On Thu, Mar 19, 2009 at 11:38 AM, Joseph <syscon...@gmail.com> wrote: > On 03/19/09 11:29, Paul Hartman wrote: >>>> >>>> it accepted the password, now do I run the setup again: >>>> nxsetup --install --setup-nomachine-key --clean --purge >>>> >>>> If I try to login from another machine do I login as user "nx"? >>>> When I try to login from another machine on my network I get: >>>> Your guest account has expired... >>> >>> The way NX works is it uses the nx user as an intermediate. You need >>> to login as a normal user, and you need to explicitly give that user >>> permission to use NX by doing nxserver --useradd yourname (which will >>> generate NX ssh keys and put them in that user's directory). >>> >>> If you use interactive/PAM authentication on your system, NX can use >>> your user's normal system password; if you use key-based >>> authentication for SSH the only way to make NX work is to use its >>> internal password database and assing an NX-specific password to that >>> user. In nxclient, copy the normal SSH key, and then in the nxclient >>> login box put the NX username and password. >>> >> >> I think the user DB setting is in /usr/NX/etc/server.cfg > > No there is no such file or directory on the server; that is why I'm asking > if after setting the password for user "nx" I should run this command again: > nxsetup --install --setup-nomachine-key --clean --purge > > as it is my impression that the setup was not complete.
Hmm. Okay, I am actually using nxserver-freeedition and not nxserver-freenx. (I always get those confused). On my machine I am the only user, so I don't know about multi-user shared machines. I just want personal access to my home PC. Here is my config that works for me with nxserver-freeedition with SSH public key authentication: In my sshd_config I've got: PermitRootLogin No RSAAuthentication no PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys PasswordAuthentication no PermitEmptyPasswords no ChallengeResponseAuthentication no UsePAM no Then in /usr/NX/etc/server.cfg I have: EnableUserDB = "1" EnablePasswordDB = "1" then run "/usr//NX/bin/nxserver --useradd yourusername" which will add that user to the NX user database as well as create/add an SSH key to that user (which is only used by NX on the local machine, it will SSH to itself). The password you create for this user is what you'll use in nxclient when connecting to the remote machine, and the SSH key in nxclient is the one that user would normally use to login to the box with regular SSH. If you don't use key authentication with SSH, you should be able to have the two NX server options above set to 0, and use the user's normal password to login. You will still need to put your NX server key into nxclient (unless you use the default key which is already in there). It is tricky to set up, but once it works it is awesome. :) It beats VNC or RDP easily. Paul
