[FreeNX-kNX] HOWTO setup FreeNX on RedHat derivatives

Doug Burks mubley at gmail.com
Tue Sep 28 20:25:44 UTC 2004 

Hello all,

Please see below HOWTO for installing FreeNX on Red Hat derivatives. 
I tested on Tao and CentOS (clones of Red Hat Enterprise Linux).  It
should also work on Fedora, perhaps with slight changes.  This should
get easier once native Red Hat RPMs appear (hopefully soon).

Thanks,
Doug

########################################################
# HOWTO Build an NX Server Using Tao Linux
#
# There's probably a better way of doing all this,
# but this procedure works for me.
#
# Doug Burks
# Last updated: 2004/09/28
# (see CHANGELOG at the end of this file)
########################################################

########################################################
# Install Tao Linux
#
# Tao Linux is a clone of Red Hat Enterprise Linux 3
# and is available at http://www.taolinux.org.
#
# Since Tao Linux is a clone of RHEL3, this procedure
# should work fairly well for other clones of RHEL3
# such as CentOS and White Box Enterprise Linux.
#
# -Perform any installation that includes Gnome or KDE
# -Enable firewall, but allow SSH to pass through
# -Installation completes, machine reboots
########################################################

########################################################
# Import RPM GPG key so we can do yum update
#
# On CentOS, the command would be:
# rpm --import /usr/share/doc/centos-release-3.3/RPM-GPG-KEY
#
# so maybe a generic command for all RHEL clones would be:
# rpm --import /usr/share/doc/*-release-*/RPM-GPG-KEY*
########################################################
rpm --import /usr/share/doc/tao-release-1.0/RPM-GPG-KEY-tao

########################################################
# Load OS updates (takes a long time)
# -necessary for a production box on the Internet
# -not necessary if only testing on a LAN
########################################################
#yum update

########################################################
# Install expect, if not already installed
########################################################
yum install expect

########################################################
# Download NX RPMs from SUSE
#
# Native RPMs for RedHat-derivatives
# should be available soon!
########################################################
wget ftp://ftp.suse.com/pub/people/sndirsch/RPMS/FreeNX.rpm
wget ftp://ftp.suse.com/pub/people/sndirsch/RPMS/NX-1.4.0-11.i586.rpm

########################################################
# RHEL has libcrypto.so.0.9.7a
# but NX wants libcrypto.so.0.9.7, so create a link.
#
# You don't HAVE to do this for basic NX functionality,
# but nxdesktop requires this. (nxdesktop is needed if
# you want to connect to Windows Terminal Servers.)
########################################################
ln -s /lib/libcrypto.so.0.9.7a /lib/libcrypto.so.0.9.7

########################################################
# Install RPMs
#
# The SUSE RPMs have two dependencies
# which won't be satisfied:
# 1) libcrypto.so.0.9.7
#    RHEL has libcrypto.so.0.9.7a instead
# 2) netcat
#    RHEL has nc instead
# so do rpm --nodeps to skip dependency checking
########################################################
rpm -Uvh --nodeps *NX*.rpm

########################################################
# Perform one-time nxsetup
#
# Pay attention to the message that is displayed
# about distributing client.id_dsa.key
# to your end-users.
########################################################
/usr/bin/nxsetup

########################################################
# Fix permissions on /home/.nx/.ssh/authorized_keys2
#
# Permissions need to be 640, otherwise you won't be
# able to connect and you'll receive error messages
# in /var/log/secure.
########################################################
chmod 640 /home/.nx/.ssh/authorized_keys2

########################################################
# Create users and set passwords
# (Repeat for user2, user3, etc.)
########################################################
adduser user1
passwd user1

########################################################
# We don't need to add users to NX itself since we're 
# using the default of PAM security.
#
# But if you change the default and have nxserver
# do its own account management, you'll need to:
# nxserver --adduser user1
# nxserver --passwd user1
# and repeat for user2, user3, etc.
########################################################

########################################################
# For a little extra security, add
# the AllowUsers directive to /etc/ssh/sshd_config:
# AllowUsers nx user1 user2 user3
#
# Include 'nx' account and any real users.
# You probably DON'T want to include root.
########################################################
echo "AllowUsers nx user1" >> /etc/ssh/sshd_config
service sshd restart

########################################################
# Edit /usr/bin/nxnode.
#
# Find this line:
# mkdir -p $HOME/.ssh
#
# and modify it to look like this:
# mkdir -m 700 -p $HOME/.ssh
########################################################

########################################################
# CHANGELOG
# 
# 2004/09/28
# Version 1.1
# -Added compatibility info for other RHEL clones.
# -Removed SUSE netcat RPM installation.
# -Changed URL for SUSE NX RPM.
# -Added "Fix permissions on authorized_keys2".
#
# 2004/09/20
# Version 1.0
# -Initial version.
########################################################

More information about the FreeNX-kNX mailing list