Forum Replies Created
-
Posts
-
I now have 2FA fully working.
What happened to me was that, when I enabled 2FA for remote login, I would see a notice on my phone that remote login was enabled. It wasn’t obvious to me that I should click on that notice, which then asked me to accept. It is that step — click and accept — that enables the phone to be a 2FA approver. Without that, 2FA is enabled but the phone can’t approve it.
In contrast, when I required 2FA for the machine to login on startup, it was obvious to me to click on the notice, which is why that worked while remote login did not.
I very much appreciate 2FA. My main use case is a machine running Docker for self-hosted services like Frigate. Whether I am at home or travelling, if I need to change something or update that machine, I log in remotely because that machine has no monitor or keyboard and is in an inconvenient location in my home. In order to reach the machine when travelling, I need a port open and I very much appreciate the extra protection that 2FA provides. My only open ports lead to NoMachine; otherwise all packets that are not responses to LAN requests are rejected by the router. 2FA also means that I’m warned about attempts to log in (none so far) and can reject.
Thank you for such an intensive effort to diagnose my difficulty. I expect I will be using NoMachine for many years to come.I use the cloudflare tunnel through cloudflared, run in a docker container, but I think the problem is that cloudflare tunnels don’t support the nx protocol.
Makes sense about the default behavior; since I only use NoMachine when I am remote from specific home PCs, for my use case there is no local user.
Thanks!