<html>
<head>
<style>
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
FONT-SIZE: 10pt;
FONT-FAMILY:Tahoma
}
</style>
</head>
<body class='hmmessage'>
I ave been getting connection timed out errors for a while now and I cannot figure out what the issue is. By all accounts I have the correct configuration. Can someone go over the following and let me know what holes you see in my config? I also changed all of the IPs to x.x.x.100 and so on. <br><br>x.x.x.100 = master<br>x.x.x.100-119 = nodes<br><br>Configuration:<br> Load Balanced cluster: 20 nodes behind Cisco 2611.<br> Load balancing configured in node.conf.<br> Session forwarding configured in nodes' node.conf pointing to the master.<br><br>Router:<br> Static NATs from internet facing IPs to internal IPs on port 22.<br> Static NAT from Internet facing IP to internal on master on ports 22 and 80 (for the web based client).<br><br>nxserver.log:<br> Master:<br><br>-- NX SERVER START: -c /usr/bin/nxserver - ORIG_COMMAND=<br>HELLO NXSERVER - Version 2.1.0-72 OS (GPL, using backend: not detected)<br>NX> 105 hello NXCLIENT - Version 2.1.0<br>NX> 134 Accepted protocol: 2.1.0<br>NX> 105 SET SHELL_MODE SHELL<br>NX> 105 SET AUTH_MODE PASSWORD<br>NX> 105 login<br>NX> 101 User: root<br>NX> 102 Password:<br>Info: Auth method: passdb ssh<br>NX> 103 Welcome to: SDVPC01 user: root<br>NX> 105 listsession --user="root" --status="suspended,running" --geometry="1440x900x32+render" --type="unix-application"<br>NX> 127 Sessions list of user 'root' for reconnect:<br><br>Display Type Session ID Options Depth Screen Status Session Name<br>------- ---------------- -------------------------------- -------- ----- -------------- ----------- ------------------------------<br><br><br>NX> 148 Server capacity: not reached for user: root<br>NX> 105 startsession --virtualdesktop="1" --application="lxp-startup" --link="wan" --backingstore="1" --encryption="1" --cache="16M" --images="64M" --shmem="1" --shpix="1" --strict="0" --composite="1" --media="0" --session="session" --type="unix-application" --geometry="1440x837" --client="winnt" --keyboard="pc102/en_US" --screeninfo="1440x837x32+render"<br><br>Info: Load-Balancing (if possible) to x.x.x.113 ...<br>&virtualdesktop=1&application=lxp-startup&link=wan&backingstore=1&encryption=1&cache=16M&images=64M&shmem=1&shpix=1&strict=0&composite=1&media=0&session=session&type=unix-application&geometry=1440x837&client=winnt&keyboard=pc102/en_US&screeninfo=1440x837x32+render&clientproto=2.1.0&user=root&userip=68.209.123.36&uniqueid=0351427BD84C5BADAC9A0C0A722DED15&display=1000&host=x.x.x.113<br>ssh: connect to host x.x.x.113 port 22: Connection refused<br>expect: spawn id exp5 not open<br> while executing<br>"expect -nobrace {Are you sure you want to continue connecting (yes/no)?} { send "yes\r" } assword*: { sleep 0.3; send "$password\r" } {Permission deni..."<br> invoked from within<br>"expect {<br> "Are you sure you want to continue connecting (yes/no)?" { send "yes\r" }<br> "assword*:" { sleep 0.3; send "$password\r" }<br> "Permission de..."<br> ("while" body line 2)<br> invoked from within<br>"while {1} {<br> expect {<br> "Are you sure you want to continue connecting (yes/no)?" { send "yes\r" }<br> "assword*:" { sleep 0.3; send "$password\r" }<br> "..."<br> (file "/usr/bin/nxnode-login" line 69)<br>NX> 1004 Error: Session did not start.<br>NX> 596 Session start failed.<br>NX> 999 Bye<br><br><br>/var/log/secure:<br> Master:<br><br>Jul 17 11:53:06 SDVPC01 sshd[21173]: pam_unix(sshd:session): session closed for user root<br>Jul 17 11:54:23 SDVPC01 sshd[21766]: Accepted publickey for nx from "myIP" port 50888 ssh2<br>Jul 17 11:54:24 SDVPC01 sshd[21766]: pam_unix(sshd:session): session opened for user nx by (uid=0)<br>Jul 17 11:54:28 SDVPC01 sshd[21845]: Accepted password for root from 127.0.0.1 port 60862 ssh2<br>Jul 17 11:54:28 SDVPC01 sshd[21845]: pam_unix(sshd:session): session opened for user root by (uid=0)<br>Jul 17 11:54:28 SDVPC01 sshd[21845]: pam_unix(sshd:session): session closed for user root<br>Jul 17 11:55:33 SDVPC01 sshd[21766]: pam_unix(sshd:session): session closed for user nx<br>Jul 17 11:56:34 SDVPC01 sshd[22131]: Accepted password for root from "myIP" port 50903 ssh2<br>Jul 17 11:56:35 SDVPC01 sshd[22131]: pam_unix(sshd:session): session opened for user root by (uid=0)<br><br>node.conf:<br> Master:<br><br># node.conf<br>#<br># This file is provided by FreeNX. It should be placed either into<br># /etc/nxserver/node.conf (FreeNX style) or /usr/NX/etc/node.conf<br># (NoMachine NX style).<br>#<br># It is mostly compatible with NoMachine node.conf. The most important <br># difference is that no spaces are allowed when assigning values (eg <br># "A=value" is allowed, "A = value" is NOT).<br>#<br># This file is sourced by bash, so you can do some fancy stuff here if you<br># want to, but be aware that it is sourced 3 times per connection. If you <br># want autostart stuff, set NODE_AUTOSTART instead!<br># <br>#<br># You surely are aware that FreeNX is based on the fantastic results that<br># the hard work by NoMachine.com has achieved. NoMachine.com released the<br># core NX libraries under the GPL. The installation of these libs are the<br># precondition for all FreeNX scripts to work. If you are installing this<br># software with the help of one of the package management tools of your<br># Linux distribution, you can assume that this dependency is taken care of<br># by the tool.<br>#<br># You have questions about the inner workings of the NX technology?