Saturday, September 09, 2006

FreeNX on Gentoo


This is how I got the latest available FreeNX server and Windows Client to work on Gentoo. I've found FreeNX invaluable for administration remote Gentoo/Linux and Solaris servers.

Install FreeNX software

USE="nxclient" ACCEPT_KEYWORDS="~x86" emerge -avt "=nxserver-freenx-0.5.0.20060311-r1"

Create a node configuration file.
cp /usr/NX/etc/node.conf.sample /usr/NX/etc/node.conf
Define authorization file in node configuration.
vi /usr/NX/etc/node.conf
add line
SSH_AUTHORIZED_KEYS="authorized_keys"
Add a remote user to FreeNX. As default FreeNX use PAM to authenticate user's password. The behavior can be changed by enabling internal FreeNX password in node configuration file.

/usr/NX/bin/nxserver --adduser <username>

FreeNX, uses a default public key for initial communication to the FreeNX server. (user nx) Replacing the key is more secure but the private key has to be installed on all clients which access this server. Generate new keypair

/usr/NX/bin/nxkeygen

Update NX user's authorized keys
cp /usr/NX/home/nx/.ssh/server.id_dsa.pub.key /usr/NX/home/nx/.ssh/authorized_keys

Store a copy of the private key
cp /usr/NX/home/nx/.ssh/client.id_dsa.key /usr/NX/share/keys
Fix backingstore issue with latest windows client (2.0.0-98) from www.nomachine.com.  Fixes "NX> 596 Session startup failed." errors.

vi /usr/NX/bin/nxnode

After line 263 [ -n "$backingstore" ] && B="-bs $backingstore" add these lines:
# backingstore = { "when_requested", "always", ... }
[ -n "$backingstore" -a "$ENABLE_2_0_0_BACKEND" != "1" -a "$backingstore" != "1" ] && B="-bs $backingstore"
# backingstore = 1 (new nxclient 2.0.0 doesn't send any strings in the option-string for backingstore anymore)
[ -n "$backingstore" -a "$ENABLE_2_0_0_BACKEND" != "1" -a "$backingstore" = "1" ] &amp;& B="+bs"
# backingstore = 1 and 2.0.0-Backend EXPERIMENTAL
[ -n "$backingstore" -a "$ENABLE_2_0_0_BACKEND" = "1" ] &amp;& B="-bs $backingstore"

Setup the Windows client.


Install generate private key onto NX Clients.

Copy file from the NXFree server /usr/NX/home/nx/.ssh/client.id_dsa.key to NX Client.

Linux/Mac Rename to /usr/NX/share/keys/gentoo.id_dsa.key
Windows Rename to C:\Program Files\NX Client for Windows\share\key\gentoo.id_dsa.key


Create FreeNX Session to server
Under Linux
# nxclient -wizard

Or click on the "NX Client For Windows icon"
"C:\Program Files\NX Client for Windows\nxclient.exe"
NX Client under Windows and Linux has an identical layout,
Import the private key
and save session configuration.
C:\Program Files\NX Client for Windows\share\key\gentoo.id_dsa.key
 

All Done - apaton 9/10/06