Knowledge Base
Searching in : Article
ID: AR07K00679
Applies to: NoMachine Client
Added on: 2013-07-16
Last Update: 2018-06-20
Print this article

How to configure NoMachine Cloud Server v. 5 to connect web sessions on different hosts

This article applies to NoMachine Cloud Server v. 4 and v. 5.

For NoMachine servers v. 6 or later, please use https://www.nomachine.com/AR06P00984


By default, the Cloud Server  is configured to connect to the server installed on the same host (localhost).

It's however possible to use Cloud Server to access by web a different host and/or multiple server hosts (including the main server host) where a NoMachine Enterprise Server or Cloud Server is installed.


Follow instructions below to configure your Cloud Server to fit your specific needs.

 

STEP 1

If you need to configure the Cloud Server to connect to a server different from localhost:

edit the Cloud Server configuration file, namely installationDirectory/etc/cloud.cfg

In:

Section "Server"

edit the 'Host' key and set IP or hostname of the server machine you want to connect to.


By default this section is set to:

Section "Server"

Name "Connection to localhost"
Host localhost
Protocol NX
Port 4000

EndSection

Change 'Host localhost' to point to the NoMachine server host you want to connect to, and give it a name by setting the 'Name' key. For example:

Section "Server"

Name "Testdrive"
Host testdrive.nomachine.com
Protocol NX
Port 4000

EndSection

If you need instead to configure the Cloud Server to connect to multiple server hosts:

edit the Cloud Server configuration file and create a new Section "Server" entry for each server host. If you keep the original Section "Server", users will be able to connect also to localhost.

Then specify a name for the new section and set IP or hostname of the additional server machine in the Host key.

For example, to connect to both localhost and to the server host testdrive.nomachine.com:


Section "Server"

Name "Default connection"
Host localhost
Protocol NX
Port 4000

EndSection


Section "Server"

Name "Testdrive"
Host testdrive.nomachine.com
Protocol NX
Port 4000

EndSection
 

When the user connects by the Cloud Server, he will see both 'Default connection' and 'Testdrive' listed in the available connections.

 

Note for Cloud Server v. 5.1.9 or earlier:
Section "Server" was previously called SectionSession, as well as other parameters have been renamed. The old format of this directive is:

SectionSession "Connection to localhost"

ServerHost localhost
ConnectionMethod NX
ConnectionPort 4000
ServerPath /etc/NX/nxserver

EndSection

 

STEP 2

By default, connections by web use the NX protocol. You can change it to use the SSH protocol be editing the 'Protocol' and 'Port' keys in the Section "Server".  Please see examples below.

System login and NX protocol:

Section "Server"

Name "Testdrive"
Host testdrive.nomachine.com
Protocol NX
Port 4000

EndSection

System login and SSH protocol:

Section "Server"

Name "Testdrive"
Host testdrive.nomachine.com
Protocol system
Port 22

EndSection

NoMachine login and SSH protocol:

Section "Server"

Name "Testdrive"
Host testdrive.nomachine.com
Protocol nomachine
Port 22

EndSection

 

 

Depending on the protocol, procedure to complete set-up for connecting web sessions on different hosts is different.

In case of connection by NX protocol, it's necessary to update the list of allowed hosts in the client.crt default certificate on the main Cloud Server machine. Current versions still require to run a manual procedure. 

Premises:

- Instructions below refer to Linux and assume that the additional server host is testdrive.nomachine.com.

- These instructions must be run on the machine where the main Cloud Server is installed.

- They must be executed for each of the server machines that are specified in the Section "Server" directive in the cloud.cfg file.

 

Instructions:

1) On the main Cloud Server host, move to the home of nxhtd user and go to .nx/config/ directory.

