• Setting up NX server (part I: FreeNX)

    NX is a remote display technology which allows you to open a desktop session to an X Window server. The connection is fast and secure, thanks to data compression and SSH encryption. The two most popular NX server applications used on Linux are NoMachine NX and FreeNX.

    NoMachine NX is a commercial product which provides a Free edition available for download. The NoMachine Free edition is limited to 2 simultaneous client connections.
    FreeNX is open source and doesn't have this limitation. Although FreeNX development has stalled since 2008, Linux distros continue to release version 0.7.3 with new patches. The latest FreeNX build in my repo includes some of the most recent patches borrowed from ArchLinux and Fedora 17 together with some bug fixes for openSUSE. I also updated NX agent - needed by FreeNX - to version 3.5.0.

    Although FreeNX installation looks (and is) simple, it might be tricky to get it working. Different distros use their own pre- and post-install scripts. Since 2008, several commands needed by FreeNX have become deprecated, unavailable or have changed path, leading to various warning and error messages. smbmount and smbumount as well as missing CUPS drivers are several examples. This article describes how to install FreeNX and NoMachine NX on openSUSE and run both servers separately or in parallel.

    The commands in this tutorial perform administrative tasks and have to be run as root. I won't specify every time that you have to prefix each command with sudo or 'su -c'. To make it simple, open a root login shell in a terminal with 'su -l' and type all commands in this terminal.

    What are nxsetup and freenx-setup?

    nxsetup is part of FreeNX. freenx-setup is a script I wrote and included in this package. I hope it has less bugs and more features. Among other things, freenx-setup will call nxsetup, but has its own way of handling things that nxsetup seems to be unable to do correctly (such as creating the nx user with a predefined UID).

    Requirements

    • on the server:

      NX server requires sshd to be running. ssh tcp port (22) should be open in the firewall. It is open by default. If you want to run the NX server on another port, this port should be added in sshd configuration file (/etc/ssh/sshd_config) so that the daemon listens to it, and it should be opened in the firewall. The setup script included in my FreeNX package can enable and open an alternate ssh port. This is particularly useful if you intend to run FreeNX and NoMachine in parallel or other services on ssh ports.

      You can check the status of the sshd daemon with this command:
      Code:
      # service sshd status
      and enable it with:
      Code:
      # /sbin/chkconfig sshd on
      Notice that this command still works on openSUSE 12.1 because sshd is still an init service and not systemd native (yet). Otherwise the systemd command would be:

      Code:
      # systemctl status sshd.service
      This command is currently redirected to /sbin/chkconfig.
    • on the client:

      Users need ssh access to the server. To open a desktop session to a NX server, you need a NX client, such as the NoMachine NX client available for Linux, Windows and Mac OSX on the NoMachine website. If your NX server also runs a web server, you can install NX Web companion on it, so that clients don't even need to install NX client software but will connect through a Java plugin downloaded from your server. I haven't tested NX Web companion with FreeNX, and the installation on NX Web companion is not covered in this article.



    Installing NX client.

    The FreeNX package in my repo includes the script nomachine-setup, which can be used to install NoMachine client and server. To install the NoMachine client using this script, just type:

    Code:
    # nomachine-setup --client
    As any script that reads URLs from web pages and tries to download files directly, the command above will fail if NoMachine decides to modify its website or download URLs.

    If it fails, you can use the classical method: download the rpm package from this page http://www.nomachine.com/download-client-linux.php and install it with zypper from the directory where you saved the file. Assuming 3.5.0-7 is the latest version and the URL below is correct, you could download the rpm with wget and install it in a terminal:

    Code:
    # cd /tmp
    # wget  http://64.34.161.181/download/3.5.0/Linux/nxclient-3.5.0-7.x86_64.rpm
    # zypper in nxclient-3.5.0-7.x86_64.rpm
    The NoMachine nxclient installs a symlink in /usr/share/applications to a .desktop file (nxclient.desktop) - which makes the programm appear in menus. The name of the program is nxclient. Thus you may also start the client by typing this name in a terminal.

