Using NoMachine v. 5 to access legacy unix-based systems (foreign nodes)

Starting from version 5, any Unix-like workstation or server with an X Window System (i.e. a graphical user interface based on X) can be integrated into a NoMachine environment without the need for installing the NoMachine software on that host. This gives administrators the possibility to offer access to critical business “legacy”, applications whilst still providing an easy-to-use contemporary environment.

In a NoMachine server multi-node environment (v. 5) these Unix-like hosts are named Foreign nodes to distinguish them from NoMachine nodes. A NoMachine node has a NoMachine server or node package installed, for example a Terminal Server Node in the case of a Linux host. A foreign node is simply a host on which a NoMachine server or node package is not available. Adding such nodes to a NoMachine server can be done via User Interface (GUI) or via the command line.

Pre-requisites to integrate a Foreign node into a NoMachine multinode environment

Pre-requisites to integrate a Foreign node into a NoMachine multinode environment are:

1. A Unix-based operating system is running on the Foreign node, e.g. Solaris X86 , HP-UX, AIX, BSD etc ...

4. A desktop environment (e.g. GNOME) is installed on the Foreign node.

5. A system account is present for each user who will need to log-in from remote to the Foreign node.

7. The .Xauthority file for the user specified at point 5. contains the cookie that is valid for accessing the X server. This may be confirmed by using xauth tool. Run from a console the following command: xauth -ni list

8. A system account with administrative privileges. It's preferable (but not mandatory) to use a privileged account for adding the Foreign node to the NoMachine multinode environment.

9. If NoMachine guest users are enabled, it's necessary to disable the screen lock on the Foreign node or guest users will be not able to log-in.
This applies also to connections to NoMachine nodes.

These are the main differences between NoMachine nodes and Foreign nodes:

a. Users can run virtual desktops (multiple individual instances of the node desktop) on the NoMachine Linux nodes while only connections to the physical desktop are possible on Foreign nodes.

b. Virtual desktop sessions can be load-balanced by the server automatically among the NoMachine nodes. Sessions on Foreign nodes cannot be load-balanced.

c. Connections to NoMachine nodes can use the NX or the SSH protocol. Connections to Foreign nodes must use the SSH protocol.

d. NoMachine (Linux) nodes in load-balancing can be stopped and started, Foreign nodes cannot.

To add the foreign node, use the 'nxserver --nodeadd' command and specify the '--foreign' option on the NoMachine server host.

The basic format of the command is:

nxserver --nodeadd <node> --foreign

where <node> is the IP or hostname of the Foreign node.

Connections to the Foreign node will use the SSH protocol on port 22. It's possible to provide the --port parameter to specify a different port, for example:

All the other parameters of the 'nxserver --nodeadd' command can be specified, except for:

[--weight <weight>], available only for NoMachine nodes being part of the load-balancing mechanism

[--limit <limit>], available only for NoMachine nodes supporting virtual desktops (this parameter allows to limit the number of virtual desktops allowed on the specified node).

The most common reasons why connections to the Foreign node are not possible

Regarding the X server, consider that on some operating systems the X server is started with the '-nolisten tcp' . If this is the case, restart the X server after enabling TCP listening (please refer to the official documentation of your distribution).

Connections to the Foreign node are no longer possible when the fingerprint on the Foreign node is changed.

In this case, run on the NoMachine server host the following command, accept the new fingerprint and add it to the known_hosts file:

Regarding the X server authorization cookie, bear in mind that it should be in a format recognizable by the operating system of the server host machine. For example, if the cookie is in the 'hostname/unix:display' format, the system must be able to resolve the hostname to the correspondent IP address.

