Graphical linux desktop using NoMachine NX
Graphical linux desktop using NoMachine NX
Using graphical applications over a wide-area network can be very slow, and is not recommended or supported on JASMIN. This service provides a better alternative with graphical desktop within the JASMIN environment itself, rather than on the user’s local machine.
A small client application, available for you to install on your local machine, enables you to connect to specific servers within JASMIN. Graphics are then relayed to the client application in a more efficient form, resulting in much better performance particularly if you need to interact with what’s being displayed.
The service provides an improved user experience and is strongly recommended over standard X11 graphics.
The following servers have the NX service available and can be used as described below. These now have identical configuration, so you can use any one of them from any network location.
| name | notes |
|---|---|
nx1.jasmin.ac.uk |
|
nx2.jasmin.ac.uk |
|
nx3.jasmin.ac.uk |
|
nx4.jasmin.ac.uk |
(new server now available) |
nx* servers should only be used with Nomachine Enterprise Client as described below, other than for testing your connection, as this preserves system resources for their intended purpose.Download the appropriate version of the NoMachine Enterprise Client from NoMachine. That page contains links to several different products: The only one you need to install is NoMachine Enterprise Client.
Versions are available for Windows, Mac and Linux. You may need privileges on your local machine in order to install the software so you may need to ask for help from your local IT helpdesk.
Note that Nomachine Enterprise Client is a different application to the “Nomachine Enterprise Desktop” or “Nomachine” available from the more publicised download links on the NoMachine website or other applications in the NoMachine suite: the desktop edition contains additional components to enable remote access to your own (local) machine from a remote location: perhaps convenient but not what we are trying to enable for you here.
The NoMachine Enterprise Client is a cut-down client to which connects to a remote server: in your case, the server is at the JASMIN end, where the desktop session will exist.
Remember to check for updates for the enterprise client to ensure you always have the latest stable version. You can configure the application to check for updates (and optionally apply them automatically) by going to Settings / Updates in the menu.
There are 2 methods of using your SSH key which should work with JASMIN, these affect how you set up the connection:
| Method | pros/cons |
|---|---|
| 1. Specify the location of your SSH private key |
simple no admin permissions needed works for all platforms if you update your key to ECDSA |
| 2. Use your key stored in a local ssh-agent |
useful if you use other applications which use SSH (e.g. VSCode) may need admin permissions for 1st-time agent setup careful editing of config file required in some cases |
For a simple terminal connection to JASMIN, you would follow the instructions in presenting your ssh key, but the NoMachine client needs you to do it a slightly different way. The same principles apply however.
Videos for each platform (click the tab for your operating system):
/usr/NX/bin/nxplayer, so you may want to add this to your $PATH. Your desktop environment may enable you to add an icon to your desktop.nx1.jasmin.ac.uk. Set the Protocol to “SSH”, which will change the port to 22.~/.ssh (see<a href="/docs/interactive-computing/graphical-linux-desktop-access-using-nx#cant-find-your-private-key">Troubleshooting</a>)
1. For security, it is recommended NOT to "import the private key to the connection file" (store it in an **encrypted** password manager instead).
1. Make sure you tick the box "Forward Authentication" **IMPORTANT**
Once you have created the connection profile, go to Connecting, below, and continue from there.
The alternative profile for using an agent instead, is very similar but we need to select option “Use key-based authentication with a SSH agent”.
Videos for each platform:
nx1.jasmin.ac.uk. Set the Protocol to “SSH”, which will change the port to 22.Once you have created the connection profile, go to Connecting, below, and continue from there.
Follow the steps in the video to show how to connect to the desktop on the nx server, and to make the onward connection to the sci server:
nx1.jasmin.ac.uknx1.jasmin.ac.uksci server and testing the graphics functionality by opening the xterm application on that server, before exiting and logging out of the NX desktop.Overview of this method:
In summary, we need to:
1. Load your SSH private key into your authentication agent
gnome-keyring-daemon --start instead, before doing ssh-add <key>2. Edit the NX configuration file
Open the file .nx/config/player.cfg in a simple text editor (e.g. Windows Notepad). The .nx directory should be in your home directory.
