JASMIN Help Site logo JASMIN Help Site logo
  • Docs 
  • Guides 
  • Training 
  • Discussions   
    •   Search this site  

Can't find what you're looking for?

Try our Google custom search, across all JASMIN sites

Docs
    • get started with jasmin
    • generate ssh key pair
    • get jasmin portal account
    • get login account
    • beginners training workshop
    • how to contact us about jasmin issues
    • jasmin status
    • jasmin training accounts
    • tips for new users
    • how to login
    • multiple account types
    • present ssh key
    • reconfirm email address
    • reset jasmin account password
    • ssh auth
    • storage
    • understanding new jasmin storage
    • update a jasmin account
    • interactive computing overview
    • check network details
    • login servers
    • login problems
    • graphical linux desktop access using nx
    • nx update nov24
    • sci servers
    • tenancy sci analysis vms
    • transfer servers
    • jasmin notebooks service
    • creating a virtual environment in the notebooks service
    • project specific servers
    • dask gateway
    • access from vscode
    • lotus overview
    • slurm scheduler overview
    • slurm queues
    • lotus cluster specification
    • how to monitor slurm jobs
    • how to submit a job
    • how to submit an mpi parallel job
    • example job 2 calc md5s
    • orchid gpu cluster
    • slurm status
    • slurm quick reference
    • software overview
    • quickstart software envs
    • python virtual environments
    • additional software
    • community software esmvaltool
    • community software checksit
    • conda environments and python virtual environments
    • Creating and using miniforge environments
    • idl
    • jasmin sci software environment
    • jasmin software faqs
    • jaspy envs
    • matplotlib
    • nag library
    • name dispersion model
    • geocat replaces ncl
    • postgres databases on request
    • running python on jasmin
    • running r on jasmin
    • rocky9 migration 2024
    • software migration 2020
    • share software envs
    • data transfer overview
    • data transfer tools
    • globus transfers with jasmin
    • bbcp
    • ftp and lftp
    • globus command line interface
    • globus connect personal
    • gridftp cert based auth
    • gridftp ssh auth
    • rclone
    • rsync scp sftp
    • hpxfer access role
    • scheduling automating transfers
    • transfers from archer2
    • apply for access to a gws
    • elastic tape command line interface hints
    • faqs storage
    • gws etiquette
    • gws scanner ui
    • gws scanner
    • gws alert system
    • install xfc client
    • xfc
    • introduction to group workspaces
    • jdma
    • managing a gws
    • secondary copy using elastic tape
    • share gws data on jasmin
    • share gws data via http
    • using the jasmin object store
    • configuring cors for object storage
    • ceda archive
    • external access to mass faq
    • how to apply for mass access
    • moose the mass client user guide
    • setting up your jasmin account for access to mass
    • introduction to the jasmin cloud
    • jasmin cloud portal
    • cluster as a service
    • cluster as a service kubernetes
    • cluster as a service identity manager
    • cluster as a service slurm
    • cluster as a service pangeo
    • cluster as a service shared storage
    • adding and removing ssh keys from an external cloud vm
    • provisioning tenancy sci vm managed cloud
    • sysadmin guidance external cloud
    • best practice
    • rose cylc on jasmin
    • using cron
    • mobaxterm
    • requesting resources
    • processing requests for resources
    • acknowledging jasmin
    • approving requests for access
