May 29, 2019 at 08:22 #22461
My Linux (CentOS 7 GNOME) install updated to 6.7.6 since last night and I’m now having issues connecting from my 2 Windows 10 machines which worked fine before (one is a workstation on the same network, the other is a laptop I use via a VPN). The Linux and Windows workstations are behind a firewall. I used to be able to access both from my laptop with the VPN enabled (I guess for the correct IP routing). Now, I can only access the Windows workstation.
It seems both Windows machines cannot connect to the Linux machine any more using my existing settings. In the case of the two workstations, the Linux and Windows machine seem to be able to detect each other in the client. I can connect to my Windows machine from my Linux but not from my Windows machine to my Linux; I get a connection timeout error. My laptop via VPN also has the same error. I can still access the Linux machine via SSH in a terminal from the Windows machines, so I know that the IP is still valid.
I was wondering whether it has something to do with the firewall ports on my CentOS machine that NoMachine is listening for? As a further troubleshooting step I tried, I can connect to the Linux machine if I use a reverse SSH tunnel and connect to my own local port instead but I’m not sure if this helps.
All NoMachine installs are running the free version. I’ve only tried connecting to a physical display.
I’d appreciate any thoughts on the matter!
TimJune 3, 2019 at 12:09 #22536
Can you try disabling your firewall and then try to connect?
If that makes no difference, we’ll need the full set of logs from both the connecting client and server side which you should extract after reproducing the error. Instructions for enabling and extracting the logs are available here: https://www.nomachine.com/DT10O00163. Please send them directly to forum[at]nomachine[dot]com making sure you include the title of the topic in the subject of your email. Thanks!June 17, 2019 at 08:24 #22680
Thanks for your message and sorry for the slow reply – I didn’t realise this has been up since 2 weeks ago.
Regarding the firewall, it’s a university firewall over which I can’t control so that’s why I had resorted to SSH tunnelling, I’m afraid!
I will attempt to collect the logs and send them. Many thanks.July 30, 2019 at 08:24 #23086
Hi, sorry about the slow reply – I finally had a chance to collect the logs. I have sent them for the error on trying to connect to the Linux machine from my Windows client (without using a reverse SSH tunnel). Thanks! Please let me know if you need more information.July 30, 2019 at 14:11 #23094
Logs from server side don’t fit to logs from client. Did you follow mentioned article to enable and collect logs?
However it looks that somehow permissions for the some scripts has changed. We couldn’t reproduce this problem in our lab. Can you show output of the ls -ltr /usr/NX/scripts/restricted command on the server host?
Correct permissions should have:
-rwsr--r-- 1 root root 3303 maj 22 17:16 nxfwadd.sh -rwsr--r-- 1 root root 3068 maj 22 17:17 nxfwget.sh
You could use commands:
sudo chown root:root /usr/NX/scripts/restricted/nxfwget.sh sudo chown root:root /usr/NX/scripts/restricted/nxfwadd.sh sudo chmod 4744 /usr/NX/scripts/restricted/nxfwget.sh sudo chmod 4744 /usr/NX/scripts/restricted/nxfwadd.sh
and restart nxserver:
sudo /usr/NX/bin/nxserver --restartJuly 31, 2019 at 08:23 #23101
Hi, thank you for your response and help! Resetting the permissions for nxfwadd.sh and nxfwget.sh fixed the issue.
I did notice that the timestamps on the logs didn’t seem to make sense, but yes, I followed the instructions linked – specifically the section https://www.nomachine.com/DT10O00163#1.1 ; it mentions that no restarts are required so after editing the configuration files, I tried to connect using the client after a few moments.
Regarding the permissions, I see that the setiud bit had been changed to an execute bit for the files you mention above. At the moment, nxfunct.sh, nxgfxcheck.sh, and nxfwdel.sh are still -rwxr–r–. – is this ok or do these also need to be changed?
