FreeNX Ups the Remote Linux Desktop Ante
With FreeNX, you get a secure, fast remote desktop for Linux that connects from any major platform.
You fine folks who need to connect remotely to your Linux boxen and prefer to use a nice graphical desktop should take a look at FreeNX.
FreeNX lets you connect from a Linux, Mac OS X, Solaris or Windows client, has built-in encryption, is easy to set up and use, and is satisfyingly fast over slow connections. It performs well even when you use a heavyweight desktop like GNOME or KDE, and there is hardly any noticeable lag with lighter-weight window managers like IceWM and XFce.
But, you ask, what about the current champ of remote X sessions, VNC (Virtual Network Computing)? VNC has long been the favorite remote graphical desktop for Linux. VNC is easy to use and runs on all the major operating systems, and is especially good for controlling two different systems with a single keyboard and mouse. (See Resources.) VNC has a couple of small disadvantages, however: You'll get noticeable lag over a slow connection, and the free edition has no built-in encryption, but sends all traffic in clear-text. To run encrypted sessions requires purchasing one of the commercial editions, or tunneling through SSH.
FreeNX is a similar program based on NoMachine's NX terminal server technology. It does not run on all the platforms that VNC does; its main advantages are it is fast even over dialup, and it comes with SSH support built-in. NoMachine released their basic libraries under the GPL, thank you very much, and thus FreeNX was born. NoMachine's commercial versions are more fully-featured and come with technical support. FreeNX is ideal for users who want a free, secure, fast thin Linux client, or who need to access Linux machines from a variety of clients on other platforms.
FreeNX has not yet made it into Debian's official archives. To get FreeNX for your Debian system add this line to /etc/apt/sources.list:
deb http://kanotix.com/files/debian/ ./
Next, run apt-get update as root to update your package lists, then install with
# apt-get install nxserver
It will pull in other packages to satisfy all dependencies, such as expect, freenx, libnxcomp0, libnxcompext0, netcat, nxagent, nxlibs, and nxproxy. During installation it will ask you if you want to use the default DSA key that ships with FreeNX. Opt for custom keys, because using the default key is quite obviously non-secure, and the installer does all the work of creating and installing the custom keys anyway, so you have nothing to gain by using the default.
Then, as root, you'll need to add users and passwords for users who are authorized to connect to the server. These users must also have system accounts, so if they are not in /etc/passwd you'll have to create system accounts for them. This is standard SSH behavior, and users who do not have accounts have no business trying to log in, so don't whine about it. It is also a good security practice to force remote users to have different passwords than their system logins:
# nxserver --adduser carla
# nxserver --passwd carla
Interestingly, you only get one chance to set the password -- it does not ask for confirmation, so type carefully.
It is not necessary to run the nxsetup utility because the installer does the setup for you. Make sure port 22 is open, and you're done.