Towards the end of the file, you should see two lines like this:
<option key="SSH client mode" value="library">
<option key="SSH Client" value="nxssh.exe">Change them as follows:
(the changes are slightly different for each platform)
Save and close the file before opening NoMachine Enterprise Client.
Next, follow the video below for actually connecting, or see the step-by-step instructions below:
nx1.jasmin.ac.uksci server and testing the graphics functionality by opening the xterm application on that server, before exiting and logging out of the NX desktop.Once you have set up the environment to your liking, you can
sci-vm-01.jasmin.ac.ukAfter the first connection (particularly for Mac users), subsequent connections to the same connection profile sometimes have some symbols keys e.g. @ and " transposed.
Click the “settings” option (in the menu, top-right), then go to “settings” and search for “input” to look for alternative keyboard layouts.
Please do not try and connect using the proprietary “NX” protocol. Select “SSH” as the protocol. If you mistakenly use “NX” as the protocol you may see an error similar to the following when you try to connect (The correct port for SSH connections is 22)
A connection timeout has occurred while trying to connect to 'nx1.jasmin.ac.uk' on port '4000'.
The issue could either be caused by a networking problem, by a firewall or NAT blocking incoming
traffic or by a wrong server address. Please verify your configuration and try again.
Make sure you have installed and are using the correct and most recent version of the NoMachine Enterprise Client (not the NoMachine Enterprise Desktop or any other applications from NoMachine).
If you created your SSH private key using the “PuTTYgen” application, and are getting “Authentication failed” for a key pair that you know works OK for simple terminal connections, it could be that you need to convert the private key to “OpenSSH format” for use here. By doing this you would be creating an alternately-formatted version of the same private key, so the public key stays the same (and you don’t need to re-upload that to JASMIN).
Be sure to use the PASSPHRASE associated with your SSH private key, and not the PASSWORD associated with your JASMIN account, when prompted using the NX client.
The location of your private key on your local machine may be in a hidden directory for example ~/.ssh. In order to navigate to it to provide the location when setting up your connection profile, you may need to enable the display of hidden directories/files in your local desktop environment first. On a Mac you can do this with the shortcut
CMD+SHIFT+.
. In Windows this is under File Explorer / View / Hidden Items. It’s also possible that your home directory itself (normally /Users/<username>) is not configured to be displayed by default in Finder. If this is case, go to Finder / Preferences / Sidebar / Show these items and tick the box next to the item representing your username: this should make it appear, and .ssh should be a subdirectory of this.
Windows users may need to switch on “show hidden files” which is normally an option in File Explorer windows, and/or where you’re asked to choose from a list of files.
nx1, nx2 so this mitigates the problem in most cases. All the new Rocky 9 NX hosts are now the same in this respect. But if your username is very long (>13 characters) you may still run into problems here, in which case please contact the helpdesk.%USERPROFILE%\.nx (Windows) or ~\.nx (Mac/Linux) directory on your machine%USERPROFILE%\Documents\NoMachine or ~\NoMachine directory on your machine (beware this will remove all connection profiles)Did you omit the -X option from the SSH command when you made the onward connection to that machine? Try -Y if -X doesn’t work for you.
Check your disk usage in your JASMIN home directory: if this is over the 100G limit, you may not be able to write any temporary files and this could prevent NoMachine from being able to start a new session or even reconnect to an existing virtual desktop session. Clear out some space and re-check with pdu -sh $HOME to find out how much space you’re using.
Sometimes, you can’t connect because you have a previous session which did not terminate correectly, or you might have problems reconnecting to a previous desktop session. Sometimes the client will get stuck with a “spinning wheel” before eventually timing out. You can terminate your own previous session as follows:
Note that you may lose any unsaved work in the session that you terminate, but it should clear the stuck session and allow you to reconnect. Please try this first before asking the support team, as this is the first thing that they will try in order to clear your session.
For occasions where “it worked last time I tried to connect, but now doesn’t”, please first try the above step to clear any previous session which might have got stuck, otherwise the time-honoured IT support advice of “turning it off and on again” is applicable: try restarting the machine where you are using NoMachine Enterprise Client, as this can sometimes clear issues with the client, your machine or your network connection. Don’t forget to re-connect via your VPN if available.