NOTES
Note: click
here
for detailed instructions on how to install the NX Client, NX Node and NX Server packages.
The NX service can be controlled by the command
/usr/NX/bin/nxserver --status|--start|--stop|--restart
Additional commands are available to configure the server.
Try
/usr/NX/bin/nxserver --help
for more information. For more information, read the
NX Server Administrator's Guide.
If you are having trouble connecting, try the following:
- On the machine running nxserver (say gamma):
-
/etc/init.d/nxserver stop
/usr/NX/scripts/setup/nxserver --keygen
/etc/init.d/nxserver start
- Edit /usr/NX/etc/*.cfg and make sure authorized_keys file name matches that in /etc/ssh/sshd_config
# Specify the location and file name of the SSH authorized keys.
SSHAuthorizedKeys = "authorized_keys"
- On the machine running nxclient:
-
cd /usr/NX/share/keys
sudo scp root@gamma:/usr/NX/share/keys/default.id_dsa.key gamma.id_dsa.key.
- Make sure the gamma.id_dsa.key file is readable by the user running nxclient.
- Start nxclient and click the configure button.
- Click the "key" button under the "General" tab.
- Delete the current key info shown.
- Click the "import" button, browse to the gamma.id_dsa.key file
- Save everything.
- Try connecting again.
|
Installation:
[root@mail NX_NoMachine]# pwd
/opt/NX_NoMachine
[root@mail NX_NoMachine]# ll
total 18632
-rw-r--r-- 1 root root 4128076 Jul 15 06:59 nxclient-3.2.0-13.x86_64.rpm
-rw-r--r-- 1 root root 7025789 Jul 29 06:17 nxnode-3.2.0-13.x86_64.rpm
-rw-r--r-- 1 root root 7877146 Jul 29 07:18 nxserver-3.2.0-16.x86_64.rpm
[root@mail NX_NoMachine]# rpm -i nxclient-3.2.0-13.x86_64.rpm
Showing file: /usr/NX/share/documents/client/cups-info
CUPS Printing Backend
The NX Client set-up procedure detected that your "IPP CUPS" printing
backend doesn't allow printing from the NX session. In order to have
printing support in your NX system, you need to set proper permissions
on the IPP backend. Please execute:
chmod 755 /usr/lib/cups/backend/ipp
[root@mail NX_NoMachine]# chmod 755 /usr/lib/cups/backend/ipp
[root@mail NX_NoMachine]# rpm -i nxnode-3.2.0-13.x86_64.rpm
NX> 700 Starting: install node operation at: Tue Nov 04 09:27:48 2008.
NX> 700 Autodetected system 'redhat'.
NX> 700 Install log is '/usr/NX/var/log/install'.
NX> 700 Creating configuration in /usr/NX/etc/node.cfg.
NX> 700 Inspecting local CUPS environment.
NX> 700 Generating CUPS entries in: /usr/NX/etc/node.cfg.
NX> 700 Installation of version: 3.2.0-13 completed.
NX> 700 Bye.
[root@mail NX_NoMachine]# rpm -i nxserver-3.2.0-16.x86_64.rpm
NX> 700 Installing: server at: Tue Nov 04 09:28:04 2008.
NX> 700 Autodetected system: redhat.
NX> 700 Install log is: /usr/NX/var/log/install.
NX> 700 Creating configuration file: /usr/NX/etc/server.cfg.
NX> 723 Cannot start NX statistics:
NX> 709 NX statistics are disabled for this server.
NX> 700 Version '3.2.0-16' installation completed.
NX> 700 Showing file: /usr/NX/share/documents/server/install-notices
Server keys
The initial login between client and server happens through a DSA key
pair, i.e. a couple of specially generated cryptographic keys, called
the private key and the public key, which allow you to establish a
secure connection, by means of SSL encryption, between NX client and
NX server.
The public part of the key-pair is provided during the installation
of the server, while the private part of the key-pair is distributed
together with the NX Client. This ensures that each NX client is able
to authenticate to the server and to start the procedure for autho-
rizing the user and negotiating the session.
If you want to create a virtual private network (VPN) instead, you
need to generate a new DSA key-pair and distribute the private part
of the key-pair to those NX clients you want authenticated to the NX
server. More information on how to generate and distribute a new DSA
key-pair is available at:
http://www.nomachine.com/ar/view.php?ar_id=AR01C00126
Creating Users
NX is configured to allow access from any system user, as long as
valid credentials are given to the user for the SSH login. NX pro-
vides an alternative authorization method, allowing system admin-
istrators to determine which users are given access to the NX fun-
ctionalities. This works by implementing a separation between the
system password and the NX password, so that, for example, it is
possible to forbid remote access to the system by any other means
except via NX and use the NX tools to implement effective accounting
of the system resources used by the user, or to share NX passwords in
an external database.
To activate the NX user and password DBs, you will have to edit the
NX server configuration file by hand or use the NX Server Manager
Web tool available for download on the NoMachine Web site at:
http://www.nomachine.com/download-manager.php
Session Shadowing and Desktop Sharing
The session shadowing functionality allows you to share NX sessions
running on the node. The desktop sharing functionality instead, gives
access to the native display of the X server as if you were in front
of the monitor. By default you can access sessions in interactive mode
and upon authorization of the session owner. You can modify this beha-
viour by tuning the server configuration according to your needs, for
example by allowing access to sessions in view-only mode, or connecting
to either a suspended session or the local display via the Desktop
Manager login window.
Load Balancing
NX Advanced Server provides support for multi-node capabilities and
load balancing. In its current implementation, NX server can only
manage accounts on the host machine, so to grant access to the node
running remotely, you will need to create the user account directly
on the remote node host by issuing the NX node commands as root user.
You will also need to add the NX Server public DSA Key to the node to
allow this server to connect to the node running on the remote host.
Documentation
For further information on how to manage the configuration of your
NX system, please refer to the System Administrator's Guide available
on the NoMachine Web site at:
http://www.nomachine.com/documentation/admin-guide.php
The NoMachine Team.
NX> 700 Bye.
[root@mail NX_NoMachine]#
More Notes:
- To come...