Running a lightweight GUI on your vps

Discussion in 'Tutorials and Guides' started by wlanboy, Nov 29, 2013.

  1. nunim

    nunim VPS Junkie

    485
    157
    May 15, 2013
    Apologies, I recently changed my website configuration, moved away from VestaCP on that server and forgot to restore the subdomain with the NX files, it should be working properly now.
     
  2. ubayogi

    ubayogi New Member

    7
    0
    Mar 23, 2014
    No need to apologize. You did us a favor. Runs fantastic and able to connect now. Thanks a million. 


    su username
    Now just got to figure how to switch from nomachine user to default ubuntu user on AWS. AWS issues private key and no password for default user. su expects a password.  :unsure:
     
  3. nunim

    nunim VPS Junkie

    485
    157
    May 15, 2013
    My suggestion would be to add your NoMachine user to sudoers, then do sudo su after you've logged into NX.
     
  4. ubayogi

    ubayogi New Member

    7
    0
    Mar 23, 2014
    Perfect, that got me to where I wanted. Ran into another roadblock. As nomachine user I'm able to launch GUI programs from a LXTerminal (say Firefox). When I try the same after switching to user ubuntu, I get the following error:



    [email protected]:~$ firefox
    No protocol specified
    No protocol specified
    No protocol specified
    No protocol specified
    Error: cannot open display: :1002

    What I notice is user nomachine has the following additional files and folders. Not sure if that makes any difference.


    Code:
    .config  Desktop  .kde  .mcoprc  .nx .qt  .Xauthority
     
    Last edited by a moderator: Mar 25, 2014
  5. drmike

    drmike 100% Tier-1 Gogent

    8,573
    2,717
    May 13, 2013
    Folks here like to lure me and have me spend days on these ideas :) Cruel.

    Been using x2go.   I can't speak highly enough of it.  1GB VPS with 1GB of swap.... Runs better than my idiotic old dumb-like terminals which I run the client from.

    Blows VNC away, way more responsive.   Plus it's wrapped in SSH tunnel so snooping takes some crypto conquering.
     
    mikedep333 likes this.
  6. nunim

    nunim VPS Junkie

    485
    157
    May 15, 2013
    Run the following as your NX user:


    sudo apt-get -y --no-install-recommends install gksu
    gksudo firefox
    FireFox will now be running as root.
     
    Last edited by a moderator: Mar 25, 2014
  7. ubayogi

    ubayogi New Member

    7
    0
    Mar 23, 2014
    We are using ubuntu as a service account to run several applications. I now want to install and run an additional software as user ubuntu. Unfortunately this particular software is GUI only and no command line. Doing it through X forwarding was very painful and hence adopted NX. As much as I can, don't want to move away from service account just to run something GUI.
     
  8. ubayogi

    ubayogi New Member

    7
    0
    Mar 23, 2014
    I was able to set a password for user ubuntu and now it allows me to connect to NX. I'm able to run and view GUI as user ubuntu. However, I'm ran into a different issue. Took an Amazon image backup of existing NX machine that works good and launched a new instance from the image. Attempting to connect to it from nx client, I get,


    The session negotiation failed.
    Error: Authentication failed
    Checked no change in username, password across both instances. Checked NX server is running in the new instance. Checked authentication for user: ubuntu is: system. Checked passwordauthentication is set to yes in sshd_config. Basically all settings are ditto in both machines. NX works good in the parent machine where it was originally installed but not on the child created from an image.

    Any pointers on where I should start looking at? (I know hostname & internal IP changes for each instance. Will that be causing issues? I tried grep'ing for hostname references inside ~/.nx and /usr/NX directories, no luck so far.)
     
  9. nunim

    nunim VPS Junkie

    485
    157
    May 15, 2013
    Have you checked the NX log and see if it reveals the error?  I'm not that familiar with the AWS template system, is all information saved across, i.e. SSH keys?  

    See this page for NoMachine error log info:

    https://www.nomachine.com/AR08J00651
     
  10. ubayogi

    ubayogi New Member

    7
    0
    Mar 23, 2014
    Thanks for the link, I'll check the logs. Curious why you mention SSH keys since I been using username password to login via NX and not key based login.

    Could you please also let me know how to correctly uninstall/roll back the NX installation done by the script. The lxde stuff can stay, just the NX portions. What I'm thinking as a workaround is to uninstall NX completely and re-install again to see if that helps.
     
  11. nunim

    nunim VPS Junkie

    485
    157
    May 15, 2013
     

    I'm just wondering, as I said I'm not that familiar with the template system on AWS.  If it's an auth problem then I was thinking maybe the keys are mismatched or something similar, however I'm not sure. 

     

    Did the error log shed any light on the problem? 


     

    To remove all NoMachine software:

     

    apt-get purge nxnode nxclient nxserver

     
     
    Last edited by a moderator: Mar 30, 2014
  12. ubayogi

    ubayogi New Member

    7
    0
    Mar 23, 2014
    @nunim You were spot on. It was in fact the SSH keys that was causing the problem. Relevant lines from the log.



    NXSERVER-3.5.0-11[3345]: Failed SSHd authentication for user 'ubuntu', to '127.0.0.1', port '22': 'NX> 204 Authentication failed.