<br>#<br># Then you are recommended to first check out the rich and very detailed<br># NoMachine documentation and their online Knowledge Base at <br>#<br># http://www.nomachine.com/kb/<br>#<br># Other sources of information are the NoMachine mailing lists <br># (nxusers@nomachine.com and nxdevelopers@nomachine.com):<br>#<br># http://www.nomachine.com/mailinglists.php<br>#<br># The FreeNX (freenx-knx@kde.org) list is here:<br>#<br># https://mail.kde.org/mailman/listinfo/freenx-knx<br>#<br># SVN: $Id: node.conf.sample 402 2007-10-14 18:21:43Z fabianx $<br><br>#########################################################################<br># General FreeNX directives<br>#########################################################################<br><br># The host name which is used by NX server. It's should be used if it's<br># different than the default hostname (as returned by `hostname`)<br>#SERVER_NAME="$(hostname)"<br><br># The port number where local 'sshd' is listening.<br>SSHD_PORT=22<br><br><br>#########################################################################<br># Authentication / Security directives<br>#########################################################################<br><br># Authentication directives<br><br>ENABLE_PAM_AUTHENTICATION="1"<br><br># This adds the usermode to the possible authentication methods<br># Usermode means that a user can start the nxserver as his shell<br># and connect directly to the right server via a custom client.<br># ENABLE_USERMODE_AUTHENTICATION="0"<br><br># This adds the passdb to the possible authentication methods<br># ENABLE_PASSDB_AUTHENTICATION="0"<br><br># This adds SSH to the possible authentication methods. For it to work sshd<br># must be set up at localhost accepting password authentication.<br>#ENABLE_SSH_AUTHENTICATION="1"<br><br># This adds SU to the possible authentication methods. For it to work the <br># "nx" user must be in the wheel (RedHat, Fedora) or the users group (SUSE)<br># and the user logging in must have a valid shell that accepts the -c<br># parameter.<br>#ENABLE_SU_AUTHENTICATION="0"<br><br># Require all users to be in the passdb, regardless of authentication method<br># ENABLE_USER_DB="0"<br><br><br># If enabled forces the user to use encryption. This will bail out<br># if the user does not have encryption enabled.<br>ENABLE_FORCE_ENCRYPTION="1"<br><br># Refuse the NX client connection if SSHD does not export the<br># SSH_CONNECTION and SSH_CLIENT variables in the environment<br># passed to the NX server.<br># 1: Will check the remote IP and will not accept the<br># connection if it can't be determined.<br># 0: Will accept the connection even if the remote IP<br># is not provided.<br>SSHD_CHECK_IP="0"<br><br><br>#########################################################################<br># Restriction directives<br>#########################################################################<br><br># The base display number from which sessions are started.<br>#DISPLAY_BASE=1000<br><br># The maximum number of contemporary sessions that can be run on FreeNX<br>#SESSION_LIMIT=200<br><br># The maximum number of contemporary sessions that a single user can run<br># on FreeNX. Defaults to the value of SESSION_LIMIT.<br>#SESSION_USER_LIMIT=200<br><br># The number of displays reserved for sessions, it has to be greater or equal<br># to the maximum number of contemporary sessions that a server can run.<br>#DISPLAY_LIMIT=200<br><br><br># User for which sessions should be persistent. Either the keyword "all" or a<br># comma-separated list of usernames or groups in the @groupname syntax.<br>#ENABLE_PERSISTENT_SESSION="all"<br><br># Users and groups for whom persistent sessions should be disabled.<br># Especially useful if ENABLE_PERSISTENT_SESSION="all"<br>#DISABLE_PERSISTENT_SESSION=""<br><br># This enables the mirroring of running sessions via VNC feature.<br># <br># Session is marked as resumable and type is vnc-mirrored.<br># <br>#ENABLE_MIRROR_VIA_VNC=1<br><br># This enables the sharing of :0 via VNC feature.<br># <br># Session is marked as resumable and type is vnc-local.<br># <br># Note: You need to have the rights to access the display<br># else it does not work.<br>#<br>#ENABLE_DESKTOP_SHARING=1<br><br>#<br># Enable or disable clipboard:<br>#<br># client: The content copied on the client can be pasted inside the<br># NX session.<br>#<br># server: The content copied inside the NX session can be pasted<br># on the client.<br>#<br># both: The copy&paste operations are allowed both between the<br># client and the NX session and vice-versa.<br>#<br># none: The copy&paste operations between the client and the NX<br># session are never allowed.<br>#<br>#ENABLE_CLIPBOARD = "both"<br><br>#########################################################################<br># Logging directives<br>#########################################################################<br><br># This directives controls the verbosity of the server-wide log.<br># 0: No Logging<br># 1: Errors<br># 2: Warnings<br># 3: Important information<br># 4: Server - Client communication<br># 5: Information<br># 6: Debugging information<br># 7: stderror of some applications<br>NX_LOG_LEVEL=6<br><br># By setting this to 0 the nxserver might be a bit faster, but passwords can be found in the log files.<br>#NX_LOG_SECURE=1<br><br># Before turning logging on, please make sure that NX_LOGFILE is<br># writeable for the "nx" user<br>NX_LOGFILE=/var/log/nxserver.log<br><br># This directive controls if the temporary session directory<br># ($HOME/.nx/C-<hostname>-<display>-<session_id>) should be kept after a<br># session has ended. A successfully terminated session will be saved as<br># T-C-<hostname>-<display>-<session_id> while a failed session will be saved<br># as F-C-<hostname>-<display>-<session_id>.