

...making Linux just a little more fun!
[ In reference to "Nomachine NX server" in LG#135 ]
Matthias Urlichs [smurf at smurf.noris.de]
Sat, 3 Feb 2007 00:27:41 +0100
There are also a fair number of problems with NX.
- It is based on a rather old verson of the X server. That X server has several known security bugs. There is a reason most distributions do not ship even the open-source NX parts. - Resuming a session doesn't always work. Murphy says it fails to work when it's most likely that your session has important but unsaved data in it. :-/ - The song+dance with the separate "nx" user and the client ssh key is completely unnecessary. Using a straight ssh login would be a whole lot simpler. It would also be more secure, because the user would be able to use their ssh keychains instead of typing in a password. - Relies on a patched ssh client. An old ssh client. A patch which introduces a lot of code that belongs in a separate program.
The fact that the security people of several major distribution have basically vetoed including NX should tell you something.
-- 
Matthias Urlichs   |   {M:U} IT Design @ m-u-it.de   |  smurf at smurf.noris.de
Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de
 - -
It was Penguin lust... at its ugliest.
Kapil Hari Paranjape [kapil at imsc.res.in]
Sat, 3 Feb 2007 07:27:28 -0800
Hello,
On Sat, 03 Feb 2007, Matthias Urlichs wrote:
> There are also a fair number of problems with NX.
I also felt that there were a number of questions about this article.
1. Copying the private key client_id_dsa.key between numerous machines seems to be a rather violent deconstruction of public-key use. Isn't there a way to avoid this?
2. If the source for the Ubuntu Linux package is not available NX cannot be classified as open source. How is it GPL if the source is not available?
3. Isn't there a way to run the NX system as user without root privileges to create an additional user on the system?
I did play with the NX server and client from the "kanotix" packages
a long while ago so I might have resolved these questions --- but I do
not recall the answers  
Regards,
Kapil. --