Forum / NoMachine for Linux / 2FA not notifying when login attempted on remote machine
- This topic has 11 replies, 4 voices, and was last updated 5 days, 3 hours ago by
Tor.
-
AuthorPosts
-
June 25, 2025 at 01:22 #53561
prestonmcafee
ParticipantI have several home PCs that I access remotely through NoMachine, which has been a terrific product. I’m as of today on the free home user NoMachine, version 9.0.188. All PCs are running Ubuntu 24.04, GNOME desktop, and my phone is a Pixel 8 pro, Android 16.
Today I upgraded to version 9, installed the phone app, and created an account on my phone. On the PC I want to access remotely, I set Settings/Network/Machine to 2FA enabled. Then when I try to access from a laptop, it says a 2FA notification is requested, but the request does not show up on my phone. I have tried waiting and also tried resending the request. However, if I choose Settings/Network/Login and enable 2FA there, when I log into NoMachine on that PC, I receive the request on my phone and accepting it is necessary to log in. Receiving the request to login suggests that I have properly configured my user account and 2FA, but then why doesn’t it trigger when a remote access event arises?
If I turn off 2FA on Settings/Network/Machine in the remote machine, I have no difficulty accessing the machine. So it isn’t a problem with remote access, just in receiving the 2FA request.
I have my account as a user on all instances of NoMachine, and all of my PCs appear in the list of machines. The PCs are currently all on the same LAN and see each other (showing up in the list of machines). In all cases I use the NX protocol over port 4000.
I’m the only user — I primarily use NoMachine to log into my home PCs when I’m travelling. I also use it to reach the PC that runs Docker since that doesn’t have a monitor, even when I’m home. I love the idea of preventing anyone else from logging in via 2FA — my network is scanned for open ports daily and only ports leading to NoMachine are open. Does it matter that there is only one user?
What else should I try? Thank you.
July 1, 2025 at 09:47 #53643Britgirl
KeymasterJust to update you, we have received your email with your User Id details and will come back to you with our findings soon.
July 2, 2025 at 14:48 #53663Britgirl
KeymasterWe found your machine and User Id paired. This means you approved the pairing request on your phone. We don’t understand why the push notifications are not appearing. Can you send us the logs from the server machine?
– set log level 8 on the server
– restart nxserver
– reproduce the problem
– take logsFor full instructions see here: https://kb.nomachine.com/DT08U00298#1
Also useful would be to see a screenshot (send privately) of Settings -> Network -> Machine.
July 2, 2025 at 16:21 #53668prestonmcafee
ParticipantFirst, thank you! I couldn’t attach the log because it exceeds the allowed file size. It is 2.5MB.
July 3, 2025 at 08:30 #53675Britgirl
KeymasterSorry I forgot to mention that you can send direct to forum[at]nomachine[dot]com.
July 3, 2025 at 18:02 #53678Britgirl
KeymasterGot them!
July 8, 2025 at 08:43 #53693Britgirl
KeymasterIn the logs you sent it seems that you did not fully pair the target machine with your account. We can see that between timestamps of your pairing request and a later connection request, there were no push notification confirmation responses from any mobile device.
We are going to add some additional logging to our Network back which will allow us to debug further. When that is ready we will ask you to try again. Until then please confirm that you did truly pair the device with the target machine, which is:
– after inserting the email address in the 2FA machine configuration window, you received a push notification on your phone asking you to accept/refuse receiving notifications regarding that machine.
– that you accepted this notification and see a success message.
– then you tried to connect to your computer after you accepted pairing on the phone.
July 8, 2025 at 17:11 #53699prestonmcafee
ParticipantI now have 2FA fully working.
What happened to me was that, when I enabled 2FA for remote login, I would see a notice on my phone that remote login was enabled. It wasn’t obvious to me that I should click on that notice, which then asked me to accept. It is that step — click and accept — that enables the phone to be a 2FA approver. Without that, 2FA is enabled but the phone can’t approve it.
In contrast, when I required 2FA for the machine to login on startup, it was obvious to me to click on the notice, which is why that worked while remote login did not.
I very much appreciate 2FA. My main use case is a machine running Docker for self-hosted services like Frigate. Whether I am at home or travelling, if I need to change something or update that machine, I log in remotely because that machine has no monitor or keyboard and is in an inconvenient location in my home. In order to reach the machine when travelling, I need a port open and I very much appreciate the extra protection that 2FA provides. My only open ports lead to NoMachine; otherwise all packets that are not responses to LAN requests are rejected by the router. 2FA also means that I’m warned about attempts to log in (none so far) and can reject.
Thank you for such an intensive effort to diagnose my difficulty. I expect I will be using NoMachine for many years to come.July 8, 2025 at 20:59 #53700Brian
ParticipantI am experiencing this same phenomenon: do not receive push notifications and when asking to be re-sent, receive nothing. Happens with both an iPhone client and a MacBook Pro client attempting to connect to a MacMini M1 server.
As to the above:
– after inserting the email address in the 2FA machine configuration window, you received a push notification on your phone asking you to accept/refuse receiving notifications regarding that machine. [Never received]
– that you accepted this notification and see a success message. [No, as never received]
– then you tried to connect to your computer after you accepted pairing on the phone. [Same as above].
July 9, 2025 at 12:45 #53708Britgirl
KeymasterThanks Prestonmcafee for submitting your feedback. I understand that now everything is working correctly, which is good news. We’ll be looking at how to make the “accept pop up” more visible and will analyse how to improve the configuration of 2FA overall, including the wording.
July 9, 2025 at 12:52 #53709Britgirl
KeymasterBrian, can you write to us privately to confirm what User Id you are using for the 2FA connection request? We will check to see if there was a pairing request.
July 11, 2025 at 15:18 #53727Tor
Participant@Brian can you please verify that your iPhone is still allowing NoMachine to show notifications? You can check that in Settings > Notifications > NoMachine.
If the system configuration is correct, please try to login to Network in the NoMachine app and verify if you get the notification. If the app awaits for a 2FA confirmation but you still don’t get the notification, login by using your recovery code then, once logged in, disable and enable again the option to receive notifications in NoMachine app > Settings > Network.
-
AuthorPosts
You must be logged in to reply to this topic. Please login here.