    • working with many linux groups
    • jasmin conditions of use
    • get started with jasmin
    • generate ssh key pair
    • get jasmin portal account
    • get login account
    • beginners training workshop
    • how to contact us about jasmin issues
    • jasmin status
    • jasmin training accounts
    • tips for new users
    • how to login
    • multiple account types
    • present ssh key
    • reconfirm email address
    • reset jasmin account password
    • ssh auth
    • storage
    • understanding new jasmin storage
    • update a jasmin account
    • interactive computing overview
    • check network details
    • login servers
    • login problems
    • graphical linux desktop access using nx
    • nx update nov24
    • sci servers
    • tenancy sci analysis vms
    • transfer servers
    • jasmin notebooks service
    • creating a virtual environment in the notebooks service
    • project specific servers
    • dask gateway
    • access from vscode
    • lotus overview
    • slurm scheduler overview
    • slurm queues
    • lotus cluster specification
    • how to monitor slurm jobs
    • how to submit a job
    • how to submit an mpi parallel job
    • example job 2 calc md5s
    • orchid gpu cluster
    • slurm status
    • slurm quick reference
    • software overview
    • quickstart software envs
    • python virtual environments
    • additional software
    • community software esmvaltool
    • community software checksit
    • conda environments and python virtual environments
    • Creating and using miniforge environments
    • idl
    • jasmin sci software environment
    • jasmin software faqs
    • jaspy envs
    • matplotlib
    • nag library
    • name dispersion model
    • geocat replaces ncl
    • postgres databases on request
    • running python on jasmin
    • running r on jasmin
    • rocky9 migration 2024
    • software migration 2020
    • share software envs
    • data transfer overview
    • data transfer tools
    • globus transfers with jasmin
    • bbcp
    • ftp and lftp
    • globus command line interface
    • globus connect personal
    • gridftp cert based auth
    • gridftp ssh auth
    • rclone
    • rsync scp sftp
    • hpxfer access role
    • scheduling automating transfers
    • transfers from archer2
    • apply for access to a gws
    • elastic tape command line interface hints
    • faqs storage
    • gws etiquette
    • gws scanner ui
    • gws scanner
    • gws alert system
    • install xfc client
    • xfc
    • introduction to group workspaces
    • jdma
    • managing a gws
    • secondary copy using elastic tape
    • share gws data on jasmin
    • share gws data via http
    • using the jasmin object store
    • configuring cors for object storage
    • ceda archive
    • external access to mass faq
    • how to apply for mass access
    • moose the mass client user guide
    • setting up your jasmin account for access to mass
    • introduction to the jasmin cloud
    • jasmin cloud portal
    • cluster as a service
    • cluster as a service kubernetes
    • cluster as a service identity manager
    • cluster as a service slurm
    • cluster as a service pangeo
    • cluster as a service shared storage
    • adding and removing ssh keys from an external cloud vm
    • provisioning tenancy sci vm managed cloud
    • sysadmin guidance external cloud
    • best practice
    • rose cylc on jasmin
    • using cron
    • mobaxterm
    • requesting resources
    • processing requests for resources
    • acknowledging jasmin
    • approving requests for access
    • working with many linux groups
    • jasmin conditions of use
  1. Home
  2. Docs
  3. Interactive computing
  4. NX update November 2024