<br># The default is to cleanup the directories.<br>SESSION_LOG_CLEAN=0<br><br># Amount of seconds nxserver is to keep session history. The default of 2592000<br># is equivalent to 30 days. If this is 0 no session history will be kept<br># and a negative value denotes infinity.<br>#SESSION_HISTORY=2592000<br><br><br>#########################################################################<br># Forwarding directives<br>#########################################################################<br><br># FreeNX with ENABLE_SERVER_FORWARD="1" will automatically forward all<br># connections to the host specified in SERVER_FORWARD_HOST with the<br># secret key SERVER_FORWARD_KEY.<br>#<br># This allows to have a "chain" of NX Servers. Note that you will need to<br># use "SSL encryption" for all connections.<br><br>#ENABLE_SERVER_FORWARD="0"<br>#SERVER_FORWARD_HOST=""<br>#SERVER_FORWARD_PORT=22<br>#SERVER_FORWARD_KEY="/usr/NX/share/client.id_dsa.key"<br><br><br># FreeNX with ENABLE_NOMACHINE_FORWARD_PORT="1" will automatically forward all<br># connections to the commercial NoMachine nxserver installed on the same<br># machine, which go in by port NOMACHINE_FORWARD_PORT. This feature is introduced<br># to enable the usage of FreeNX and NoMachine NX side by side on the same machine<br># without conflicts.<br>#<br># Note: You need to let SSHD listen to several ports to make use of this<br># directive.<br><br>#ENABLE_NOMACHINE_FORWARD_PORT="0"<br>#NOMACHINE_FORWARD_PORT="22"<br><br>#NOMACHINE_SERVER="/usr/NX/bin/nxserver"<br>#NOMACHINE_NX_HOME_DIR="/usr/NX/home/nx"<br><br><br># LOAD BALANCING<br># ==============<br>#<br># To do load balancing setup some hosts in LOAD_BALANCE_SERVERS and<br># make:<br>#<br># - either sure that all incoming connections are sent to the master<br># server by using forwarding directives on the "slave" servers.<br>#<br># - or share the session database space via NFS between the servers.<br># (not recommended at the moment as race conditions for DISPLAYs can <br># occur)<br>#<br>ENABLE_LOADBALANCE="1"<br><br>LOAD_BALANCE_SERVERS="x.x.x.100 x.x.x.101 x.x.x.104 x.x.x.105 x.x.x.108 x.x.x.109 x.x.x.110 x.x.x.111 x.x.x.112 x.x.x.113 x.x.x.114 x.x.x.115 x.x.x.116 x.x.x.117 x.x.x.118"<br><br># The following load_balance_algorithms are available at the moment:<br>#<br># "load", "round-robin", "random"<br>#<br># For "load" you need a script called nxcheckload in PATH_BIN.<br># <br># A sample script, which you can change to your needs it shipped with<br># FreeNX under the name nxcheckload.sample.<br><br>LOAD_BALANCE_ALGORITHM="load"<br><br># By setting ENABLE_LOADBALANCE="1" you can let users choose their<br># preferred host, while being forwarded to another server. Of course<br># this is just a preference. The loadbalancing algorithm can completely<br># choose to ignore the users choice.<br><br>#ENABLE_LOAD_BALANCE_PREFERENCE="0"<br><br>#########################################################################<br># Services directives<br>#########################################################################<br><br># FreeNX with ENABLE_ESD_PRELOAD="1" will automatically try to setup<br># the sound with the help of the esd media helper.<br>#<br># Currently ESD will be used just by the Windows NX Client.<br>#<br># Be sure that $ESD_BIN_PRELOAD is in your path, does exist and work<br># before enabling this directive.<br><br>#ENABLE_ESD_PRELOAD="0"<br>#ESD_BIN_PRELOAD="esddsp"<br><br># FreeNX with ENABLE_ARTSD_PRELOAD="1" will automatically try to setup<br># the sound with the help of the artsd media helper.<br>#<br># Currently ARTSD will be used just by the Linux NX Client.<br>#<br># Be sure that $ARTSD_BIN_PRELOAD is in your path, does exist and work<br># before enabling this directive.<br><br>#ENABLE_ARTSD_PRELOAD="0"<br>#ARTSD_BIN_PRELOAD="artsdsp"<br><br># FreeNX with ENABLE_KDE_CUPS="1" will automatically write <br># $KDE_PRINTRC and put the current used socket into it.<br>#<br># If you additionally enable ENABLE_KDE_CUPS_DYNAMIC it will set the <br># Host entry to the script nxcups-gethost, which dynamically tries all <br># possible entries to find the current printing host.<br>#<br># The order is: CUPS_SERVER (env var), ~/.cups/client.conf, $KDE_PRINTRC,<br># $CUPS_DEFAULT_SOCK, localhost<br>#<br># So this option is most useful with ENABLE_CUPS_SERVER_EXPORT="1".<br># <br># $KDE_PRINTRC is automatically calculated if its not set.<br><br>#ENABLE_KDE_CUPS="0"<br>#ENABLE_KDE_CUPS_DYNAMIC="0"<br>#KDE_PRINTRC="$KDEHOME/share/config/kdeprintrc"<br><br># FreeNX with ENABLE_CUPS_SERVER_EXPORT="1" will automatically<br># export the environment variable CUPS_SERVER.<br><br>#ENABLE_CUPS_SERVER_EXPORT="1"<br><br># FreeNX with ENABLE_CUPS_SEAMLESS will automatically try to download the <br># necessary ppds from the client.<br># <br># As the forwarding is just active as soon as nxagent is started,<br># we need a small delay of $CUPS_SEAMLESS_DELAY.<br>#<br># Note: You need to use a patched cupsd on client side.<br><br>#ENABLE_CUPS_SEAMLESS="0"<br>#CUPS_SEAMLESS_DELAY="10"<br><br># FreeNX with ENABLE_FOOMATIC will integrate the foomatic db to the list<br># of available ppd drivers via the $COMMAND_FOOMATIC command.<br><br>#ENABLE_FOOMATIC="1"<br>#COMMAND_FOOMATIC="/usr/lib/cups/driver/foomatic-ppdfile"<br><br># CUPS_BACKEND and CUPS_ETC are the corresponding paths of your CUPS <br># installation.