For further commands to manage Foreign nodes, please refer to the NoMachine Enterprise Products 5.x - Server Administrator's Guide - Advanced Functions:

An illustrated tutorial is also available here: https://www.nomachine.com/adding-nodes-to-enterprise-and-cloud-server-via-the-gui

Using NoMachine v. 5 to access legacy unix-based systems (foreign nodes)
Added on: 2015-07-02	Last Modified: 2017-11-13
ID: AR07M00849	Applies To: NoMachine Software

Starting from version 5, any Unix-like workstation or server with an X Window System (i.e. a graphical user interface based on X) can be integrated into a NoMachine environment without the need for installing the NoMachine software on that host. This gives administrators the possibility to offer access to critical business “legacy”, applications whilst still providing an easy-to-use contemporary environment. In a NoMachine server multi-node environment (v. 5) these Unix-like hosts are named Foreign nodes to distinguish them from NoMachine nodes. A NoMachine node has a NoMachine server or node package installed, for example a Terminal Server Node in the case of a Linux host. A foreign node is simply a host on which a NoMachine server or node package is not available. Adding such nodes to a NoMachine server can be done via User Interface (GUI) or via the command line. Pre-requisites to integrate a Foreign node into a NoMachine multinode environment Pre-requisites to integrate a Foreign node into a NoMachine multinode environment are: 1. A Unix-based operating system is running on the Foreign node, e.g. Solaris X86 , HP-UX, AIX, BSD etc ... 2. An X server is up and running on the Foreign node. 3. The X server listens for TCP connections. 4. A desktop environment (e.g. GNOME) is installed on the Foreign node. 5. A system account is present for each user who will need to log-in from remote to the Foreign node. 6. The xauth command is installed on the Foreign node. 7. The .Xauthority file for the user specified at point 5. contains the cookie that is valid for accessing the X server. This may be confirmed by using xauth tool. Run from a console the following command: xauth -ni list 8. A system account with administrative privileges. It's preferable (but not mandatory) to use a privileged account for adding the Foreign node to the NoMachine multinode environment. 9. If NoMachine guest users are enabled, it's necessary to disable the screen lock on the Foreign node or guest users will be not able to log-in. This applies also to connections to NoMachine nodes. Main differences between NoMachine and Foreign nodes These are the main differences between NoMachine nodes and Foreign nodes: a. Users can run virtual desktops (multiple individual instances of the node desktop) on the NoMachine Linux nodes while only connections to the physical desktop are possible on Foreign nodes. b. Virtual desktop sessions can be load-balanced by the server automatically among the NoMachine nodes. Sessions on Foreign nodes cannot be load-balanced. c. Connections to NoMachine nodes can use the NX or the SSH protocol. Connections to Foreign nodes must use the SSH protocol. d. NoMachine (Linux) nodes in load-balancing can be stopped and started, Foreign nodes cannot. Adding a Foreign node to the NoMachine multinode environment To add the foreign node, use the 'nxserver --nodeadd' command and specify the '--foreign' option on the NoMachine server host. The basic format of the command is: nxserver --nodeadd <node> --foreign where <node> is the IP or hostname of the Foreign node. Connections to the Foreign node will use the SSH protocol on port 22. It's possible to provide the --port parameter to specify a different port, for example: nxserver --nodeadd <node> --port 2222 --foreign All the other parameters of the 'nxserver --nodeadd' command can be specified, except for: [--weight <weight>], available only for NoMachine nodes being part of the load-balancing mechanism [--limit <limit>], available only for NoMachine nodes supporting virtual desktops (this parameter allows to limit the number of virtual desktops allowed on the specified node). The most common reasons why connections to the Foreign node are not possible Verify that all pre-requisites listed above are met. Regarding the X server, consider that on some operating systems the X server is started with the '-nolisten tcp' . If this is the case, restart the X server after enabling TCP listening (please refer to the official documentation of your distribution). Connections to the Foreign node are no longer possible when the fingerprint on the Foreign node is changed. In this case, run on the NoMachine server host the following command, accept the new fingerprint and add it to the known_hosts file: nxserver --nodeupdate <node:port> [--strict-host-key-checking yes\|no] Regarding the X server authorization cookie, bear in mind that it should be in a format recognizable by the operating system of the server host machine. For example, if the cookie is in the 'hostname/unix:display' format, the system must be able to resolve the hostname to the correspondent IP address. References For further commands to manage Foreign nodes, please refer to the NoMachine Enterprise Products 5.x - Server Administrator's Guide - Advanced Functions: https://www.nomachine.com/DT07M00091 An illustrated tutorial is also available here: https://www.nomachine.com/adding-nodes-to-enterprise-and-cloud-server-via-the-gui For NoMachine 4.x read here: https://www.nomachine.com/AR01F00498