Setting up NoMachine NX over SSH

xrayspx's picture
Music: 

As an Apple and Linux user, remote screen admin can be a colossal pain in the ass. On the Mac, we have a VNC server by default, but can't specify settings which will improve speed over slow connections, like lowering the color depth. I've tried alternate VNC servers in the past, but they all were painful to set up and still very slow over an SSH tunnel.

Several years ago I set up NoMachine's NX server, which is quite nearly as fast as MS RDP, and it's been working like a dream ever since.

This guide focuses on a Mac client connecting to a Mac server over an SSH tunnel.

Install NoMachine NX on both systems from the DMG. If everything is working, there should be a NoMachine menu in the menu bar on the server and some indicator that listening is enabled. Netstat should show the machine is listening on port 4000:

xrayspxs-iMac:~ xrayspx$ netstat -nat | grep 4000
tcp6 0 0 *.4000 *.* LISTEN
tcp4 0 0 *.4000 *.* LISTEN

With the server listening, on the client machine, set up a new connection. Most of this is totally default except that I un-checked "use UDP for multimedia" and set the target port to 4003:

To connect everything up over ssh, set up the tunnel by ssh'ing to your intermediate server. In my case I have the tunnel listen on port 4003, as shown in the new configuration setup, this is to prevent it overlapping with the NX server on the client machine:

ssh -N -L 4003:10.250.0.98:4000 xrayspx@raspberrypi

Verify the client-side machine is now listening on port 4003:

pro:~ xrayspx$ netstat -nat | grep 4003
tcp4 0 0 127.0.0.1.4003 *.* LISTEN
tcp6 0 0 ::1.4003 *.* LISTEN

Then launch the client connection to that local listening port. This can be done via the NX menu in the menu bar, but I automate all this so that I am just clicking on "NX to Home", and a script wakes up the home machine, builds the tunnel, and opens the connection:

On the Mac, you have to run nxplayer from the NoMachine.app package, on both Ubuntu and Mac, the session ".nxs" files are in ~/Documents/NoMachine:

/Applications/NoMachine.app/Contents/MacOS/nxplayer --session ~/Documents/NoMachine/Connection\ to\ iMac.nxs

The full script I run is more like this:

#! /bin/bash

#ssh into the ssh server and wake up the target system with WoL then hang out 10 seconds for the machine to absolutely be awake
ssh xrayspx@raspberrypi 'wakeimac'

sleep 10

#set up the ssh tunnel with listening port 4003
ssh -N -L 4003:10.250.0.98:4000 xrayspx@raspberrypi &

# I am tracking all the PIDs so I can kill them later, this tended to leave tunnels listening and crap after a session so they need to be killed
sshpid=`jobs -p`
shellpid="$$"

/Applications/NoMachine.app/Contents/MacOS/nxplayer --session ~/Documents/NoMachine/Connection\ to\ iMac.nxs

# On the Mac I can't actually kill the pids, since the nxplayer forks off and the script keeps running. On my Linux client, the nxplayer job holds the script from completing until I quit it. I'm sure there's a better easier way on the Mac.
#kill $sshpid; echo "killed pid $sshpid"
#kill $shellpid