NX update November 2024

 

Nx   Nomachine   Desktop   X11  
Nx   Nomachine   Desktop   X11  
Share via
JASMIN Help Site
Link copied to clipboard

Update on connecting to NoMachine NX service November 2024

On this page
  • Good news! Connection problems resolved
  • Key presentation options
  • NX Configuration
  • Updating your key
  • Connecting

Good news! Connection problems resolved  

We now have a solution to the issues some users had with connecting to the NoMachine NX (graphical linux desktop) service, especially from Windows.

  • This involves updating your SSH key to a new algorithm, ECDSA (previously RSA).
  • We have updated our accounts system to support these new keys, which can now be used throughout JASMIN.
  • So updating your JASMIN SSH key is the first step, but you then have a choice of connection options.

In these notes, ~/ means “your home directory”. On Windows this is also represented by %USERPROFILE%.

We will update the full documentation and videos in due course, at which point this page will be removed and you will be redirected to that page from here.

Key presentation options  

The configuration you need depends on how you choose to present your key:

  • File-based method: specify the location of your key file: no admin permission required.

  • Agent-based methods: load your key into an ssh-agent which persists and can be used for subsequent connections across multiple applications.

    • Compatible agents:
      • Windows 10 or 11:
        • Windows Native OpenSSH client (optional feature, needs admin permissions to enable and start the service for the first time).
        • Pageant (part of the PuTTY suite of SSH tools  ).
      • Mac & Linux
        • the built-in ssh-agent should work.

Notes:

  1. MobaXterm’s own “MobAgent” is NOT compatible for use as an agent, but MobaXterm itself can be configured to use Pageant as an external agent. Your environment may also depend on the agent for other applications.
  2. PuTTY users will either need to create their new key in the PuTTYgen utility, taking care to select the equivalent options to the command below, or convert their new key into a PuTTY-format *.ppk file, for use with Pageant.

NX Configuration  

You will need to check that the settings in ~/.nx/config/player.cfg match your choice of method. If you modify the file, make sure you do it with the NoMachine application closed, otherwise the file will get overwritten as the application closes.

  • using the file-based method on all platforms requires the default settings, which are:

    <option key="SSH client mode" value="library">
<option key="SSH Client" value="nxssh.exe"> ("nxssh" on Mac/Linux)

  • using the agent method with Windows Native OpenSSH client requires these lines:

      <option key="SSH client mode" value="native" />
  <option key="SSH Client" value="C:\Windows\System32\OpenSSH\ssh.exe" />

  • using the agent method on Mac & Linux requires these lines:

    <option key="SSH client mode" value="native" />
<option key="SSH Client" value="/usr/bin/ssh" />

  • If in doubt, uninstall the NoMachine Enterprise Client application and all its associated folders (~/.nx and ~/NoMachine) and re-install before checking the file again.

Updating your key  

For all the above methods, you are now recommended to update your key to ECDSA: most users’ keys on JASMIN are of an older type, RSA.

  • Create a new key pair using this command. Save the files id_ecdsa_jasmin and id_ecdsa_jasmin.pub to your ~/.ssh directory which is in your home directory on your local machine. Storing in this location avoids permissions problems. Remember, do this command on your local machine: your private key should never leave that machine and must be protected with a strong passphrase. Do not copy your private key to anywhere on JASMIN 
    ssh-keygen -m PEM -t ecdsa -b 521 -f ~/.ssh/id_ecdsa_jasmin
  • The equivalent using PuTTYgen or MobaKeyGen is with these settings: choose these before clicking “Generate”
    Settings for ECDSA key in PuTTYgen (same for MobaKeyGen). Choose settings before clicking Generate.
    Settings for ECDSA key in PuTTYgen (same for MobaKeyGen). Choose settings before clicking Generate.
  • If you’re using an agent, remember to load your new key into that agent, using your usual method (usually ssh-add <key file> but depends on the agent).
  • IMPORTANT Next, follow these steps to upload your new public key to your JASMIN profile in the accounts portal. This will get propagated around JASMIN which can take around 15 mins, so please wait before trying to connect.

Connecting  

  • You should now create a new connection profile which uses your new key, or the agent into which you loaded your new key, to connect to one of the JASMIN nx servers.
  • Test the onward connection to one of the sci servers, e.g. sci-vm-01 to ensure it’s all working correctly.
Last updated on 2024-11-13 as part of:  temp article before main NX & SSH keys update (0fb306561)
On this page:
  • Good news! Connection problems resolved
  • Key presentation options
  • NX Configuration
  • Updating your key
  • Connecting
Follow us

Social media & development

     

Useful links

  • CEDA Archive 
  • CEDA Catalogue 
  • JASMIN 
  • JASMIN Accounts Portal 
  • JASMIN Projects Portal 
  • JASMIN Cloud Portal 
  • JASMIN Notebooks Service 
  • JASMIN Community Discussions 

Contact us

  • Helpdesk
UKRI/STFC logo
UKRI/NERC logo
NCAS logo
NCEO logo
Accessibility | Terms and Conditions | Privacy and Cookies
Copyright © 2024 Science and Technology Facilities Council.
Hinode theme for Hugo licensed under Creative Commons (CC BY-NC-SA 4.0).
JASMIN Help Site
Code copied to clipboard