KasmVNC icon indicating copy to clipboard operation
KasmVNC copied to clipboard
verified publisher icon kasmtech

Connection disconnected when running KasmVNC on default user

Open saikotek opened this issue 1 year ago • 2 comments

Describe the bug I have proxmox host that runs xubuntu VM and the traffic is going through NAT like this: Internet -> public_ip:8444 -> [DNAT] -> 10.0.0.2:8444 (VM) 10.0.0.2:8444 (VM) -> [SNAT/MASQUERADE] -> public_ip -> Client

and nginx works, so no problem there. But trying to run kasmVNC and connecting through Chrome first shows that it's connected after which instantly it says "Disconnected", in F12 in Chrome I see some 401 Unauthorized requests. chrome_esEZwHnXLF

Curiously in firefox all requests are OK (change protocols to websocket request 101 is also OK) 9icKx80TdF but it still gets disconnected.

This is failing log: vnc-log.log

So I tried creating new user, copying kasmvnc.yaml and running vncserver there and..it looks like it works now! I'm attaching working log working-log-other-user.log Looks like there are still some errors there, but it works..

This is process tree dump: process_tree.txt Note that default user is 'u' and the new one is 'rem' and there I ran vncserver successfully.

System Description

PRETTY_NAME="Ubuntu 24.04.1 LTS"
NAME="Ubuntu"
VERSION_ID="24.04"
VERSION="24.04.1 LTS (Noble Numbat)"
VERSION_CODENAME=noble
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=noble
LOGO=ubuntu-logo

Linux 0polaroid34 6.8.0-39-generic #
39-Ubuntu SMP PREEMPT_DYNAMIC Fri Jul  5 21:49:14 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux

KasmVNC Details Provide the filename of the package you installed KasmVNC with. The filename includes important details like the OS, architecture, and commit sha. kasmvncserver_noble_1.3.3_amd64.deb

Provide the output of this command.

Xvnc -version

XVnc: command not found when directly calling:

 /usr/bin/Xvnc -version

Xvnc KasmVNC 1.3.3.0ebbbc6412e131092308cc1ce10b9d106e3b4e05 - built Oct 30 2024 14:13:20
Copyright (C) 1999-2018 KasmVNC Team and many others (see README.me)
See http://kasmweb.com for information on KasmVNC.
Underlying X server release 12008000, The X.Org Foundation

To Reproduce Steps to reproduce the behavior (for non-installation issues):

  1. Install kasmvnc on xubuntu 24
  2. Run vncserver no default user
  3. Try to connect through chrome
  4. See error

Expected behavior Should connect without issues.

Browser

  • Device: PC
  • OS: Windows 11
  • Browser Chrome Version 131.0.6778.205 (Official Build) (64-bit)
  • Firefox 133.0.3 (64-bit)

Additional context I had to do kasmvnc.yaml settings like this:

logging:
  log_writer_name: all
  log_dest: logfile
  level: 100

network:
  protocol: http
  interface: 0.0.0.0
  websocket_port: 8444 
  use_ipv4: true
  use_ipv6: true
  udp:
    public_ip: auto
    port: 8444
    stun_server: auto
  ssl:
    pem_certificate: /etc/ssl/certs/ssl-cert-snakeoil.pem
    pem_key: /etc/ssl/private/ssl-cert-snakeoil.key
    require_ssl: true
  # unix_relay:
  #   name:
  #   path:

security:
  brute_force_protection:
    blacklist_threshold: 0
    blacklist_timeout: 0

because with brute force security it blocks me right away because it looks like the connection is dropping many times in a row.

Before trying to start vncserver I ran x11vnc as a root on display :0, but it should not conflict, because I disabled it.

saikotek avatar Dec 22 '24 00:12 saikotek

Or so I thought it works on fresh user but now when I recreated it once again I have this error:

2024-12-22 15:14:49,274 [DEBUG] SConnection: reading protocol version
 2024-12-22 15:14:49,275 [INFO] SConnection: Client needs protocol version 3.8
 2024-12-22 15:14:49,296 [INFO] websocket 67: got client connection from 10.0.0.1
 2024-12-22 15:14:49,298 [INFO] websocket 68: got client connection from 10.0.0.1
 2024-12-22 15:14:49,300 [DEBUG] SConnection: processing security type message
 2024-12-22 15:14:49,300 [INFO] SConnection: Client requests security type VncAuth(2)
 2024-12-22 15:14:49,300 [DEBUG] SConnection: processing security message
 2024-12-22 15:14:49,325 [DEBUG] websocket 67: using SSL socket
 2024-12-22 15:14:49,327 [DEBUG] websocket 68: using SSL socket
 2024-12-22 15:14:49,327 [DEBUG] websocket 67: BasicAuth matched
 2024-12-22 15:14:49,327 [DEBUG] websocket 67: Invalid WS request, maybe a HTTP one
 2024-12-22 15:14:49,327 [DEBUG] websocket 67: Requested file '/app/images/icons/368_kasm_logo_only_16x16.png'
 2024-12-22 15:14:49,328 [INFO] websocket 67: 10.0.0.1 10.0.0.1 rem "GET /app/images/icons/368_kasm_logo_only_16x16.png HTTP/1.1" 200 6221
 2024-12-22 15:14:49,328 [DEBUG] websocket 67: No connection after handshake
 2024-12-22 15:14:49,328 [DEBUG] websocket 67: handler exit
 2024-12-22 15:14:49,328 [DEBUG] SConnection: processing security message
 2024-12-22 15:14:49,328 [DEBUG] SVncAuth: reading password file
 2024-12-22 15:14:49,328 [PRIO] SConnection: AuthFailureException: Authentication failure: Unable to query the local user to accept the connection.
 2024-12-22 15:14:49,329 [DEBUG] XserverDesktop: client gone, sock 42
 2024-12-22 15:14:49,329 [PRIO] Connections: closed: [email protected]_1734876889.165055::websocket (Authentication failure: Unable to query the local user to accept the connecti

AuthFailureException: Authentication failure: Unable to query the local user to accept the connection. I have no idea what is going on...

saikotek avatar Dec 22 '24 14:12 saikotek

From your log I see this line...

2024-12-22 00:39:33,970 [PRIO] VNCSConnST: User has no read permissions. If this is not intended, grant them permissions with kasmvncpasswd or via the API

This indicates that the kasmvnc user you created does not read access. Make sure you use the correct flags when creating the user...

vncpasswd -u my_username -w -r

mmcclaskey avatar Jan 06 '25 17:01 mmcclaskey