How To Install FreeNX with Key-based authentication on CentOS 5.5 in a Windows Platform Environment

 

In this article I will show you how to install and configured one of our more popular remote access programs here at PADT, Inc.  The software that I will be showing you how to install is called FreeNX.  FreeNX is the opensource version of a product distributed by the company called NOMACHINE, http://www.nomachine.com/.  Another program that the Analysts have struggled with over the years and still is a favorite with some of the Analysts here at PADT, Inc. is a program called CYGWIN http://www.cygwin.com/. However, the analysts seem to prefer the fast interface and overall robustness of the FREENX server.

Within this guide I will attempt to break the install down into two components so that Network Administrators and IT Managers are able to have this up and running in 30 minutes. For my installation I used the How To install NX Server using FreeNX guide freely provided by the CentOS wiki site as a reference. http://wiki.centos.org/HowTos/FreeNX

Of course it’s okay to install NX server on FreeNX using the graphical user interface

STEP 1 – SERVER: NOMACHINE FREENX SERVER INSTALLATION USING GRAPHICAL INTERFACE

1.       Install FREENX on your CentOS 5.5 server. My test NX server is a DELL Poweredge 1950 server, that has an install of CentOS 5.5 64-bit edition.

a.       Console installation

                                                               i.      Login as root console

                                                             ii.      Click Applications à Add/Remove Software

                                                            iii.      You will see the following dialogue box.

                                                           iv.     

                                                             v.      On The left had side scroll down the list until you see CentOS extras. On the right window select FreeNX and NX. Then select Apply. A screen shot is shown below.

                                                           vi.     

                                                          vii.      Allow the dependencies check to run. When you see the image that looks like the one below prompting to Cancel or Continue. Select Continue

                                                        viii.     

                                                           ix.      Next, Allow the system to download and install the packages.

                                                             x.     

                                                           xi.      When it has completed the checkmark on FreeNX and NX will be selected and you can now close out the package manager.

STEP 2  – SERVER: Terminal Session command line changes for FreeNX Key-based authentication

1.       You may have thought you could get away with a GUI only installation of FreeNX but not this time.

2.       Click Applications à Accessories à Terminal

a.      

3.       For my server example I choose to use vi as my text editor. However you may choose to use whatever text editor you may like. I guarantee any Linux user will immediately be impressed if you open up a terminal session and start editing the file using vi.

First lets go over of my most used vi commands: vi basics for Windows Network Administrators

                                                                           i.      i = insert text

                                                                         ii.      d = delete text

                                                                        iii.      d[space bar] = please delete the one piece of text to the right.

                                                                       iv.      dd = opps did I just delete the entire line?

                                                                         v.      :q! = Eek! get me out of here now I screwed up the file really bad. No I don’t want to save the file right now!

                                                                       vi.       :wq! = Yes save the file right now

                                                                      vii.      For further research and light reading please go here: http://www.uic.edu/depts/accc/software/unixgeneral/vi101.html

Editing the sshd_config file using vi

b.      Within your open terminal window type:

c.       cd /etc/ssh/

d.      Login as root. Because you are the Network Administrator or IT Manager. Hopefully you are already logged in as root

e.      Next type, vi sshd_config (reference or print out David’s most used vi commands first!)

f.       

4.       Now don’t panic…using your down-arrow key tap down until you get to the area that reads Password Authentication. Remove the # mark by pressing (gently) d then the space bar. This will remove the # (remark) comment.

5.       Per the documentation modify if you have disallowed ssh password cleartext tunneled passwords. You will need to make the PasswordAuthentication  line to look like the above highlighted text.

6.       Next, add the following line below the text PasswordAuthetication yes

                                                                          i.      Within vi press i  

1.       This will put you into INSERT mode.

2.       Add the text AllowUsers nx

3.       Add any additional users similar to how I have it above.

a.       :ie.  AllowUsers nx userid1 userid2 Ansys, Inc.

4.       Now that you have that text added you have the vi basics for Windows Network Administrators command lists from above press. :wq!

Configure the NX database to allow passthrough authentication.

Editing the node.conf file using vi

7.       Next, we need to edit the node.conf file within the /etc/nxserver/ folder

a.       You should be back to your terminal session

b.      Within your open terminal window type:

c.       cd /etc/nxserver/

                                                                           i.     

                                                                         ii.      vi node.conf

1.       With your vi editing session open tap down to the place in the file that reads  ## Authentication / Security directives

a.      

b.      Un-remark # the ENABLE_PASSDB_ AUTHENTICATION =”0” and modified to read as the one highlighted above.

                                                                                                                                                   i.      ENABLE_PASSDB_AUTHENTICATION=”1”

Add your nx users to the NX Database

Add yourself to the nxserver database.

Suppose your username is ansys

·         [root@ben1]# nxserver –adduser ansys

·         NX> 100 NXSERVER – Version 1.5.0-60 OS (GPL)

·         NX> 1000 NXNODE – Version 1.5.0-60 OS (GPL)

·         NX> 716 Public key added to: /home/ ansys /.ssh/authorized_keys2

·         NX> 1001 Bye.

·         NX> 999 Bye

Assign a password for the userid’s.

Add your nx server password to the NX Database

·         [root@ben1]# nxserver –passwd ansys

·         NX> 100 NXSERVER – Version 1.5.0-60 OS (GPL)

·         New password:

·         Password changed.

·         NX> 999 Bye

Verify that you have added userid1on the AllowUsers line in the /etc/ssh/sshd_config file: and then reload sshd:

·         In your Terminal session type:

·         service sshd reload

 

·        

 

STEP 3 – CLIENT INSTALLATION

·         You can download FreeNX windows client from here and install. Follow the instructions.

Key points to remember on your Windows Client Installation:

 

·         Follow the excellent instructions provided by NOMACHINE – However.

·         I suggest that you change Desktop to GNOME,

o    Ansys, Inc., Inc. installations prefers the GNOME desktop. Also increase your bandwidth slider to you current network connection.

·         I choose:

o   Host: your NX Server

o    LAN

o   Display of 1024×768 (or all available)

·          

 

The critical piece to finish the installation is to copy and paste the client key from the nxserver into your Windows Client install.

·         Located under the GENERAL tab (see image above) Click Key… and delete the key within your client installation.

o   Paste in the key from your new nx server install

o   Next, click Save.

·         To locate your nxserver key copy the text out of the file located in the directory:

o   /etc/nxserver/

§  vi client.id_dsa.key

§  copy the text out

o   client.id_dsa.key – Copy all of the text from this file and paste it into the Key.. file on your Windows Client installation.

§  As root user – highlight the text and Copy then paste into your Client

§  Again the location of the client.id_dsa.key is below

o