    Installing FreeNX.

    You can install FreeNX 0.7.3 from my repo.

    • Add and refresh the repo:

    Code:
    # zypper ar http://download.opensuse.org/repositories/home:/please_try_again/openSUSE_12.1/  PTA
    # zypper --gpg-auto-import-keys refresh -r PTA
    • Install FreeNX

    Code:
    # zypper in FreeNX
    NX agent will be installed automatically since FreeNX depends on it.


    Setting up FreeNX.

    The package provides the script freenx-setup. It is not included in other builds of FreeNX (unless other packagers borrow this script) nor in the original source.

    To set up FreenNX with default settings, simply run the following command as root:

    Code:
    # freenx-setup
    Default settings means that it uses ssh port 22, creates a nx user and group with the next available sytem UID and GID, and creates a new DSA key pair. It also writes a session file named after the server short name with the extension .nxs in /var/lib/nxserver/home. You can copy this file to user ~/.nx/config directory on the client and select this session in NoMachine client. Or you can create a new session using the NX Connection wizard and enter Session name, server name and ssh port, as well as other settings. But in this case you will also need to copy the client key /var/lib/nxserver/home/.ssh/client.id_dsa.key into the session configuration on the client. This requires deleting the default (NoMachine) DSA key, and copying/pasting the key or importing the file. It means that you will have to configure the session you just created (see picture below).


    You will find out that using the .nxs file generated by freenx-setup is faster and more convenient, since it already contains the correct client key. If you choose this option, you might have to configure the session, especially change the default desktop (xdm) and resolution (1440x900) to suit your needs. As a special goodie in this build of FreeNX, selecting "CDE" in NoMachine client will in fact start a LXDE session - provided LXDE is installed on the server. :-)

    Using NoMachine generic DSA Key pair.

    You might find it easier - for you or your clients - to not let freenx-setup create a DSA key pair but use the NoMachine default key instead, so that any NoMachine client will be able to connect without the need of importing a client key from your server. The DSA key shown on the picture above is the generic NoMachine key which gets automatically added when you create a session with the NX Connection wizard. When you use your own keys - as in the previous example - you'll have to delete the highlighted text and past your own key or import it from the file client.id_dsa.key. While the NoMachine default key might be more convenient in a secure lan, it is not advisable to use it if your client connections go through the Internet. To set up FreeNX with NoMachine default key, run freenx-setup with the option -n ( or --nokeys).

    Code:
    # freenx-setup -n
    You might see warnings about offending keys and even a fatal error while testing the nxserver connection. But as far as I can tell, clients will be able to connect without further settings. I might say again though that this is not secure. It won't even save you time, since freenx-setup generates a session file for you with your own unique key. So don't do it!

    Advanced setup

    Running FreeNX on an alternate ssh port

    By default, NX servers listen on ssh port 22. You might want to run FreeNX on a higher port for security reasons or because you intend to run NoMachine server too. Both NX servers can not listen on the same port. To setup FreeNX with an alternate port, you would pass this port to freenx-setup as an argument to the option -p (or --port). The following command sets up FreeNX to listen on port 9122 (it also means that opening a NX session on port 22 will fail). Since, FreeNX relies on ssh, it is also necessary that the ssh daemon listens on this port (which means that a normal ssh connection on port 9122 will succeed). freenx-setup will add this port in /etc/ssh/sshd_config as well as opening it in the firewall - if the firewall is running.

    Code:
    # freenx-setup -p 9122
    * I'm not using openSUSE firewall and haven't tested this feature extensively. If it doesn't work, you should use YaST to open the port. Also there were two different ways to open additionnal ssh ports and I choose the one YaST didn't think of. For more details, see this post: open another ssh port in firewall? and look at the openport function in freenx-setup code.

