Forum Replies Created
-
Posts
-
Steve,
Q2- Acronyms list V9 is a little bit different from V8. There is a notion of O/S ?
Thanks!
Regards,
Steve.
Hi,
ECS has been hardened and unix-xsession-default set to NO too quickly.
Prob solved by putting it to YES. 🙂
Regards,
Steve.
Hi!
No hope to use a host certificate and key issued by Certificate Authority. in V8.x ???
Regards,
Steve
Hi,
Here is the result :
root@bmn-dev-deb01:/home/ADM_T0237305_L# grep -i availablesessiontypes /usr/NX/etc/*cfg
/usr/NX/etc/node.cfg:AvailableSessionTypes unix-remote,unix-console,unix-default,unix-application,physical-desktop,shadow,unix-xsession-default,unix-gnome,unix-xdm
/usr/NX/etc/server.cfg:# desktop=1 list all desktop types set in the AvailableSessionTypes
/usr/NX/etc/server.cfg:AvailableSessionTypes unix-remote,unix-console,unix-default,unix-application,physical-desktop,shadow,unix-xsession-default,unix-gnome,unix-xdm
Regards,
Steve
Hello,
The idea would be to simulate a real user and from end to end and detect interruption of service before users scream 😉
Simulate for V8.16 :
!M Client (Win11) ==> ECS (RHEL) ==> ED (Win) or SBTS (RHEL /Debian)
Is it possible ? How ?
Thanks,
Steve.
Hello,
– same result with another username
– yes SBTS V8.16 for Debian 12 (.deb got from URL provided by NoMachine team), valid evaluation key
Do you have the SHA256 signature for SBTS V8.16 for Debian x64 ?
Regards,
Steve
Hi!
What logs exactly would you need ?
Those collected on client side with this command ?
tar -cvp –exclude ‘cache*’ –exclude ‘images’ –exclude ‘temp’ $HOME/.nx | gzip -c >nxdir.tar.gz
I can’t send all the the logs for security reasons, please could you be more precise and tell me just a few crucial log files you need to understand the problem ?
Thanks,
Regards,
Steve.
Hi!
I’ve reproduced the problem on a 2nd “Debian 12” environment:
I’ve installed HAProxy 2.6.12 in TCP mode to do load balancing (round robin) between 2 NoMachine 8.16.1 ECS (Enterprise Cloud Server) accepting NX protocol.
I use 4 VM (Debian 12):
1 NoMachine Client (NX or SSH)
1 HAProxy
ECS 1 = 1st member of the cluster
ECS 2 = 2nd member of the cluster
It’s working but I still get a server identity warning each time I connect to an ECS of the cluster. 🙁
The RSA public keys of the 2 ECS of the cluster are not saved together in “/home/my_user/.nx/config/hosts.crt”.
It seems that each time I connect to an ECS, its public key overwrites the key of the other ECS already in the hosts.crt file.
I actually don’t understand the logic of this behaviour.
NB: ECS supports SSH protocol and it works like a charm, I get a server identity warning only the 1st time I connect to HAProxy (I see the public key of HAProxy server in /home/my_user/.ssh/known_hosts).
When you write “We are unable to reproduce the problem”, are you using 4 VM like I am ?
Thanks,
Regards,
Steve.
Hi!
This problem is strange, I did a quick testing on !M client, after deleting this hosts.crt file, and I see
/home/my_user/.nx/config/hosts.crt
is re-created and is updated with only the public key of one of the 2 members of the cluster handled by HAProxy (and go-mmproxy), even after many logins well balanced.
Very surprising !
I tried to manually add the public keys (/usr/NX/etc/keys/host/nx_host_rsa_key.crt) of the 2 ECS of the cluster to
/home/my_user/.nx/config/hosts.crt on !M client.
Then I protected the file with:
chown root:root hosts.crt
chmod 400 hosts.crt
At each logging from !M client, a warning is displayed saying the file hosts.crt is write protected that is a little bit better than a host authenticity warning.
I have to investigate further.
Regards,
Steve