openSUSE Documentation
Chapter 9. FreeNX: Remotely Controlling Another Computer / 9.2. Advanced FreeNX Configuration
PrevChapter 9. FreeNX: Remotely Controlling Another Computer9.3. TroubleshootingNext

9.2. Advanced FreeNX Configuration

The following sections introduce some advanced features mainly needed in more complex NX scenarios.

9.2.1. Configuring SSH Authentication Using Client Keys

The authentication configured in Section 9.1, “Getting Started with NX” solely relies on username and password credentials. For a more secure authentication, NX can be configured to generate a pair of SSH keys. The client key is then copied from the server machine to any client that should be able to connect to the NX server. Clients that do not present this key cannot authenticate at the NX server. This feature is only supported for the FreeNX server/knx client combination.

To configure the NX server to use this authentication method and generate the appropriate key pair, proceed as follows:

  1. Log in as root to the server machine.

  2. Open the server's configuration file /etc/nxserver/node.conf and make sure that ENABLE_SSH_AUTHENTICATION is set to 1.

  3. Install the server with the following command:

    nxsetup --install --clean --purge

  4. When prompted, tell FreeNX that you want to use a custom key pair.

  5. Adjust the access permissions to /var/lib/nxserver/home/.ssh/authorized_keys2:

          chmod 640 /var/lib/nxserver/home/.ssh/authorized_keys2

  6. Log out.

To configure knx to use this key, proceed as follows:

  1. At the server machine, log in as root.

  2. Copy the key file to the location on the client machine where knx needs it, replacing client with the client's address.

    scp /var/lib/nxserver/home/.ssh/client.id_dsa.key client:/usr/share/knx/

  3. Log in to the client machine as root.

  4. Adjust the access permissions as follows:

          chmod 644 /usr/share/knx/client.id_dsa.key

  5. Log out.

9.2.2. Using Systemwide and User-Specific Configuration Files

The FreeNX server's behavior is controlled via /etc/node.conf. You can either run a global NX server configuration or run the server with user-specific configurations. This comes into play, if you have different users running NX on one machine with different requirements.

In the following example, assume user joe wants NX automatically to start with a certain application as soon as he opens an NX session. To enable this behavior for this user only, proceed as follows:

  1. Log in as root.

  2. Enter the /etc/nxserver directory:

    cd /etc/nxserver

  3. Save a copy of the NX server's configuration file (node.conf) under joe.node.conf in the same directory.

  4. Edit the appropriate parameters (NODE_AUTOSTART and ENABLE_AUTORECONNECT) in joe.node.conf. For details on these features, refer to Section 9.2.4, “Configuring Autostart Tasks and Exporting Configurations” and Section 9.2.3, “Suspending and Resuming NX Sessions”.

  5. Reinstall the NX server to activate the new configuration:

    nxsetup --install --setup-nomachine-key

    The user-specific configuration overrides the global configuration.

    [Important]Maintaining User-Specific Configurations

    Make sure to use the correct options with the nxsetup command when reinstalling the server. Do not use the --clean or --purge options as these trigger a removal of any user-specific configuration data.

  6. Log out.

9.2.3. Suspending and Resuming NX Sessions

As with sessions on a mobile computer, it is equally possible to configure NX to allow suspend and resume of user sessions. A suspended session reopens exactly in the same state as you left it. This feature is only supported by the commercial NoMachine NX client. KNX does not support suspend and resume of NX sessions.

To configure suspend and resume for NX sessions, proceed as follows:

  1. Log in as root.

  2. Open the server's configuration file, /etc/nxserver/node.conf, and edit it as follows: 

    ENABLE_PASSDB_AUTHENTICATION="0" ENABLE_USER_DB="0" ENABLE_AUTORECONNECT="1"

  3. Save and exit the configuration file and restart the server with nxserver --restart.

  4. Log out.

To suspend a session on exit, click the X in the top right corner of your NX window and select Suspend to suspend your session and to exit the client. Upon reconnect, you are asked whether to resume the old session or start a fresh one.

9.2.4. Configuring Autostart Tasks and Exporting Configurations

FreeNX offers an autostart functionality that allows you to launch certain tasks when starting or resuming an NX session, provided the underlying application supports the start and resume properties. For example, you can automatically clean up the desktop or do other autostart tasks when you start FreeNX. This is especially useful when you reconnect a session, even from a different NX client (where you cannot use the standard KDE or GNOME mechanisms).

To configure autostart features, proceed as follows:

  1. Log in as root on the server machine.

  2. Open the server's configuration file /etc/nxserver/node.conf and edit the NODE_AUTOSTART variable to the following, replacing myprogram with the program that should be executed on start or resume of an NX session:

    NODE_AUTOSTART=myprogram

  3. Save and exit the configuration file.

  4. Restart the server with the nxserver --restart command and log out.

    The program specified now starts every time a session is started or resumed.

You can also export the variables NX_USERIP and NX_SESSIONID to make them accessible in the user's environment. This allows, for example, putting an icon onto the desktop with the generic content and accessing a Samba server running on the user's thin client. To make the contents of a floppy on the thin client's floppy drive available to the user, proceed as follows:

  1. Enable the export of the NX_USERIP and NX_SESSIONID variables on the server side:

    1. Log in as root on the server.

    2. Open the server's configuration /etc/nxserver/node.conf and set the following variables:

      	EXPORT_USERIP="1" EXPORT_SESSIONID="1"

    3. Save and exit the server's configuration and restart the server using the nxserver --restart command.

    4. Log out.

  2. On the client side, open a session, export the floppy drive via SMB and create an icon on the desktop:

    1. Export the contents of your floppy drive through Samba using your file manager (Nautilus or Konqueror).

    2. Create a floppy.desktop file in the Desktop directory that contains at least the following lines:

      	[Desktop Entry] Type=Link
	URL=smb://$NX_USERIP/floppy

      The server exports the thin client's IP address, allowing you to access the thin client's floppy drive with the floppy icon in the NX session.

PrevChapter 9. FreeNX: Remotely Controlling Another ComputerHome9.3. TroubleshootingNext