

#AllowAgentForwarding yes 
#AllowTcpForwarding yes 
#GatewayPorts no 
#X11Forwarding no 
X11Forwarding yes 
#X11DisplayOffset 10 
#X11UseLocalhost yes 
#PrintMotd yes 
#PrintLastLog yes 
#TCPKeepAlive yes 
#UseLogin no 
#UsePrivilegeSeparation yes 
#PermitUserEnvironment no 
#Compression delayed 
#ClientAliveInterval 0 
#ClientAliveCountMax 3 
#ShowPatchLevel no 
#UseDNS yes 
#PidFile /var/run/sshd.pid 
#MaxStartups 10 
#PermitTunnel no 
#ChrootDirectory none 

# no default banner path 
#Banner none 

# Accept locale-related environment variables 
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES 
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT 
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE 
AcceptEnv XMODIFIERS 

# override default of no subsystems 
Subsystem       sftp    /usr/libexec/openssh/sftp-server 

# Uncomment this if you want to use .local domain 
#Host *.local 
#       CheckHostIP no 

# Example of overriding settings on a per-user basis 
#Match User anoncvs 
#       X11Forwarding no 
#       AllowTcpForwarding no 
#       ForceCommand cvs server 

#http://www.gossamer-threads.com/lists/gentoo/user/308350?page=last 
PubkeyAcceptedKeyTypes=+ssh-dss 
PermitRootLogin without-password

Reply via email to