This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Feature: Networking

NoMachine NX 3.0 improves remote access to Linux boxes

By Nathan Willis on July 11, 2007 (9:00:00 AM)

Share    Print    Comments   

NoMachine recently released version 3.0 of its remote desktop product line. NX 3.0 has some interesting advantages over similar products -- but also some pitfalls for inexperienced users.

You can download several varieties of NX software from nomachine.com. Lacking prior experience with NX, I initially found the product matrix confusing: there are free downloads for NX Free Edition, NX Server, NX Node, NX Client, NX Server Manager, NX Web Companion, and NX Builder. The FAQ linked to at the top of the page was unhelpful, and the product pages described how great all of the products were without addressing how to get started.

I eventually got the hang of things through reading installation instructions and tutorials written by other users on various third-party Linux discussion forums. The upshot is that you need to install an NX Server, NX Node, and NX Client onto each Linux machine that you want to access remotely, and a copy of NX Client onto each machine (Linux, Mac OS X, Windows, or Solaris) from which you want to do the accessing.

For the NX Server component, you have multiple choices. NX Free Edition is properly called NX Server Free Edition; it is the zero-cost option. The other editions of NX Server are commercial; a comparison page outlines the different features available. NX Server Free Edition limits you to two concurrent NX sessions and two NX-capable user accounts (which can be regular accounts on your Linux box, or accounts that you set up just for NX access).

NoMachine provides binary packages for an impressive array of Linux distributions: Red Hat, Fedora, openSUSE, SLED, Mandriva, Xandros, Debian, and Ubuntu -- supporting multiple releases of each -- and tarballs that should work on other distros. For those distros with an AMD64 version, both i386 and AMD64 architectures are supported. Download the packages, then install first nxclient, then nxnode, then nxserver.

NX tunnels over SSH, so you need to have a working SSH server on your host machine. NX Server and NX Client are each distributed with one half of a public key pair. This key is only used by the "nx" user account during session establishment -- after the connection is made, actual login is done via a standard Linux user account. Still, you need to either make sure that the default NX key (in /usr/NX/home/nx/.ssh/authorized_keys2) is added to your /etc/ssh/sshd_config file, or generate your own key pair and use it instead. Generating a new key yourself will buy you extra security, since the default NoMachine key -- much like a default password -- is a known quantity.

When you are just starting out, I recommend sticking with the NoMachine-supplied key. Though you can learn how to create a new key pair from the OpenSSH documentation (and probably from your distro), it makes little difference whether you take that detour or not -- whichever key pair you use, NX functions exactly the same.

Connecting

Once everything is installed, start the server by running sudo /usr/NX/bin/nxserver --status, and look for any error messages. Once the server is running, you can connect to it from a client on any other machine.

With the VNC remote desktop application, you can connect to a session on any remote machine on which VNC runs, be it Linux, Unix, Windows, or Mac. But NX is a one-way street. NX Clients are available for other platforms, but NX Server runs only on Linux -- you cannot use NX technology to connect to a remote Windows box. This is because NX works by compressing and relaying the X Window session itself. The tradeoff is that, by giving up cross-platform operation, you gain considerable speed over a lower-level remote technology like VNC and its Remote FrameBuffer.

Connecting to the NX Server machine is easy. The Mac and Windows versions of NX Client have GUI launchers. The Linux client package should install several .desktop launchers (although you may not see them in your applications menu until the menu reloads). You can also launch the client from the command line with /usr/NX/bin/nxclient.

The NX Client Connection Wizard both steps you through your first session and saves your preferences for future reuse. To connect, all you need is the IP address or name of the machine running NX Server and a valid account on the machine. If you want to connect to the NX Server machine while logged in locally (as I did when testing NX initially), be sure that your user account is permitted to make multiple logins (mine wasn't).

Once you do log in, you'll have a full X, GNOME, or KDE session running on your client machine. Everything accessible to you if you were logged in locally is available through the remote connection. And performance is fast; there was little to no lag time between mouse clicks and screen updates in my tests -- something that I can't say for VNC.

Sound was a little bit pickier; I was able to get standard music players (such as Rhythmbox) to work over the remote connection when using the Linux client, but not when using Mac OS X. And only apps that can use the Enlightened Sound Daemon (esd) for their audio output on the server side work -- others, such video4linux apps, produced no sound on any client.

Among NX 3.0's many options, I found it odd that the default setting is to disable SSH encryption for the session data itself -- encryption is still used during authentication, of course, but not for regular traffic. With encryption turned off, I had trouble getting a session established, even over a LAN with no firewall. The authentication step would complete, but about half the time, a session would time out while downloading the first screen of data.

I also had my share of hangups during remote sessions. I don't expect perfection when it comes to remote X sessions -- hangups are a fact of life, and VNC and RDP are just as susceptible. But I was disappointed in the lack of error reporting in NX 3.0. Every NX session creates log files in ~/.nx, but none of them recorded any errors, not on connection timeouts, crashes, incorrect logins, or any other situation. When I am working over a remote connection and things head south, I would like to know why; if that information is stored anywhere (including under /usr/NX/), I couldn't find it.

NX is capable of more than just simple remote X sessions. It can tunnel both VNC and RDP, and you can set up "shadow" sessions, where remote users can watch, but not interact with, an X session on a remote machine. Paranoiacs will be happy to learn that NX notifies you when a remote user starts shadowing your session, and that you can disable shadowing altogether.

Business users have a lot more options in the NX Server column than do freeloaders. The commercial versions of NX Server allow greater numbers of NX users, and more concurrent connections, plus niceties like user profiles and management of multiple NX Servers from one place.