<br><br>#CUPS_BACKEND="/usr/lib/cups/backend"<br>#CUPS_IPP_BACKEND="$CUPS_BACKEND/nxipp"<br>#CUPS_DEFAULT_SOCK="/var/run/cups/cups.sock"<br>#CUPS_ETC="/etc/cups"<br><br># SAMBA_MOUNT_SHARE_PROTOCOL is a key to configure the supported <br># protocols for mounting shares.<br>#<br># This key can be set to the following values:<br>#<br># both, either SMB and CIFS protocol are supported, this is the default value.<br># smbfs, only SMB protocol is supported.<br># cifs, only CIFS protocol is supported.<br># none, no network file-sharing protocol is supported.<br><br>#SAMBA_MOUNT_SHARE_PROTOCOL="both"<br><br>#########################################################################<br># Path directives<br>#########################################################################<br><br># USER_FAKE_HOME is the base directory for the .nx directory. Use this<br># parameter instead of the users home directory if $HOME is on a NFS share.<br># Note that this directory must be unique for every user! To accomplish this<br># it is recommended to include $USER in the path.<br>#USER_FAKE_HOME=$HOME<br><br># Add the nx libraries to LD_LIBRARY_PATH before starting nx agents.<br># WARNING: This will NOT (and should not) affect applications. ONLY Disable<br># this if the nx libraries are in a standard system path (such as /usr/lib)!<br>#SET_LD_LIBRARY_PATH="1"<br><br><br># The command binary for the default window manager. If set it is run when a<br># 'unix-custom' session is requested by the NX Client and an application<br># to run is specified. It defaults to empty (ie no WM is run).<br># If KILL_DEFAULT_X_WM is set the WM is terminated after the started <br># application finishes. Else FreeNX will wait for the WM to complete.<br>#DEFAULT_X_WM=""<br>#KILL_DEFAULT_X_WM="1"<br><br># When a 'unix-default' session is requested by the client the user's X startup<br># script will be run if pressent and executable, otherwise the default X<br># session will be run.<br># Depending on distribution USER_X_STARTUP_SCRIPT might be .Xclients, .xinitrc<br># and .Xsession<br># Depending on distribution DEFAULT_X_SESSION might be /etc/X11/xdm/Xsession,<br># /etc/X11/Sessions/Xsession or /etc/X11/xinit/xinitrc<br>#USER_X_STARTUP_SCRIPT=.Xclients<br>#DEFAULT_X_SESSION=/etc/X11/xdm/Xsession<br><br># The key that contains the name of the script that starts a KDE session.<br># It's run when a 'unix-kde' session is requested by the client.<br>#COMMAND_START_KDE="/usr/bin/ssh-agent /usr/bin/dbus-launch --exit-with-session /usr/bin/startkde"<br><br># The key that contains the name of the script that starts a gnome session.<br># It's run when a 'unix-gnome' session is requested by the client.<br>#COMMAND_START_GNOME="/usr/bin/ssh-agent /usr/bin/dbus-launch --exit-with-session /usr/bin/gnome-session"<br><br># The key that contains the name of the script that starts a CDE session.<br># It's run when a 'unix-cde' session is requested by the client.<br>#COMMAND_START_CDE=cdwm<br><br># The key that contains the name of the complete path of command name<br># 'xterm'. It is run when a unix "xterm" session is requested by the<br># client.<br>#COMMAND_XTERM=xterm<br><br># The key that contains the name of the complete path of command name<br># 'xauth'.<br>#COMMAND_XAUTH=/usr/X11R6/bin/xauth<br><br># The key that contains the name of the complete path of command name<br># 'smbmount'.<br>#COMMAND_SMBMOUNT=smbmount<br><br># The key that contains the name of the complete path of command name<br># 'smbumount'.<br>#COMMAND_SMBUMOUNT=smbumount<br><br># The key that contains the name of the complete path of command name<br># 'mount.cifs'.<br>#COMMAND_SMBMOUNT_CIFS=/sbin/mount.cifs<br><br># The key that contains the name of the complete path of command name<br># 'umount.cifs'.<br>#COMMAND_SMBUMOUNT_CIFS=/sbin/umount.cifs<br><br># The key that contains the name of the complete path of the 'netcat' command.<br>#COMMAND_NETCAT=nc<br><br># The key that contains the name of the complete path of the 'ssh' and<br># 'ssh-keygen' command.<br>#COMMAND_SSH=ssh<br>#COMMAND_SSH_KEYGEN=ssh-keygen<br><br># The key that contains the name of the complete path of the 'cupsd' command.<br>#COMMAND_CUPSD=/usr/sbin/cupsd<br><br># The tool to generate md5sums with<br>#COMMAND_MD5SUM="openssl md5"<br><br># The key that contains the name of the complete path of the 'rdesktop' command.<br>#COMMAND_RDESKTOP=rdesktop<br><br># The key that contains the name of the complete path of the 'vncviewer' command.<br>#COMMAND_VNCVIEWER=vncviewer<br><br># The key that contains the name of the complete path of the 'vncpasswd' command.<br># By default the builtin nxpasswd is used.<br>#COMMAND_VNCPASSWD="$PATH_BIN/nxpasswd"<br><br># The key that contains the name of the complete path of the 'x11vnc' command.<br>#COMMAND_X11VNC=x11vnc<br><br>#########################################################################<br># Misc directives<br>#########################################################################<br><br># When you installed a 2.0.0 NX Backend, set this to 1.<br>ENABLE_2_0_0_BACKEND="1"<br><br># When set to 1 this will automatically resume started sessions<br>#ENABLE_AUTORECONNECT="0"<br><br># When set to 1 this will automatically resume started sessions<br># but only if an older client version is used<br>#ENABLE_AUTORECONNECT_BEFORE_140="1"<br><br># When set to 1 exports NXUSERIP / NXSESSIONID in nxnode<br>#EXPORT_USERIP="0"<br>#EXPORT_SESSIONID="1"<br><br># This can be set to any executable, which is started after session startup<br># like: $NODE_AUTOSTART {start|restore}<br>#NODE_AUTOSTART=""<br><br># When set to 1 will start nxagent in rootless mode.