FreeNX

From ATLAS-TRIUMF

Jump to: navigation, search

[edit] Free NX Server / Client

For secure, fast remote access to your desktop.

[edit] Client

NX-Client: [download] appropriate version of NX-Client for your architecture.

Install according to instructions. (just rpm -i as root)

[edit] Server

Enable the centos_triumf.repo and install freenx and nx with yum. There is helpful info on the Tier 1 site on how to set it up if you are not too paranoid.

If you don't allow password logins to your desktop, keep reading, try this. In case that page ever disappears, here is what it says:

Copy a minimal configuration file for nxserver :

cd /etc/nxserver ; cp node.conf.sample node.conf

If your machine is connected to the Internet, you'll probably want to disallow ssh password authentication (which is advised but not mandatory). Edit the /etc/ssh/sshd_config file and change/add the following lines: 

       PasswordAuthentication no
       AllowUsers nx

You only need to add nx to AllowUsers if you already have an AllowUsers line; if not, you can skip that. I've had mixed success with AllowUsers sometimes apparently being ignored. Don't forget to restart the sshd daemon after making that change: 

       service sshd restart

By default, if you try to connect to the NX server, it will use the nx account for the ssh connection (with key authentication) but it will try also to connect in ssh with your own username/password to the host you're trying to reach. Because we've disabled the PasswordAuthentication (the advised method), we have to use the NX Database to allow pass-through authentication. Be sure that /etc/nxserver/node.conf file contains the following line : 

       ENABLE_PASSDB_AUTHENTICATION="1"

Then create yourself a posix account (with useradd/passwd if not already done). Add this newly created user to the nxserver database: 

       nxserver --adduser myuser
       NX> 100 NXSERVER - Version 1.5.0-60 OS (GPL)
       NX> 1000 NXNODE - Version 1.5.0-60 OS (GPL)
       NX> 716 Public key added to: /home/myuser/.ssh/authorized_keys2
       NX> 1001 Bye.
       NX> 999 Bye

Assign a password for this user (not your real account password but one you will use to log in on the nx client): 

       nxserver --passwd myuser
       NX> 100 NXSERVER - Version 1.5.0-60 OS (GPL)
       New password:
       Password changed.
       NX> 999 Bye

<!> Don't forget to add this new user on the AllowUsers line in the sshd_config file (for example: AllowUsers nx myuser) and then reload sshd (service sshd reload).

there is also a more complicated way using a second sshd daemon which allows password logins but only from localhost; it also works, but the first way is much easier.

Retrieved from "http://www.triumf.info/wiki/atlas-triumf/index.php/FreeNX"
Personal tools