    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack) It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sentby the remote host is x6:73:00:78:82:xx:3x:xx:xx:6x:x9:xx:13:00:13:x0

    Please contact your system administrator. Add correct host key in /usr/NX/home/nx/.ssh/known_hosts to get rid of this message. Offending key in /usr/NX/home/nx/.ssh/known_hosts

    Password authentication is disabled to avoid man-in-the-middle attacks. Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.
    Not sure if its the right thing to do, but, following steps made it work.

    1. Edited /home/ubuntu/.ssh/authorized_keys2 and changed the [email protected] reference to point to the current hostname. It was pointing to the name of the original machine on which AMI image was taken.
    2. Copied private key contents in /etc/ssh/ssh_host_rsa_key from the original machine (AMI image source) to the same file in problem machine.
    3. Restarted sshd and NX started working  :D
    The above steps worked irrespective of new instance sharing the same SSH keypair as the original machine or launched with its own new keypair. I'm sure I maybe violating few unwritten SSH laws by doing this copying thing. If any of you know the right way to go about this, I'm all ears  :)

    Purpose is to have NX pre-installed & available on AMI image. And get NX working in new child instances with minimal effort. I could have as well run nunim's script on new instances, but I went ahead and built several custom images before running into this issue. Each image has a lot of other software combinations. Don't want to redo all of them now.
     
  13. nunim

    nunim VPS Junkie

    485
    157
    May 15, 2013
    If it works, it works :)  Glad to hear that you've gotten it working.
     
    Last edited by a moderator: Mar 31, 2014
  14. mikedep333

    mikedep333 New Member

    7
    8
    May 2, 2014
    As an X2Go Developer, this warms my heart.

    To be fair, VNC can be tunneled over SSH also.

    We have basically the same performance as NX3 because we use their code for graphics and input. X2Go, NX3, RDP, SPICE and Citrix all use client-side rendering. VNC uses server-side rendering instead, which we consider a worse design, especially in terms of performance. However, unlike NX3, we are actively maintained. (NX4 is maintained, but is proprietary.) And we have additional features such as folder sharing.

    Anyway, I just wrote this thread with instructions on using X2Go instead of VNC:
     
    drmike likes this.
  15. TheSkyspace_Natalie

    TheSkyspace_Natalie New Member

    2
    0
    May 24, 2014
    Fairly good & useful tutorial.

    Good job.
     
  16. cspacews

    cspacews New Member Verified Provider

    25
    2
    Jan 30, 2014
    Good Job :lol:

    Thanks :)
     
  17. willie

    willie Active Member

    760
    207
    May 24, 2013
    Man I'm horrified.  VNC has been useful for KVM configuration and could be ok for occasionally poking things, but trying to get real work done on it sounds unbearable.  Maybe it's better with superfast internet.  Also it's usually unencrypted so you're sending all your passwords etc. in the clear.  Are you tunnelling it through a vpn or anything?

    My favorite lightweight window manager is xmonad (xmonad.org).
     
    drmike likes this.
  18. nunim

    nunim VPS Junkie

    485
    157
    May 15, 2013
    Update:  There is a NoMachine client available for Android/iOS, it supports 3.5 and 4.0 and it works perfectly with my script with a little configuration on the client end.

    Android:

    APK -  https://www.nomachine.com/download/download&id=68

    Google Play - https://play.google.com/store/apps/details?id=com.nomachine.nxplayer

    iOShttps://itunes.apple.com/us/app/nomachine/id874286563?mt=8
     
    drmike likes this.
  19. mehargags

    mehargags New Member

    10
    0
    Oct 30, 2014
    So now at present in 2015 -- which version of NoMachine you still prefer ? 3.5 or 4.x ?

    which one works better than tightVNC ?
     
  20. nunim

    nunim VPS Junkie

    485
    157
    May 15, 2013
    I still prefer 3.5 by a long shot as 4.x is an entirely different beast.

    Taken from the NoMachine download page:


    NoMachine NX Free Edition 3 users read here:

    The free NoMachine 4 is a new product aimed at a different use case. While NoMachine NX Free Edition 3 offered a free terminal server with virtual desktops created on demand, the free NoMachine 4 is designed to work the same across Windows, Mac and Linux and give users access to the physical desktop of the remote computer. If you need to create virtual desktops on demand, want to limit the logins to SSH, or are using NIS, Kerberos or other enterprise server functionalities, you need one of the NoMachine Enterprise server products you can download here.

    Note that you can use NoMachine 4 as a client of an Enterprise server, or you can download the free Enterprise client here.

    [SIZE=10.5pt]Essentially the free version of NX 4 is VNC while free 3.5 offered up to 2(?) simultaneous virtual terminal sessions.[/SIZE]

    [SIZE=10.5pt]I tried a fresh installation of 4.x to see if I liked it any better but it's just as awful as ever.  There's seemingly a lack of documentation/guides for 4.x, the installation was far more confusing (especially vs. using my script for 3.5) not made any better by my lack of familiarity with RunAbove's network management system.  An important note is that free 4.x doesn't allow connections via SSH, only via the NX protocol (Port 4000).[/SIZE]
     
    Last edited by a moderator: Mar 1, 2015