<br>ENABLE_ROOTLESS_MODE="1"<br><br># If enabled writes entries via the COMMAND_SESSREG program<br># into utmp/wtmp/lastlog database.<br># Note: You have to make sure that you add the nx user to the<br># utmp or tty group or how its called on your system<br># before this directive works.<br>#ENABLE_USESSION="0"<br>#COMMAND_SESSREG="sessreg"<br><br># Extra options sent to the different nx agents. See !M documentation<br># for examples of useful parameters.<br>#AGENT_EXTRA_OPTIONS_RFB=""<br>#AGENT_EXTRA_OPTIONS_RDP=""<br>#AGENT_EXTRA_OPTIONS_X=""<br><br># The number of seconds we wait for the nxagent to start before<br># deciding startup has failed<br>#AGENT_STARTUP_TIMEOUT="60"<br><br># The font server the agent will use. If set to "" no font server is used.<br># For this to do any good, the client has to have the same font server set<br># in /etc/X11/XF86Config<br>#AGENT_FONT_SERVER=""<br><br># Disable or enable use of 'tcp nodelay' on proxy. Old versions of Linux<br># kernels have problems using this option on sockets that will cause a loss<br># of TCP connections. This option is not set by default to allow clients to<br># specify whether to enable or disable TCP nodelay. Setting this option to<br># the value of "0" NX proxy avoids using 'tcp nodelay' but it will cause a<br># loss of interaction in sessions.<br>#PROXY_TCP_NODELAY=""<br><br># Extra options to nxproxy. See !M documentation for useful parameters.<br>#PROXY_EXTRA_OPTIONS=""<br><br># In case you want to use an external 'rdesktop' command<br># set this to "1".<br># <br># If nxdesktop cannot be found this is set automatically to "1".<br>#ENABLE_EXTERNAL_NXDESKTOP="0"<br><br># This configuration variable determines if 'rdesktop' command should be run with -k keyboard option<br># or if the keyboard should be autodetected.<br>#<br>#ENABLE_EXTERNAL_NXDESKTOP_KEYBOARD="1"<br><br># In case you want to use an external 'nxviewer' command<br># set this to "1".<br># <br># If nxviewer cannot be found this is set automatically to "1".<br>#ENABLE_EXTERNAL_NXVIEWER="0"<br><br><br><br> node:<br><br># node.conf<br>#<br># This file is provided by FreeNX. It should be placed either into<br># /etc/nxserver/node.conf (FreeNX style) or /usr/NX/etc/node.conf<br># (NoMachine NX style).<br>#<br># It is mostly compatible with NoMachine node.conf. The most important <br># difference is that no spaces are allowed when assigning values (eg <br># "A=value" is allowed, "A = value" is NOT).<br>#<br># This file is sourced by bash, so you can do some fancy stuff here if you<br># want to, but be aware that it is sourced 3 times per connection. If you <br># want autostart stuff, set NODE_AUTOSTART instead!<br># <br>#<br># You surely are aware that FreeNX is based on the fantastic results that<br># the hard work by NoMachine.com has achieved. NoMachine.com released the<br># core NX libraries under the GPL. The installation of these libs are the<br># precondition for all FreeNX scripts to work. If you are installing this<br># software with the help of one of the package management tools of your<br># Linux distribution, you can assume that this dependency is taken care of<br># by the tool.<br>#<br># You have questions about the inner workings of the NX technology?<br>#<br># Then you are recommended to first check out the rich and very detailed<br># NoMachine documentation and their online Knowledge Base at <br>#<br># http://www.nomachine.com/kb/<br>#<br># Other sources of information are the NoMachine mailing lists <br># (nxusers@nomachine.com and nxdevelopers@nomachine.com):<br>#<br># http://www.nomachine.com/mailinglists.php<br>#<br># The FreeNX (freenx-knx@kde.org) list is here:<br>#<br># https://mail.kde.org/mailman/listinfo/freenx-knx<br>#<br># SVN: $Id: node.conf.sample 402 2007-10-14 18:21:43Z fabianx $<br><br>#########################################################################<br># General FreeNX directives<br>#########################################################################<br><br># The host name which is used by NX server. It's should be used if it's<br># different than the default hostname (as returned by `hostname`)<br>#SERVER_NAME="$(hostname)"<br><br># The port number where local 'sshd' is listening.<br>SSHD_PORT=22<br><br><br>#########################################################################<br># Authentication / Security directives<br>#########################################################################<br><br># Authentication directives<br><br># This adds the usermode to the possible authentication methods<br># Usermode means that a user can start the nxserver as his shell<br># and connect directly to the right server via a custom client.<br>#ENABLE_USERMODE_AUTHENTICATION="0"<br><br>ENABLE_PAM_AUTHENTICATION="1"<br><br># This adds the passdb to the possible authentication methods<br># ENABLE_PASSDB_AUTHENTICATION="1"<br><br># This adds SSH to the possible authentication methods. For it to work sshd<br># must be set up at localhost accepting password authentication.<br>ENABLE_SSH_AUTHENTICATION="1"<br><br># This adds SU to the possible authentication methods. For it to work the <br># "nx" user must be in the wheel (RedHat, Fedora) or the users group (SUSE)<br># and the user logging in must have a valid shell that accepts the -c<br># parameter.<br># ENABLE_SU_AUTHENTICATION="0"<br><br># Require all users to be in the passdb, regardless of authentication method<br># ENABLE_USER_DB="0"<br><br><br># If enabled forces the user to use encryption. This will bail out<br># if the user does not have encryption enabled.