Graphical linux desktop using NoMachine NX
Graphical linux desktop using NoMachine NX
This article explains how to connect to a graphical linux desktop within the JASMIN environment using NoMachine NX.
Using graphical applications over a wide-area network can be very slow, and is not recommended or supported on JASMIN. This service provides a better alternative with graphical desktop within the JASMIN environment itself, rather than on the user’s local machine.
A small client application, available for you to install on your local machine, enables you to connect to specific servers within JASMIN. Graphics are then relayed to the client application in a more efficient form, resulting in much better performance particularly if you need to interact with what’s being displayed.
The service provides an improved user experience and is strongly recommended over standard X11 graphics.
The following “special” login servers have the NX service available and can be used as described below:
nx-login1.jasmin.ac.uk
(best for use from university networks)nx-login2.jasmin.ac.uk
(Contingency config similar to login2.jasmin.ac.uk
, to make it available from clients without reverse DNS lookup to a domain in the JASMIN allow-list. Use this option if you need to connect from home and do not have an institutional VPN available)nx-login3.jasmin.ac.uk
(Contingency config as above)nx-login4.jasmin.ac.uk
(Contingency config as above, but also supports users with usernames > 8 but also supports users with usernames > 8 characters. No support for usernames > 14 characters: contact helpdesk for advice)nx-login4
has been introduced to help cater for users whose usernames exceed 8 characters length. This works around a known limitation in the NX server software but may not solve the problem for users with very long names (created before we introduced a limit to prevent this happening: if this still affects you and you cannot make onward connections to other machines in NX, please contact the helpdesk)Download the appropriate version of the NoMachine Enterprise Client from [NoMachine](https://www.nomachine.com/download-enterprise#NoMachine- Enterprise-Client). This page contains links to several different products. The only one you need to install is “NoMachine Enterprise Client”.
Versions are available for Windows, Mac and Linux. You may need privileges on your local machine in order to install the software so you may need to ask for help from your local IT helpdesk.
Note that “Nomachine Enterprise Client” is a different application to the “Nomachine Enterprise Desktop” available from the more publicised download link on the NoMachine website or other applications in the NoMachine suite: the desktop edition contains additional components to enable remote access to your own (local) machine from a remote location: perhaps convenient but not what we are trying to enable for you here.
The NoMachine Enterprise Client is purely a client to connect to a remote server: in our case the server is at the JASMIN end, where the desktop session will exist.
Remember to check for updates for the enterprise client to ensure you always have the latest stable version. You can configure the application to check for updates (and optionally apply them automatically) by going to Settings / Updates in the menu.
As you can see from the following videos, the instruction steps below are very similar for Windows / Mac / Linux, once the enterprise client is installed. Note that the interface may look slightly different depending on which version number of the client you have installed (we can’t promise to keep the videos up to date with every new version, unfortunately!)
Instructions for v8.x clients: (older clients may vary but same concept overall)
Open the NX client
/usr/NX/bin/nxplayer
, so you may want to add this to your path. Your desktop environment may enable you to add an icon to your desktop.In the “Machines” view, select “Add”
nx-login2.jasmin.ac.uk
. Set the Protocol to “SSH”, which will change the port to 22.Go to the “Configuration” tab.
~/.ssh
(see
Troubleshooting)Go back to the “Add connection” dialog
In the “Machines” list
Enter your JASMIN username and your SSH passphrase (it is NOT recommended to save your passphrase in the connection file). Click OK.
You may see a list of all the other desktop sessions currently in progress from other users. Ignore these and click “New desktop”.
Select “Create a new virtual desktop”, then click “Create”
Note the instructions for how to reach the NX menu once in the session, and select screen settings from the list of icons: Recommended setting is “Fit to window” (leftmost icon)
Click OK on this and subsequent screens giving information about the NX and desktop environments.
You should be presented with a linux deskop on the server to which you connected, e.g. nx-login2.jasmin.ac.uk
Click “Activities” (top left menu on desktop)
Open a terminal window by clicking the “Terminal” icon in the menu down the left hand side.
To see the list of sci servers which is normally presented at login (which helps in selected a less-loaded sci server), type the following:
cat /etc/motd
Once you have set up the environment to your liking, you can
sci1.jasmin.ac.uk
ssh -AX <user>@sci1.jasmin.ac.uk
(where <user>
should be replaced by your JASMIN username).
Work interactively on a SCI machine as you would normally, but any graphical tools/applications should now work efficiently.