For reference, the full output is of ls -ltr /usr/NX/scripts/restricted is:
-rwsr–r–. 1 root root 1292 Jun 4 2018 nxuserdel.sh
-rwsr–r–. 1 root root 1614 Jun 4 2018 nxuseradd.sh
-rwsr–r–. 1 root root 2144 Jun 4 2018 nxupdate.sh
-rwsr–r–. 1 root root 2285 Jun 4 2018 nxtmpperm.sh
-rwsr–r–. 1 root root 1744 Jun 4 2018 nxportandcookieget.sh
-rwsr–r–. 1 root root 892 Jun 4 2018 nxloginctl.sh
-rwsr–r–. 1 root root 1167 Jun 4 2018 nxlicense.sh
-rwsr–r–. 1 root root 825 Jun 4 2018 nxkill.sh
-rwsr–r–. 1 root root 724 Jun 4 2018 nxkeyadd.sh
-rwsr–r–. 1 root root 1126 Jun 4 2018 nxenvironmentget.sh
-rwsr–r–. 1 root root 1597 Jun 4 2018 nxcookieget.sh
-rwsr–r–. 1 root root 2134 Jun 4 2018 nxamixer.sh
-rwxr–r–. 1 root root 8174 Dec 14 2018 nxfunct.sh
-rwsr–r–. 1 root root 3228 Dec 14 2018 nxtun.sh
-rwsr–r–. 1 root root 1727 Feb 6 21:46 nxwtmpdel.sh
-rwsr–r–. 1 root root 1726 Feb 6 21:46 nxwtmpadd.sh
-rwsr–r–. 1 root root 1027 Feb 6 21:46 nxtruncate.sh
-rwsr–r–. 1 root root 725 Feb 6 21:46 nxstandby.sh
-rwsr–r–. 1 root root 727 Feb 6 21:46 nxshutdown.sh
-rwsr–r–. 1 root root 1418 Feb 6 21:46 nxquotaadd.sh
-rwsr–r–. 1 root root 779 Feb 6 21:46 nxpasswd.sh
-rwsr–r–. 1 root root 931 Feb 6 21:46 nxlsof.sh
-rwsr–r–. 1 root root 1908 Feb 6 21:46 nxhost.sh
-rwsr–r–. 1 root root 947 Feb 6 21:46 nxgroupadd.sh
-rwxr-xr-x. 1 root root 944 Feb 6 21:46 nxgfxcheck.sh
-rwsr–r–. 1 root root 1832 Feb 6 21:46 nxfwget.sh.temporary
-rwsr–r–. 1 root root 1921 Feb 6 21:46 nxfwdel.sh.temporary
-rwsr–r–. 1 root root 1931 Feb 6 21:46 nxfwadd.sh.temporary
-rwsr–r–. 1 root root 727 Feb 6 21:46 nxfailover.sh
-rwsr–r–. 1 root root 838 Feb 6 21:46 nxdisableAvc.sh
-rwsr–r–. 1 root root 1505 Feb 6 21:46 nxcopy.sh
-rwsr–r–. 1 root root 684 Feb 6 21:46 nxchown.sh
-rwsr–r–. 1 root root 936 Feb 6 21:46 nxcat.sh
-rwsr–r–. 1 root root 10698 May 11 17:40 nxusb.sh.temporary
-rwxr–r–. 1 root root 2709 May 27 17:43 nxfwdel.sh
-rwxr–r–. 1 root root 2480 May 27 17:43 nxfwget.sh
-rwxr–r–. 1 root root 2714 May 27 17:43 nxfwadd.sh
-rwsr–r–. 1 root root 10698 May 28 21:19 nxusb.shJuly 31, 2019 at 15:03 #23112
We are pleased that the problem was fixed. About permissions – 0744 for nxfunct.sh is ok. But all the other should have 4744.August 1, 2019 at 07:39 #23126
Great! Thanks very much for the support! I’ll be recommending NoMachine for anyone whos asks for a remote desktop solution thanks to the excellent support (unlike a certain blue-themed competitor)! 😉
Wishing you all a good day.
You must be logged in to reply to this topic.