<br>ENABLE_FORCE_ENCRYPTION="1"<br><br># Refuse the NX client connection if SSHD does not export the<br># SSH_CONNECTION and SSH_CLIENT variables in the environment<br># passed to the NX server.<br># 1: Will check the remote IP and will not accept the<br># connection if it can't be determined.<br># 0: Will accept the connection even if the remote IP<br># is not provided.<br>SSHD_CHECK_IP="0"<br><br><br>#########################################################################<br># Restriction directives<br>#########################################################################<br><br># The base display number from which sessions are started.<br>#DISPLAY_BASE=1000<br><br># The maximum number of contemporary sessions that can be run on FreeNX<br>#SESSION_LIMIT=200<br><br># The maximum number of contemporary sessions that a single user can run<br># on FreeNX. Defaults to the value of SESSION_LIMIT.<br>SESSION_USER_LIMIT=2<br><br># The number of displays reserved for sessions, it has to be greater or equal<br># to the maximum number of contemporary sessions that a server can run.<br>#DISPLAY_LIMIT=200<br><br><br># User for which sessions should be persistent. Either the keyword "all" or a<br># comma-separated list of usernames or groups in the @groupname syntax.<br>#ENABLE_PERSISTENT_SESSION=""<br><br># Users and groups for whom persistent sessions should be disabled.<br># Especially useful if ENABLE_PERSISTENT_SESSION="all"<br>DISABLE_PERSISTENT_SESSION="all"<br><br># This enables the mirroring of running sessions via VNC feature.<br># <br># Session is marked as resumable and type is vnc-mirrored.<br># <br>#ENABLE_MIRROR_VIA_VNC=1<br><br># This enables the sharing of :0 via VNC feature.<br># <br># Session is marked as resumable and type is vnc-local.<br># <br># Note: You need to have the rights to access the display<br># else it does not work.<br>#<br>#ENABLE_DESKTOP_SHARING=1<br><br>#<br># Enable or disable clipboard:<br>#<br># client: The content copied on the client can be pasted inside the<br># NX session.<br>#<br># server: The content copied inside the NX session can be pasted<br># on the client.<br>#<br># both: The copy&paste operations are allowed both between the<br># client and the NX session and vice-versa.<br>#<br># none: The copy&paste operations between the client and the NX<br># session are never allowed.<br>#<br>#ENABLE_CLIPBOARD = "both"<br><br>#########################################################################<br># Logging directives<br>#########################################################################<br><br># This directives controls the verbosity of the server-wide log.<br># 0: No Logging<br># 1: Errors<br># 2: Warnings<br># 3: Important information<br># 4: Server - Client communication<br># 5: Information<br># 6: Debugging information<br># 7: stderror of some applications<br>NX_LOG_LEVEL=4<br><br># By setting this to 0 the nxserver might be a bit faster, but passwords can be found in the log files.<br>NX_LOG_SECURE=1<br><br># Before turning logging on, please make sure that NX_LOGFILE is<br># writeable for the "nx" user<br>NX_LOGFILE=/var/log/nxserver.log<br><br># This directive controls if the temporary session directory<br># ($HOME/.nx/C-<hostname>-<display>-<session_id>) should be kept after a<br># session has ended. A successfully terminated session will be saved as<br># T-C-<hostname>-<display>-<session_id> while a failed session will be saved<br># as F-C-<hostname>-<display>-<session_id>.<br># The default is to cleanup the directories.<br>#SESSION_LOG_CLEAN=1<br><br># Amount of seconds nxserver is to keep session history. The default of 2592000<br># is equivalent to 30 days. If this is 0 no session history will be kept<br># and a negative value denotes infinity.<br>#SESSION_HISTORY=2592000<br><br><br>#########################################################################<br># Forwarding directives<br>#########################################################################<br><br># FreeNX with ENABLE_SERVER_FORWARD="1" will automatically forward all<br># connections to the host specified in SERVER_FORWARD_HOST with the<br># secret key SERVER_FORWARD_KEY.<br>#<br># This allows to have a "chain" of NX Servers. Note that you will need to<br># use "SSL encryption" for all connections.<br><br>ENABLE_SERVER_FORWARD="1"<br>SERVER_FORWARD_HOST="x.x.x.100"<br>SERVER_FORWARD_PORT=22<br>SERVER_FORWARD_KEY="/etc/nxserver/client.id_dsa.key"<br><br><br># FreeNX with ENABLE_NOMACHINE_FORWARD_PORT="1" will automatically forward all<br># connections to the commercial NoMachine nxserver installed on the same<br># machine, which go in by port NOMACHINE_FORWARD_PORT. This feature is introduced<br># to enable the usage of FreeNX and NoMachine NX side by side on the same machine<br># without conflicts.<br>#<br># Note: You need to let SSHD listen to several ports to make use of this<br># directive.<br><br>#ENABLE_NOMACHINE_FORWARD_PORT="0"<br>#NOMACHINE_FORWARD_PORT="22"<br><br>#NOMACHINE_SERVER="/usr/NX/bin/nxserver"<br>#NOMACHINE_NX_HOME_DIR="/usr/NX/home/nx"<br><br><br># LOAD BALANCING<br># ==============<br>#<br># To do load balancing setup some hosts in LOAD_BALANCE_SERVERS and<br># make:<br>#<br># - either sure that all incoming connections are sent to the master<br># server by using forwarding directives on the "slave" servers.<br>#<br># - or share the session database space via NFS between the servers.