(Example of a graphical application on another machine within JASMIN). Try opening a simple graphical application on sci1.jasmin.ac.uk
with the command:
xclock
-AY
works if -AX
does not).You may also get a few warning messages like this, which can safely be ignored:
Warning: Missing charsets in String to FontSet conversion
Cancel the graphical application (xclock) with CTRL + c
, or use the
application’s own exit command, if it has one.
With other graphical applications opened on other servers within JASMIN, you may get warning/error messages like these as they start up: these can safely be ignored. Sometimes an application window can take a few seconds to appear, but should work normally after that.
Failed to open connection to "session" message bus: /usr/bin/dbus-launch terminated abnormally without any error message
Running without a11y support!
Gtk-Message: 08:58:38.169: Failed to load module "pk-gtk-module"
Gtk-Message: 08:58:38.171: Failed to load module "canberra-gtk-module"<br>
nx-login2.jasmin.ac.uk
from a MobaXterm terminal but NOT from the NoMachine NX client (“Authentication Failed”), then try following the steps below: these instructions are for Windows users.After the first connection (particularly for Mac users), subsequent connections to the same connection profile sometimes have some symbols keys e.g. @
and "
transposed.
Watch the following video for how to correct this.
Doing as shown leaves a small drop-down choice tool in your Gnome desktop menu so that you can correct the problem if it re-occurs later. The correct choice for the author’s UK Mac was “English (UK, Macintosh)”, but you may need to experiment with the choices available to match your own keyboard layout.
If you click the small keyboard-layout icon (bottom right when viewing the list of choices), you will be shown a preview of that keyboard layout to compare with your own.
Please do not try and connect using the proprietary “NX” protocol. Select “SSH” as the protocol. If you mistakenly use “NX” as the protocol you may see an error similar to the following when you try to connect (The correct port for SSH connections is 22)
A connection timeout has occurred while trying to connect to 'nx-login2.jasmin.ac.uk' on port '4000'.
The issue could either be caused by a networking problem, by a firewall or NAT blocking incoming
traffic or by a wrong server address. Please verify your configuration and try again.
Please use “Private key” as the authentication method, not “Authentication agent”, as the former has been found to work more consistently and reliably, particularly for onward connections to other machines.
Make sure you have installed and are using the most recent version of the NoMachine Enterprise Client (not the NoMachine Enterprise Desktop or any other applications from NoMachine).
If you created your SSH private key using the “PuTTYgen” application, and are getting “Authentication failed” for a key pair that you know works OK for simple terminal connections, it could be that you need to convert the private key to “OpenSSH format” for use here. By doing this you would be creating an alternately-formatted version of the same private key, so the public key stays the same (and you don’t need to re-upload that to JASMIN).
Be sure to use the PASSPHRASE associated with your SSH private key, and not the PASSWORD associated with your JASMIN account, when prompted using the NX client.
The location of your private key on your local machine may be in a hidden directory for example ~/.ssh
. In order to navigate to it to provide the location when setting up your connection profile, you may need to enable the display of hidden directories/files in your local desktop environment first. On a Mac you can do this with the shortcut
CMD+SHIFT+.
. In Windows this is under File Explorer / View / Hidden Items. It’s also possible that your home directory itself (normally /Users/<username>
) is not configured to be displayed by default in Finder
. If this is case, go to Finder / Preferences / Sidebar / Show these items and tick the box next to the item representing your username: this should make it appear, and .ssh
should be a subdirectory of this.
Previous versions of the Windows client had problems with “forward authentication” enabled, but this is required for onward connection to other machines. If this happens, try:
nx-login4
.C:\Users\<username>\.nx
directory on your machineDid you omit the -X
option from the SSH command when you made the onward connection to that machine? Try -Y
if -X
doesn’t work for you.
Check your disk usage in your JASMIN home directory: if this is over the 100G limit, you may not be able to write any temporary files and this could prevent NoMachine from being able to start a new session or even reconnect to an existing virtual desktop session. Clear out some space and re-check with pdu -sh $HOME
to find out how much space you’re using.
Sometimes, you can’t connect because you have a previous session which did not terminate correectly, or you might have problems reconnecting to a previous desktop session. Sometimes the client will get stuck with a “spinning wheel” before eventually timing out. You can terminate your own previous session as follows:
Note that you may lose any unsaved work in the session that you terminate, but it should clear the stuck session and allow you to reconnect. Please try this first before asking the support team, as this is the first thing that they will try in order to clear your session.
For occasions where “it worked last time I tried to connect, but now doesn’t”, please first try the above step to clear any previous session which might have got stuck, otherwise the time-honoured IT support advice of “turning it off and on again” is applicable: try restarting your local machine where the NX client is running, as this can sometimes clear issues with the client, your machine or your network connection. Don’t forget to re-connect via your VPN if available.