Forum Replies Created
It’s possible that your Windows 10 host is crashing. What is causing this is not visible in the NoMachine logs.
To get more information, please inspect ‘Reliability Monitor’ logs. This article describes how to do it:
NM works out-of-the-box with standard LDAP configuration. If you have specific queries about how NoMachine works with LDAP, please write them here. Assuming that your system is already configured for LDAP authentication, but for some reason it doesn’t work with NM, the first thing to check is PAM configuration. This article can be helpful in solving potential PAM-related issues:
Start NoMachine Player on your NoMachine server host and try connection to localhost. Can you successfully authenticate in such scenario with both password and private key?
Regardless of result, please gather server-side logs according to those instructions:
Send them to forum[at]nomachine[dot]com
The logs will tell us if indeed there is an issue with password/private key authentication or if there is another reason for which you can’t connect.
Two-factor authentication with NoMachine can only be achieved through PAM configuration. This usually means password + authentication code. Currently, it’s not possible to combine PAM with public key authentication.
It would be the best if you just set password for your Windows account. In case you prefer to stick to using blank password, please check this reply on the same subject:
We have found that in some rare cases NoMachine Server is unable to find POSIX.dll, which prevents it from working properly. Workaround which may help is to copy POSIX.dll from:
to <NoMachine_installation_dir>\bin directory.
In order to access safe mode, you should press Ctrl + F8 during system startup. If it doesn’t work, due to startup process being too fast, every fourth failed startup you will be asked to select startup options.
There are few of them, some of them allowing to display desktop. Regardless of what you pick, you should be asked to choose user with Administrator’s rights. NX account is technically member of Administrators group, however, this is not an account which is meant to be logged on interactively. It’s for NoMachine’s internal use only. Please, pick another Administrator account. In the rare case your admin account got somehow accidentally removed or corrupted, you can try ‘Repair your computer’ option, accessible from Windows installer. Boot from your Windows installation media and choose ‘Repair your
computer’ instead of ‘Install now’.April 3, 2020 at 19:19 in reply to: How do elevate as administrator on Mac (terminal) into windows SSH #26508
We need some clarification of the issue you are reporting. You are using terminal ssh client on your Mac host to connect to the server. On server you are attempting to run some nxserver commands requiring administrator’s rights. Please, confirm that our understanding of situation is correct.
What is the operating system of NoMachine server host on which you are trying to run nxserver commands?
What’s the output of id command ran after you switch to root account with ‘sudo su’?
What NoMachine version and product you have installed on the remote server?
The error means that some internal PAM module failure occured. PAM errors are usually written to /var/log/auth.log on Ubuntu host. Please, check if you can find anything useful there. Can you share the output of ‘grep -r “nxexec” /var/log/auth.log’?
You can also try modifying PAM configuration for NX protocol authentication, residing in /etc/pam.d/nx file. If the problem doesn’t occur when SSH protocol is in use, you can try to reuse SSH PAM configuration with NX. You can achieve that by running as root:
cp /etc/pam.d/nx /etc/pam.d/nx.ori
cp /etc/pam.d/sshd /etc/pam.d/nx
Let us know if this solves the issue.
Please make sure that the user name you are providing during NoMachine connection is the valid Windows 7 account name. We don’t support Windows user friendly names. If you aren’t sure what is the proper account name, log on your user’s desktop on Windows 7 machine and start cmd. In console window you should see text with format: C:\Users\<user_name>, the last part is what you should use during NM connection. Your account also needs to have password set, it’s not possible to use empty password by default.
If none of above is helpful, gather server-side logs according to those instructions:
Send them to forum[at]nomachine[dot]com
Please, make sure to enable use of ‘native’ SSH client in player.cfg as described here:
You also need to provide port on which OpenSSH Windows server is listening during connection creation (not nxsshd). When both of above conditions are met, NoMachine connection works the same as if you used ‘ssh -i <path_to_private_key> <user_name>@<server>’ command from client’s terminal.
We checked two authentication scenarios: one in which CA’s public key is stored in file specified by TrustedCAKeys setting from sshd_config and one in which it’s stored as cert-authority entry in user’s authorized_keys file in <user_home>/.ssh directory. Both of these scenarios worked fine for ed25519 keys. If your user is member of Administrators group, his authorized_keys file should reside in path specified by AuthorizedKeysFile under ‘Match Group administrators’ section of sshd_config.
NoMachine currently doesn’t support authentication based on signed certificates for NX protocol. Support of this feature will be added in the future with implementation of this FR:
You can use SSH protocol instead. On Windows this will additionally require from you installation and configuration of Windows OpenSSH server. It seems that currently it’s only available on Windows 10.
Instructions for OpenSSH server and client installation and configuration:
Configuring CA certificates is almost exactly the same as on Linux, just remember to use ed25519 key types for authentication, those are supported on Windows.
On client side you need to enable usage of native SSH client by NoMachine Player:
Choose SSH protocol with private key or authentication agent when creating connection in NoMachine Player. Authentication with private key paired with signed certificate should work fine.
Please, check permissions on nxexec file in <NoMachine_install_dir>/bin directory. Proper permissions should look like this:
-r-sr-xr-x 1 root root
If the ‘s’ permission is missing you can fix this by running ‘chmod u+s nxexec’ from terminal as root user.
If permissions are correct and the problem persists, see what’s logged inside /var/log/secure or /var/log/messages after failed authentication attempt.
You can also try reusing sshd’s PAM configuration with NX protocol. To do so, run the following commands in terminal:
sudo cp /etc/pam.d/nx /etc/pam.d/nx.ori
sudo cp /etc/pam.d/sshd /etc/pam.d/nx
For some reason permissions on your nxexec binary are incorrect. To fix the issue you need run ‘chmod u+s nxexec’ from terminal, inside NoMachine\bin directory, as root. Proper permissions look like this:
-r-sr-xr-x 1 root root
What’s the output of ‘ls -la nxexec’ command executed in terminal in bin subdirectory of NoMachine installation directory?