This article will explain the configuration of FreeNX, a solution to graphically connect to a server in the same way than (Tight)VNC but with higher performance.
FreeNX is a similar program based on http://www.nomachine.com NoMachine’s NX terminal server, born when NoMachine released their basic libraries under the GPL. NoMachine’s commercial versions are more fully-featured and come with technical support. FreeNX is ideal for users who want a free, secure, fast thin Linux client, or who need to access Linux machines from a variety of clients on other platforms. It does not run on all the platforms that [http://www.realvnc.com/ VNC (Virtual Network Computing)] does; its main advantages are it is fast even over dialup, and it comes with SSH support built-in. (http://www.enterprisenetworkingplanet.com/netos/article.php/3508951)
The clients can use the NoMachine official NX client to connect to the server (MS Windows 9x/NT/2000/2003/XP, Solaris, Mac OS/X, SuSE, RedHat, Debian and a number of other Linux distributions ; experimental support for PlayStation2, Compaq iPAQ and Sharp Zaurus)
The live cd Knoppix (http://www.knopper.net/knoppix) contains since its version 3.6 a freenx server and a freenx client.
http://www.nomachine.com/screenshots.php Some screenshots of a NX Client on a Linux
2. Installation
FreeNX can be installed on the server as any Debian package.
2.1. Server installation on Debian
First of all, it is necessary to insert an additional source in the /etc/apt/sources.list file as freeNX is not contained in the Debian’s official archives.
#Kanotix (Package freenx) deb http://kanotix.com/files/debian/ ./ #Other potential sources (one source is enough) #deb http://packages.debianbase.de/testing/i386/nx/ ./ #deb http://www.linux.lk/~anuradha/nx/ ./ #deb http://kanotix.com/files/debian/ ./
Install freeNX as any Debian package: #apt-get install freenx
Some other packages will be installed to satisfy all dependencies.
« It will pull in other packages to satisfy all dependencies, such as expect, freenx, libnxcomp0, libnxcompext0, netcat, nxagent, nxlibs, and nxproxy.
During installation it will ask you if you want to use the default DSA key that ships with FreeNX. Opt for custom keys, because using the default key is quite obviously non-secure, and the installer does all the work of creating and installing the custom keys anyway, so you have nothing to gain by using the default.
Then, as root, you’ll need to add users and passwords for users who are authorized to connect to the server. These users must also have system accounts, so if they are not in /etc/passwd you’ll have to create system accounts for them. This is standard SSH behavior, and users who do not have accounts have no business trying to log in, so don’t whine about it. It is also a good security practice to force remote users to have different passwords than their system logins:
# nxserver --adduser carla # nxserver --passwd carla
Interestingly, you only get one chance to set the password — it does not ask for confirmation, so type carefully. It is not necessary to run the nxsetup utility because the installer does the setup for you. Make sure port 22 is open, and you’re done. » (Source: http://www.enterprisenetworkingplanet.com/netos/article.php/3508951)
Note: for demonstration purposes, the administrator could decide to use the NoMachine default keys (to avoid the client to charge this key). On the server, execute #nxsetup --install --setup-nomachine-key
The clients will no more need to download any DSA key to connect to the server. Anyway they must be registered on the server to be able to connect remotly.»
2.2. Client installation
The software for Windows, Linux…. can be downloaded from http://www.nomachine.com/download/.
Windows The installation is pretty much self-explanatory (see the screenshots at http://www.nomachine.com/screenshots2.php ).
Linux As for Windows, the installation is straight-forward. See the configuration screenshots at http://www.nomachine.com/screenshots5.php
Note: On the Advanced tab, make sure that “Enable SSL encryption of all traffic” is checked.
2.3. Download the authorization keys
As explained above, the server generates DSA keys that client must use for authentifcation by connecting to the server.
On the Linux server, the key is stored in /var/lib/nxserver/home/.ssh/client.id_dsa.key, and must be copied to \Program Files\NX Client for Windows\Share (Windows client) or /usr/NX/share (Linux client).
Note: perform a chmod 0644 on the key on the linux client.
3. Troubleshooting
If the client has troubles to connect to your FreeNX server, it is recommended to perform a test with the TestDrive by NoMachine to ensure that the client is functionning correctly.
NX TestDrive Step by Step : for Windows: http://www.nomachine.com/step-by-step/testdrive-Windows.php for Linux: http://www.nomachine.com/step-by-step/testdrive-Linux.php
Error: If you receive the Error « Permission denied (publickey,password,keyboard-interactive). » Delete the user in fault on the server (nxserver –deluser) and add the user again.
http://mail.kde.org/pipermail/freenx-knx/2005-January/000587.html
Switch Desktop : «When running your NX session in fullscreen mode you can switch to your original desktop by clicking on a upper right corner of the screen. » http://www.nomachine.com/howto/switch-desktop.php
Get rid of not responding session http://www.nomachine.com/howto/terminate-session.php
Sound support http://www.nomachine.com/howto/sound-conf.php
Grant access to all system users (PAM Authentification) (Check and Feedback please)
# cat /usr/bin/nxserver |grep PAM #PAM to the possible authentification methods ENABLE_PAM_AUTHENTICATION=”0″
Set ENABLE_PAM_AUTHENTICATION to 1
Mots-clefs : Administration, Debian, Linux, Reseau
