[http://freenx.berlios.de FreeNX] is a system that will allow you to access your desktop from another machine over the internet. You can use this to login graphically to your desktop from a remote location. One example of its use would be to have a FreeNX server set up on your home computer, and graphically logging in to the home computer from your work computer, using a FreeNX client. This page will describe how to set up a FreeNX server and a client on Ubuntu systems, for the above example usage.

Terminology

The Server is the computer you want to connect to. This is the computer where the FreeNX server will need to be installed. The name of the Ubuntu package providing the server is "freenx". For the example used here, the home computer is the server.

The Client is the computer from which you want to be able to access the Server. The name of the Ubuntu package providing the client is "nxclient". For the example used here, the work computer is the client.

Installing the FreeNX server

We will be installing the FreeNX server on the Server machine, i.e., the machine that you want to access remotely. In the stated example, this is your computer that is at home.

Add these to /etc/apt/sources.list for hoary

deb http://ubuntulinux.nl/ /

Note: Some people will tell you to add kanotix or backports as a source. Do not do this. It is deprecated

or these for breezy

deb http://seveas.ubuntulinux.nl/ breezy-seveas freenx

A faster mirror, donated by Brett Johnson, is:

deb http://free.linux.hp.com/~brett/seveas/freenx/ ubuntu-seveas freenx

More mirror information on the SeveasPackages page

Note: The nxlibs in this version are compiled with g++4.0 from breezy and are thus not suitable for hoary.

Update your sources {{{sudo apt-get update }}}

If you get a GPG error, see http://seveas.ubuntulinux.nl Near the top of the page are instructions for adding the authentication key into the apt database.

Install it

sudo apt-get install freenx

During installation you will be given the option to select NoMachine keys, or custom keys. It is easier to select NoMachine keys. There is absolutely NO added security risk involved in using the default keys. Read an [http://en.wikipedia.org/wiki/Secure_Sockets_Layer SSL] primer if you want to know the details about why this is the case

For defining custom keys; see below.

Defining a non-default ssh port

By default, the nxserver uses port 22 for communicating over SSH. On some machines or networks, port 22 may be blocked. For example, my evil ISP blocks port 22. So I have the sshd (daemon) listening on port 8888. If port 22 is blocked on the machine that acts as the freenx server, then you can change the default port by doing the following:

Edit the file /etc/ssh/sshd_config

Find

Port 22

and change it to

Port 8888

Edit the file /etc/nxserver/node.conf

Find

# The port number where local 'sshd' is listening.
#SSHD_PORT=22

and change it to:

# The port number where local 'sshd' is listening.
SSHD_PORT=8888

(Here, "8888" is the port that sshd is listening on)

That is, change the port number to the one that sshd is listening to, and uncomment the line.

Installing the FreeNX Client

You should be able to access your Ubuntu box from any Windows or Linux box using the free client from [http://nomachine.com NoMachine's website]. You can also embed your NX Server in a webpage by installing the Nomachine Web Companion and the Apache webserver.

This section covers installation of the FreeNX client on a Ubuntu Linux machine. For the example covered in this article, the client is the work computer.

Add these to /etc/apt/sources.list for hoary

deb http://ubuntulinux.nl/ /

Note: Some people will tell you to add kanotix or backports as a source. Do not do this. It is deprecated

or these for breezy

deb http://seveas.ubuntulinux.nl/ breezy-seveas freenx

Install the FreeNX client by doing the following on the client machine from where you wish to start a FreeNX session:

$sudo apt-get install nxclient

Now you can execute the installed client using the following command:

$/usr/NX/bin/nxclient &

Or by looking it up in the menu

This will start the FreeNX client in a GUI, and step you through getting connected to the FreeNX server, and you will be on your way!

Using custom keys for authentication

(Big parts taken from forums)

Generating the DSA private-public key pair.

You must use the "ssh-keygen" command line tool to create a private-public key pair. For example, by issuing the following command on the client machine:

{{{# ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/Users/falfaro/.ssh/id_dsa): <ENTER OR SPECIFY DIFFERENT LOCATION> Enter passphrase (empty for no passphrase): <ENTER PASSPHRASE OR LEAVE BLANK AND PRESS ENTER> Enter same passphrase again: <REPEAT PASSPHRASE> Your identification has been saved in /Users/falfaro/.ssh/id_dsa. Your public key has been saved in p.pub. The key fingerprint is: 76:f1:09:07:f3:ef:4d:0a:a9:b7:ac:48:49:93:67:fe falfaro@mac.local}}}

Installing the private key into the NX client software

The next step is replacing the NX client software built-in private key with the one we have just created. NoMachine's NX client software stores the DSA private key in "/usr/NX/share/client.id_dsa.key":