Conclusions

As a whole, I found NX 3.0 to be very capable software, and faster than VNC, which for a free solution is reason enough to earn a place on my network.

Of the pitfalls that ensnared me as I got started with NX, what really bothered me was how difficult it was to find answers. Support (for the free edition) is limited to NoMachine's online knowledge base and trouble ticket system, which could use more work for the "new user" segment, or at least something to which users can contribute, such as an open discussion forum. But if you can commit time to learning the ins and outs of NX, the returns are valuable.

Share    Print    Comments   

Comments

on NoMachine NX 3.0 improves remote access to Linux boxes

Note: Comments are owned by the poster. We are not responsible for their content.

NoMachine NX 3.0 improves remote access to Linux boxes

Posted by: Anonymous [ip: 72.51.93.231] on July 22, 2007 03:38 AM
This release seems to be broken. My SSH Server is set up to authenticate with Keys only. UserPAM and PasswordAuthentication is set to no. In this setup Ver 3 fails to authenticate. I suspect it has to do something with the nx user. In ver 2 of this product an nx system user was usually created and visible with all other system users. On removing ver 2 and installing ver 3 ... ver 3 creates no such system user. So how does NXServer do its authentication without an nx systerm user? Has it changed its methods so drastically?

#

NoMachine NX 3.0 improves remote access to Linux boxes

Posted by: Anonymous [ip: 204.147.189.21] on July 23, 2007 11:29 PM
Dear Nathan,

Nice article about NX. I do think Gian over-reacted a bit with his "rebuttal" to your article ( http://www.nomachine.com/news-read.php?idnews=204 ) . I thought the article was quite positive, nothing to be "stunned" about. Please write a criticism like that about our new product :)

It is good to see that a number of next-generation solutions are coming to market that will drive up the use of Linux and Unix while also enabling more Windows clients take advantage of X. Besides NoMachine, Hummingbird is doing this with their Exceed on Demand, and now we at StarNet are about to do this with our next-generation PC X server, X-Win32 LIVE.

Will you attend LinuxWorld next month? StarNet is planning to demonstrate this product there for the first time.

X-Win32 LIVE offers our standard X-Win32 PC X server with a new "LIVE Session" capability that offers suspend/resume of remote X sessions, fast X connections over the Internet, session recovery and the ability to start a session on one PC and resume it on another, using a USB drive from which X-Win32 LIVE runs.

X-Win32 LIVE offers a number of advantages over both VNC and NoMachine (which of course is not to say that those solutions don't also offer some advantages over X-Win32).

If you are not attending LinuxWorld, let me know where I may mail an X-Win32 LIVE USB drive for your evaluation.

Paul Swart
VP Sales & Marketing
StarNet Communications
www.starnet.com
408-739-0881 x520





#

NoMachine NX 3.0 improves remote access to Linux boxes

Posted by: Anonymous [ip: 129.105.104.235] on July 31, 2007 02:34 AM
Hello Nathan Willis and Unix friends,

How refreshing to read somebody who says that things are confusing!

Seems to me the best chance to make NX work, or anything like it, is to cut back on what we would have it do. Use, therefore, the lightest weight window manager possible at the server end that still does the job you need.

Looks like the Pek window manager might qualify as the most lightweight of those which run XWindows. Go to page 12 of http://www.zumGlockenturm.org to read about Pek. Or go to eSnips and type «Pekwm» in the search window.

If you don't need XWindows, you can still get windows on the console with Twin. At zumGlockenturm.org or at eSnips type «Unix_Terminal» in the search window to read about it. I learned of Twin from http://michael-prokop.at/computer/linux_tools.html .

At zumGlockenturm I've been uploading stuff I prepared for my own research.

Maybe the Pek window manager will let NX behave nicely!

Sincerely,

Roger

#

NoMachine NX 3.0 improves remote access to Linux boxes

Posted by: Anonymous [ip: 68.255.81.168] on August 23, 2007 05:25 AM
"Among NX 3.0's many options, I found it odd that the default setting is to disable SSH encryption for the session data itself -- encryption is still used during authentication, of course, but not for regular traffic."

I don't think that is correct. The documentation in the config file says that this option enables or disables the server from accepting unencrypted connections. The default is to allow unencrypted connections (as well as encrypted). Encryption is negotiated between client and server. The client defaults to requesting encryption, so straight out of the box with default settings, connecting clients will encrypt traffic. Now, you might argue that the default should be to not even allow client to connect unencrypted...

#

NoMachine NX 3.0 improves remote access to Linux boxes

Posted by: Anonymous [ip: 24.82.169.191] on October 21, 2007 10:11 AM
Part of the problem is that their website continues to be a complete mess. It's rife with information overload and lack of focus. On top of that some very basic interface principles get thrown out the window. I mean, who on this earth puts the "Home" tab on the far right hand side of a tab-based navigation scheme?? What the heck!? Add to that the fact they try and cram tons of information into each page via useless sidebars and you've got my head spinning. Trim it down guys, hire a good designer and remember that less is almost always more. Sorry to sound so negative.. you've got a great product but your website is doing you a huge disservice.


#

NoMachine NX 3.0 improves remote access to Linux boxes

Posted by: Anonymous [ip: 88.232.163.140] on December 14, 2007 03:51 PM
<a href="http://r10noktanet-seoyarismasi.blogspot.com" title="www.r10.net küresel ısınmaya hayır seo yarışması">www.r10.net küresel ısınmaya hayır seo yarışması</a>

#

This story has been archived. Comments can no longer be posted.



 
Tableless layout Validate XHTML 1.0 Strict Validate CSS Powered by Xaraya