    Setting your own nx UID and GID

    By default freenx-setup creates the nx user and group with the next available system UID and GID. A preexisting nx user is one of the reasons why FreeNX and NoMachine setups might fail. If you happen to reinstall FreeNX or NoMachine on your own - meaning running nx setup yourself or having some rpm post install scriptlet do it for you - I recommend deleting the nx user first. freenx-setup doesn't create nor delete the nx user (it would if nxsetup would handle these options correctly). But it can let you define the UID of the nx user. To specify UID and GID of the nx user and group, you can pass these values as arguments to the --uid (-u) and --gid (-g) options.

    Code:
    # freenx-setup -u 126 -g 126

    If the UID or GID is already used, FreeNX will take the next available one, without warning nor asking for confirmation. This is OK because most people don't worry about nx UID and GID and the ones who care won't pass an UID/GID which is already used.

    Modifying some defaults in the script.

    There are a couple default values at the top of the script you might want to change, such as the default height (SHeight) and width (SWidth) of the session configuration file (.nxs), the nx default UID and GID and the name of the global Xsession you want to use for xdm.

    Related links



    Other remote desktop projects:

    Comments 4 Comments
    1. jmcleanadams58's Avatar
      jmcleanadams58 -
      Thank you for offering all the assistance. I have a problem, though. When I run the freenx-set up script I am getting a message regarding "not supported yet". Is this something that I could be doing wrong?
      Thank You
    1. jcdole's Avatar
      jcdole -
      hello.

      If I read your code correctly, your script freenx-setup must be updated for opensuse 12.3

      Code:
      if ( which lsb_release &>/dev/null ) ; then 
          os=$(lsb_release -si | tr -d " ")
      elif [ -f /etc/SuSE-release ] ; then
          os="suselinux"
      elif [ -f /etc/arch-release ] ; then
          os="archlinux"
      elif [ -f /etc/fedora-release ] ; then
          os="fedora"
      elif [ -f /etc/mandriva-release ] ; then
          os="mandrivalinux"
      elif [ -d /etc/linuxmint ] ; then
          os="linuxmint"
      else
          os="unknown"
      fi
      
      case $os in
      suselinux)        IS_SUSE=1 ; sshkeys="--auto" ;;
      fedora)           IS_FEDORA=1 ; nxbindir=/usr/libexec/nx ; sshkeys="--auto" ;;
      mandrivalinux)    IS_MANDRIVA=1 ;;
      archlinux)        IS_ARCHLINUX=1 ;;
      ubuntu|linuxmint) IS_UBUNTU=1 ; arch=${arch/x86_/amd} ; nxkeygen=/usr/lib/nx/nxkeygen  ;;
      #*)         exec  printf "\033[31;1m%s not supported yet.\033[37;0m\n"
      *)         exec  printf "\033[31;1m%s OS : $os not supported yet.\033[37;0m\n"
      esac
      because

      Code:
      which lsb_release
      return openSUSEproject

      and you test again os = suselinux

      Code:
      case $os in
      suselinux)        IS_SUSE=1 ; sshkeys="--auto" ;;
      Have a good day
    1. PattiMichelle's Avatar
      PattiMichelle -
      Quote Originally Posted by please_try_again View Post
      WOW! This is great. I hope it works. Haven't been able to get NoMachine server running reliably under OpenSuSe since 11.x, and it looks like !Machine is getting less community-friendly, even though they now have a .rpm for us.

      Is there a reason that Gedit, GKrellM, and Gnome Sysmon suddenly crash !Machine client (with FreeNX server) in 12.3? These worked in 12.2+FreeNX+!MachineClient...

      TY,
      Patti

      PS: Is !Machine the only integrated, high-quality windows NX client? (don't need multimedia)
    1. wolfgang6444's Avatar
      wolfgang6444 -
      Hi,

      I also try to install a free-nx-server on openSuse 12.3 - but so far with no success.
      What are the packages to install and where can I get them.
      I tried the rpm for openSuse 12.2 but they seem to be incompatible (e.g. libjpeg, libpng).

      Any help is very welcome

      Thanks

      Wolfgang