{{{# ls -l /usr/NX/share/client.id_dsa.key -rw-r--r-- 1 root wheel 668 27 Dec 13:59 /usr/NX/share/client.id_dsa.key}}}

Thus, we should execute the following command:

{{{# mv /usr/NX/share/client.id_dsa.key /usr/NX/share/client.id_dsa.key.OLD # mv /Users/falfaro/.ssh/id_sa /usr/NX/share/client.id_dsa.key # chown root:wheel /usr/NX/share/client.id_dsa.key # chmod 600 /usr/NX/share/client.id_dsa.key}}}

Installing the public key into the NX server software

The last step is installing the public key, which corresponds to the "nx" user, into remote server. The public key will be installed as an "authorized_keys2" file inside the home directory for the "nx" user. The OpenSSH service will use this file to store the "nx" user public key the NX client software uses to authenticate against the NX server.

Depending on the distribution and FreeNX implementation, the home directory for the "nx" user will be located in different places. In Ubuntu, this is "/var/lib/nxserver/home". In Debian, this is usually "/home/.nx".

The last step is distributing the "id_dsa.pub" file to the remote NX server machine and authorize it:

{{{# scp /Users/falfaro/.ssh/id_dsa.pub root@NXSERVER: # rm /Users/falfaro/.ssh/id_dsa.pub # ssh root@NXSERVER # mv /root/id_dsa.pub /var/lib/nxserver/home/.ssh/authorized_keys2 # chown nx:root /var/lib/nxserver/home/.ssh/authorized_keys2 # chmod 600 /var/lib/nxserver/home/.ssh/authorized_keys2}}}

Testing public key authentication

Before using the NX client software to connect to the remote NX server, it's recommended to check whether we can connect remotely to the NX server using an SSH client using public key authentication for the "nx" user:

If using a passphrase:

## ssh-add /usr/NX/share/client.id_dsa
Enter passphrase for /usr/NX/share/client.id_dsa:
Identity added: /usr/NX/share/client.id_dsa (/usr/NX/share/client.id_dsa)
#ssh nx@NXSERVER
Linux NXSERVER 2.6.10 #1 Sat Dec 25 05:20:24 CET 2004 i686 GNU/Linux
...
HELLO NXSERVER - Version 1.4.0-02 OS_(GPL)
NX> 105 quit
quit
Quit
NX> 999 Bye
Connection to ubuntu closed.

Otherwise: {{{# ssh -i /usr/NX/share/client.id_dsa.key nx@NXSERVER Linux NXSERVER 2.6.10 #1 Sat Dec 25 05:20:24 CET 2004 i686 GNU/Linux ... HELLO NXSERVER - Version 1.4.0-02 OS_(GPL) NX> 105 quit quit Quit NX> 999 Bye Connection to ubuntu closed.}}}

If this works, we can be pretty sure the NX client will allow us to establish a remote session against the NX server.

Connecting

If you've entered a passphrase, you need to do something extra before you can connect.

{{{# ssh-add /usr/NX/share/client.id_dsa Enter passphrase for /usr/NX/share/client.id_dsa: Identity added: /usr/NX/share/client.id_dsa (/usr/NX/share/client.id_dsa) }}} Now you can connect as usual.

FreeNX on PowerPC or AMD64

There are no precompiled binaries of FreeNX on this platform, so FreeNX have to be compiled from source. Sources for breezy can be found in this repository:

deb-src http://seveas.ubuntulinux.nl/ breezy-seveas freenx

These steps will build FreeNX from source:

1. Create a directory to hold the FreeNX source, and cd into it.

mkdir freenxSource; cd freenxSource

2. Build the freenx pacakges and install related packages.

sudo apt-get -b source nx freenx

This will download the souce tarballs and build the freenx packages (*.deb) in the current directory.

If apt-get complains about dependency errors, run the following:

sudo apt-get build-dep nx freenx

This will install any packages needed to build the FreeNX packages.

3. Install the FreeNX packages.

sudo dpkg -i *.deb

4. If dpkg complains about missing packages, let apt fix it

sudo apt-get -f install
sudo dpkg -i *.deb

References

• [http://en.wikipedia.org/wiki/FreeNX FreeNX on Wikipedia]

• [http://www.ubuntuforums.org/showthread.php?t=1968 Ubuntu forum FreeNX howto]

• [http://gentoo-wiki.com/HOWTO_FreeNX_Server FreeNX on Gentoo wiki]

• [http://fedoranews.org/contributors/rick_stout/freenx/ FreeNX of Fedora]

• [http://seveas.ubuntulinux.nl FreeNX repository]

Troubleshooting

Gnome

If you encounter problems with icons when loggin multiple times with the same user in a gnome session, run gnome-settings-daemon. Let it run at every login (gnome->preferences->sessions).

= How to stop FreeNX =

Just stop the ssh service.

CategoryDocumentation CategoryCleanup