<br># (not recommended at the moment as race conditions for DISPLAYs can <br># occur)<br>#<br><br>#LOAD_BALANCE_SERVERS=""<br><br># The following load_balance_algorithms are available at the moment:<br>#<br># "load", "round-robin", "random"<br>#<br># For "load" you need a script called nxcheckload in PATH_BIN.<br># <br># A sample script, which you can change to your needs it shipped with<br># FreeNX under the name nxcheckload.sample.<br><br>#LOAD_BALANCE_ALGORITHM="random"<br><br># By setting ENABLE_LOADBALANCE="1" you can let users choose their<br># preferred host, while being forwarded to another server. Of course<br># this is just a preference. The loadbalancing algorithm can completely<br># choose to ignore the users choice.<br><br>#ENABLE_LOAD_BALANCE_PREFERENCE="0"<br><br>#########################################################################<br># Services directives<br>#########################################################################<br><br># FreeNX with ENABLE_ESD_PRELOAD="1" will automatically try to setup<br># the sound with the help of the esd media helper.<br>#<br># Currently ESD will be used just by the Windows NX Client.<br>#<br># Be sure that $ESD_BIN_PRELOAD is in your path, does exist and work<br># before enabling this directive.<br><br>#ENABLE_ESD_PRELOAD="0"<br>#ESD_BIN_PRELOAD="esddsp"<br><br># FreeNX with ENABLE_ARTSD_PRELOAD="1" will automatically try to setup<br># the sound with the help of the artsd media helper.<br>#<br># Currently ARTSD will be used just by the Linux NX Client.<br>#<br># Be sure that $ARTSD_BIN_PRELOAD is in your path, does exist and work<br># before enabling this directive.<br><br>#ENABLE_ARTSD_PRELOAD="0"<br>#ARTSD_BIN_PRELOAD="artsdsp"<br><br># FreeNX with ENABLE_KDE_CUPS="1" will automatically write <br># $KDE_PRINTRC and put the current used socket into it.<br>#<br># If you additionally enable ENABLE_KDE_CUPS_DYNAMIC it will set the <br># Host entry to the script nxcups-gethost, which dynamically tries all <br># possible entries to find the current printing host.<br>#<br># The order is: CUPS_SERVER (env var), ~/.cups/client.conf, $KDE_PRINTRC,<br># $CUPS_DEFAULT_SOCK, localhost<br>#<br># So this option is most useful with ENABLE_CUPS_SERVER_EXPORT="1".<br># <br><br># $KDE_PRINTRC is automatically calculated if its not set.<br><br>#ENABLE_KDE_CUPS="0"<br>#ENABLE_KDE_CUPS_DYNAMIC="0"<br>#KDE_PRINTRC="$KDEHOME/share/config/kdeprintrc"<br><br># FreeNX with ENABLE_CUPS_SERVER_EXPORT="1" will automatically<br># export the environment variable CUPS_SERVER.<br><br>#ENABLE_CUPS_SERVER_EXPORT="1"<br><br># FreeNX with ENABLE_CUPS_SEAMLESS will automatically try to download the <br># necessary ppds from the client.<br># <br># As the forwarding is just active as soon as nxagent is started,<br># we need a small delay of $CUPS_SEAMLESS_DELAY.<br>#<br># Note: You need to use a patched cupsd on client side.<br><br>#ENABLE_CUPS_SEAMLESS="0"<br>#CUPS_SEAMLESS_DELAY="10"<br><br># FreeNX with ENABLE_FOOMATIC will integrate the foomatic db to the list<br># of available ppd drivers via the $COMMAND_FOOMATIC command.<br><br>#ENABLE_FOOMATIC="1"<br>#COMMAND_FOOMATIC="/usr/lib/cups/driver/foomatic-ppdfile"<br><br># CUPS_BACKEND and CUPS_ETC are the corresponding paths of your CUPS <br># installation.<br><br>#CUPS_BACKEND="/usr/lib/cups/backend"<br>#CUPS_IPP_BACKEND="$CUPS_BACKEND/nxipp"<br>#CUPS_DEFAULT_SOCK="/var/run/cups/cups.sock"<br>#CUPS_ETC="/etc/cups"<br><br># SAMBA_MOUNT_SHARE_PROTOCOL is a key to configure the supported <br># protocols for mounting shares.<br>#<br># This key can be set to the following values:<br>#<br># both, either SMB and CIFS protocol are supported, this is the default value.<br># smbfs, only SMB protocol is supported.<br># cifs, only CIFS protocol is supported.<br># none, no network file-sharing protocol is supported.<br><br>#SAMBA_MOUNT_SHARE_PROTOCOL="both"<br><br>#########################################################################<br># Path directives<br>#########################################################################<br><br># USER_FAKE_HOME is the base directory for the .nx directory. Use this<br># parameter instead of the users home directory if $HOME is on a NFS share.<br># Note that this directory must be unique for every user! To accomplish this<br># it is recommended to include $USER in the path.<br>#USER_FAKE_HOME=$HOME<br><br># Add the nx libraries to LD_LIBRARY_PATH before starting nx agents.<br># WARNING: This will NOT (and should not) affect applications. ONLY Disable<br># this if the nx libraries are in a standard system path (such as /usr/lib)!<br>#SET_LD_LIBRARY_PATH="1"<br><br><br># The command binary for the default window manager. If set it is run when a<br># 'unix-custom' session is requested by the NX Client and an application<br># to run is specified. It defaults to empty (ie no WM is run).<br># If KILL_DEFAULT_X_WM is set the WM is terminated after the started <br># application finishes. Else FreeNX will wait for the WM to complete.<br>#DEFAULT_X_WM=""<br>#KILL_DEFAULT_X_WM="1"<br><br># When a 'unix-default' session is requested by the client the user's X startup<br># script will be run if pressent and executable, otherwise the default X<br># session will be run.<br># Depending on distribution USER_X_STARTUP_SCRIPT might be .Xclients, .xinitrc<br># and .Xsession<br># Depending on distribution DEFAULT_X_SESSION might be /etc/X11/xdm/Xsession,<br># /etc/X11/Sessions/Xsession or /etc/X11/xinit/xinitrc<br>#USER_X_STARTUP_SCRIPT=.Xclients<br>#DEFAULT_X_SESSION=/etc/X11/xdm/Xsession<br><br># The key that contains the name of the script that starts a KDE session.