[FreeNX-kNX] nxssh and nxproxy protocol

LROUFAIL at nc.rr.com LROUFAIL at nc.rr.com
Fri Feb 25 12:16:31 UTC 2005 

I have updated my notes on the protocol used by nxproxy and nxssh.  See below.  Please point out any errors.

1.  Connect to the server using nxssh

nxssh -nx -i /usr/NX/share/client.id_dsa.key nx@<host address>

If you are using encrypted session:

nxssh -nx -i /usr/NX/share/client.id_dsa.key nx@<host address> -B

for Windows client, you have to include the -v switch for encrypted sessions to work.

nxssh -nx -i /usr/NX/share/client.id_dsa.key nx@<host address> -v -B

You will get the following response:

NX> 203 NXSSH running with pid <some pid>
NX> 285 Enabling check on switch command
NX> 200 Connected to address: <address> on port: <port>
NX> 202 Authenticating user: nx 
NX> 208 Using auth method: publickey 
HELLO NXSERVER - Version 1.4.0-02 OS_(GPL) 
NX> 105 

3.  NX> 105 is kind of like a shell prompt.  Now you respond with the client version

type: hello NXCLIENT - Version 1.4.0

You will get the following response:

NX> 105 hello NXCLIENT - Version 1.4.0
NX> 134 Accepted protocol: 1.4.0 
NX> 105 

4.  I think the production client then sends the following:

SET SHELL_MODE SHELL 

response:
NX> 105 SET SHELL_MODE SHELL 
NX> 105

SET AUTH_MODE PASSWORD 
NX> 105 SET AUTH_MODE PASSWORD 
NX> 105

5.  Then you send the login command

type: login

response:
NX> 105 login 
NX> 101 User: 

type: <username>

repsonse:

NX> 102 Password: 

type: <your password>

If you type <enter> instead, you will get the following from the commercial server (but not freenx)

NX> 109 MD5 Password:

type: <md5 of usernamepassword> 

You can get this password value by using the nxpassgen utility I have for moznx

response:
NX> 103 Welcome to: <host> user: <username>
NX> 105 

6.  Now you can request a session

type: startsession --session="<session>" --type="unix-kde" -- 
        cache="8M" --images="32M" -- 
        cookie="6726ad07a80d73c69a74c5f341b52a68" --link="adsl" -- 
        render="1" --encryption="0" --backingstore="when_requested" -- 
        imagecompressionmethod="2" --geometry="1024x768+188+118" -- 
        keyboard="defkeymap" --kbtype="pc102/defkeymap" --media="0" -- 
        agent_server="" --agent_user="" --agent_password="" -- 
        screeninfo="1024x768x16+render" 

For encrypted session, send --encryption="1"

note: I have always had trouble getting this to work and have to use '&' as a delimeter instead of ' --'.  It seems this issue is solved if you SET SHELL_MODE and SET AUTH_MODE as described above.  I have not confirmed yet.

response:

NX> 105 startsession --session="<session>" --type="unix-kde" -- 
        cache="8M" --images="32M" -- 
        cookie="6726ad07a80d73c69a74c5f341b52a68" --link="adsl" -- 
        render="1" --encryption="0" --backingstore="when_requested" -- 
        imagecompressionmethod="2" --geometry="1024x768+188+118" -- 
        keyboard="defkeymap" --kbtype="pc102/defkeymap" --media="0" -- 
        agent_server="" --agent_user="" --agent_password="" -- 
        screeninfo="1024x768x16+render"

you can also just type startsession<enter> then the response will be

NX> 106 Parameters:

Then you type all the parameters

You can replace startsession with restoresession if you want to restore an existing session.  You add the additional attribute --id="<session id you want to restore>".

A good explanation of restoring sessions is here:  http://www.nomachine.com/developers/archives/nxdevelopers/0323.php


7.  Now the server sends back all of its parameters followed by a 105

NX> 700 Session id: <hostname>-1058-CA3511103B37ADB2ABDAAF3EB510E99D 
NX> 705 Session display: 1058 
NX> 703 Session type: unix-kde 
NX> 701 Proxy cookie: A4BFD3EAE09B28A0EB0399A3EFD26392 
NX> 702 Proxy IP: 127.0.0.1 
NX> 706 Agent cookie: 6fff2cd4222776acd605d42fbb4bdfb5 
NX> 704 Session cache: unix-kde 
NX> 707 SSL tunneling: 0
NX> 710 Session status: running 
NX> 105

For encrypted sessions, NX> 707 SSL tunneling: 1

8.  Now in another session invoke nxproxy with the proper parameters on the command line and in the options file.

nxproxy -S options=<path to options file>/options:<Session display>

for example above: nxproxy -S options=/.nx/S-hostname-1058-CA3511103B37ADB2ABDAAF3EB510E99D/options:1058

Then, in the options file:

nx,session=<sesname>,cookie=A4BFD3EAE09B28A0EB0399A3EFD26392,root=/.nx,id=hostname-1058-CA3511103B37ADB2ABDAAF3EB510E99D,listen=33057:1058

listen=<port:display> is only needed for encrypted sessions.  Also, all these parameters can be sent on the command line instead of the options file.

For the listen=<port:display>, I always just hardcode a port number.  I am not sure where the commercial client gets the port number.  I have asked but not gotten a response.

9.  Now back to our NXSSH session.

type 'bye'

Response: 

999> Bye

10.  For encrypted sessions, now enter the switch command

type: NX> 299 Switching connection to 127.0.0.1:33507 cookie: A4BFD3EAE09B28A0EB0399A3EFD26392

More information about the FreeNX-kNX mailing list