Home of nxhtd user is placed at:

/var/NX/nxhtd/ on Linux

%PROGRAMDATA%/NoMachine on Windows

/Library/Application Support/NoMachine/var/nxhtd/ on Mac OS X
 

So, on Linux:

# cd /var/NX/nxhtd/.nx/config/
 

2) Make a copy of the original client.crt file:

 # cp -p client.crt client.crt.ori

3) Copy the nxd certificate from the additional Cloud Server or Enterprise Server host (testdrive.nomachine.com) to the main Cloud Server host.

For example on Linux, copy the nxd certificate from testdrive.nomachine.com to your main Cloud Server host:


 # scp root@testdrive.nomachine.com:/usr/NX/etc/keys/host/nx_host_rsa_key.crt .
 

4) On the main Cloud Server machine, add the additional server to client.crt:
 # echo "Host:testdrive.nomachine.com" >> client.crt
 

5) Then ensure that the main Cloud Server can connect by NX protocol to the additional server by adding to client.crt the nxd certificate previously copied (point 3):

 # cat nx_host_rsa_key.crt >> client.crt

6) Set correct permissions and ownership for your new client.crt file:

 # chmod 600 client.crt
 # chown nxhtd:nxhtd  client.crt
 

7) You can then delete the nx_host_rsa_key.crt file:

 # rm nx_host_rsa_key.crt


 

If the additional server is part of a NoMachine failover cluster (two NoMachine servers in a HA failover cluster), the main Cloud Server has to connect to the shared IP of the failover cluster.

In this case follow this procedure:

1) Move to the home of nxhtd user and go to .nx/config/ directory.

2) Make a copy of the original client.crt file:

# cp -p client.crt client.crt.ori

3) Copy the cluster certificate from the additional Cloud Server or Enterprise Server host (clusterip.nomachine.com) to the main Cloud Server host:

# scp root@clusterip.nomachine.com:/usr/NX/etc/keys/host/nx_cluster_rsa_key.crt ./

4) Add the shared IP of the failover cluster server to client.crt:

 # echo "Host:clusterip.nomachine.com" >> client.crt

5) Ensure that the main Cloud Server can connect by NX protocol to the additional server by adding to client.crt the cluster certificate previously copied (point 3):

 # cat nx_cluster_rsa_key.crt >> client.crt

6) Set correct permissions and ownership for client.crt file:

 # chmod 600 client.crt
 # chown nxhtd:nxhtd  client.crt

7) You can then delete the nx_cluster_rsa_key.crt file:

 # rm nx_cluster_rsa_key.crt

 


In case of connection by SSH protocol, to connect via web and SSH protocol to another server than localhost, it's necessary to update the list of allowed hosts in the known_hosts file on the main Cloud Server machine. Current versions still requires to run a manual procedure.


Premises:

- Instructions below refer to Linux and assume that the additional server host is testdrive.nomachine.com.

- These instructions must be run on the machine wherethe main Cloud Server is installed.

- They must be executed for each of the server machines that are specified in the Section "Server" directive in the cloud.cfg file.

 

Instructions:


1) Move to the home of nxhtd user and go to the .ssh directory.

In NoMachine 4 or later home of nxhtd user is placed at:

/var/NX/nxhtd/ on Linux

/Library/Application Support/NoMachine/var/nxhtd/ on Mac OS X

%PROGRAMDATA%/NoMachine on Windows
 

For example on Linux:

# cd /var/NX/nxhtd/.ssh/

2) Make a copy of the original known_hosts file:

# cp -p known_hosts  known_hosts.ori
 

3) Then execute the ssh-keyscan tool for building and verifying ssh_known_hosts files.

For example:

# ssh-keyscan -p 22 -t rsa,dsa testdrive.nomachine.com >> known_hosts

where 22 is the default port for SSH connections unless the SSH server (SSHD) has been configured for listening on a different port and testdrive.nomachine.com is the remote server host that you want to connect via the Cloud Server.

 

 

Further information about installing and configuring the Cloud Server is available at:

for v. 4 https://www.nomachine.com/DT09K00057

for v. 5 https://www.nomachine.com/DT07M00080