<br># It's run when a 'unix-kde' session is requested by the client.<br>#COMMAND_START_KDE="/usr/bin/ssh-agent /usr/bin/dbus-launch --exit-with-session /usr/bin/startkde"<br><br># The key that contains the name of the script that starts a gnome session.<br># It's run when a 'unix-gnome' session is requested by the client.<br>#COMMAND_START_GNOME="/usr/bin/ssh-agent /usr/bin/dbus-launch --exit-with-session /usr/bin/gnome-session"<br><br># The key that contains the name of the script that starts a CDE session.<br># It's run when a 'unix-cde' session is requested by the client.<br>#COMMAND_START_CDE=cdwm<br><br># The key that contains the name of the complete path of command name<br># 'xterm'. It is run when a unix "xterm" session is requested by the<br># client.<br>#COMMAND_XTERM=xterm<br><br># The key that contains the name of the complete path of command name<br># 'xauth'.<br>#COMMAND_XAUTH=/usr/X11R6/bin/xauth<br><br># The key that contains the name of the complete path of command name<br># 'smbmount'.<br>#COMMAND_SMBMOUNT=smbmount<br><br># The key that contains the name of the complete path of command name<br># 'smbumount'.<br>#COMMAND_SMBUMOUNT=smbumount<br><br># The key that contains the name of the complete path of command name<br># 'mount.cifs'.<br>#COMMAND_SMBMOUNT_CIFS=/sbin/mount.cifs<br><br># The key that contains the name of the complete path of command name<br># 'umount.cifs'.<br>#COMMAND_SMBUMOUNT_CIFS=/sbin/umount.cifs<br><br># The key that contains the name of the complete path of the 'netcat' command.<br>#COMMAND_NETCAT=nc<br><br># The key that contains the name of the complete path of the 'ssh' and<br># 'ssh-keygen' command.<br>#COMMAND_SSH=ssh<br>#COMMAND_SSH_KEYGEN=ssh-keygen<br><br># The key that contains the name of the complete path of the 'cupsd' command.<br>#COMMAND_CUPSD=/usr/sbin/cupsd<br><br># The tool to generate md5sums with<br>#COMMAND_MD5SUM="openssl md5"<br><br># The key that contains the name of the complete path of the 'rdesktop' command.<br>#COMMAND_RDESKTOP=rdesktop<br><br># The key that contains the name of the complete path of the 'vncviewer' command.<br>#COMMAND_VNCVIEWER=vncviewer<br><br># The key that contains the name of the complete path of the 'vncpasswd' command.<br># By default the builtin nxpasswd is used.<br>#COMMAND_VNCPASSWD="$PATH_BIN/nxpasswd"<br><br># The key that contains the name of the complete path of the 'x11vnc' command.<br>#COMMAND_X11VNC=x11vnc<br><br>#########################################################################<br># Misc directives<br>#########################################################################<br><br># When you installed a 2.0.0 NX Backend, set this to 1.<br>#ENABLE_2_0_0_BACKEND="1"<br><br># When set to 1 this will automatically resume started sessions<br>#ENABLE_AUTORECONNECT="0"<br><br># When set to 1 this will automatically resume started sessions<br># but only if an older client version is used<br>#ENABLE_AUTORECONNECT_BEFORE_140="1"<br><br># When set to 1 exports NXUSERIP / NXSESSIONID in nxnode<br>#EXPORT_USERIP="0"<br>#EXPORT_SESSIONID="1"<br><br># This can be set to any executable, which is started after session startup<br># like: $NODE_AUTOSTART {start|restore}<br>#NODE_AUTOSTART=""<br><br># When set to 1 will start nxagent in rootless mode.<br>#ENABLE_ROOTLESS_MODE="1"<br><br># If enabled writes entries via the COMMAND_SESSREG program<br># into utmp/wtmp/lastlog database.<br># Note: You have to make sure that you add the nx user to the<br># utmp or tty group or how its called on your system<br># before this directive works.<br>#ENABLE_USESSION="0"<br>#COMMAND_SESSREG="sessreg"<br><br># Extra options sent to the different nx agents. See !M documentation<br># for examples of useful parameters.<br>#AGENT_EXTRA_OPTIONS_RFB=""<br>#AGENT_EXTRA_OPTIONS_RDP=""<br>#AGENT_EXTRA_OPTIONS_X=""<br><br># The number of seconds we wait for the nxagent to start before<br># deciding startup has failed<br>#AGENT_STARTUP_TIMEOUT="60"<br><br># The font server the agent will use. If set to "" no font server is used.<br># For this to do any good, the client has to have the same font server set<br># in /etc/X11/XF86Config<br>#AGENT_FONT_SERVER=""<br><br># Disable or enable use of 'tcp nodelay' on proxy. Old versions of Linux<br># kernels have problems using this option on sockets that will cause a loss<br># of TCP connections. This option is not set by default to allow clients to<br># specify whether to enable or disable TCP nodelay. Setting this option to<br># the value of "0" NX proxy avoids using 'tcp nodelay' but it will cause a<br># loss of interaction in sessions.<br>#PROXY_TCP_NODELAY=""<br><br># Extra options to nxproxy. See !M documentation for useful parameters.<br>#PROXY_EXTRA_OPTIONS=""<br><br># In case you want to use an external 'rdesktop' command<br># set this to "1".<br># <br># If nxdesktop cannot be found this is set automatically to "1".<br>#ENABLE_EXTERNAL_NXDESKTOP="0"<br><br># This configuration variable determines if 'rdesktop' command should be run with -k keyboard option<br># or if the keyboard should be autodetected.<br>#<br>#ENABLE_EXTERNAL_NXDESKTOP_KEYBOARD="1"<br><br># In case you want to use an external 'nxviewer' command<br># set this to "1".<br># <br># If nxviewer cannot be found this is set automatically to "1".<br>#ENABLE_EXTERNAL_NXVIEWER="0"<br><br><br><br /><hr />Time for vacation? WIN what you need. <a href='http://www.gowindowslive.com/summergiveaway/?ocid=tag_jlyhm' target='_new'>Enter Now!</a></body>
</html>