命令行环境下部署NoMachine实现远程桌面

服务器安装配置

# 更新系统
sudo apt update && sudo apt upgrade -y

# 下载安装包（根据架构选择）官网：https://download.nomachine.com/download/?id=1&platform=linux
# x86_64 架构：
wget https://download.nomachine.com/download/8.x/Linux/nomachine_8.x.x_1_amd64.deb
# 安装，安装后nomachine自动会设置为开机自启动
sudo dpkg -i nomachine_*.deb
sudo apt --fix-broken install -y  # 修复依赖

sudo ufw allow 4000
sudo ufw reload

解决无物理显示器问题（虚拟桌面）​

# 安装虚拟显示驱动
sudo apt install xserver-xorg-video-dummy -y

# 创建配置文件
sudo vim /usr/share/X11/xorg.conf.d/xorg.conf
添加以下内容

Section "Device"
    Identifier "DummyDevice"
    Driver "dummy"
    VideoRam 256000
EndSection

Section "Monitor"
    Identifier "DummyMonitor"
    HorizSync 28.0-80.0
    VertRefresh 48.0-75.0
    Modeline "1920x1080" 172.80 1920 2040 2248 2576 1080 1081 1084 1118
EndSection

Section "Screen"
    Identifier "DummyScreen"
    Device "DummyDevice"
    Monitor "DummyMonitor"
    DefaultDepth 24
    SubSection "Display"
        Depth 24
        Modes "1920x1080"
    EndSubSection
EndSection

重启系统或重新加载 Xorg 配置生效。

禁止密码登录，只使用密钥登录

假设私钥已经放在./ssh目录

cat ~/.ssh/id_rsa_nxclient.pub >> ~/.nx/config/authorized.crt

chmod 0600 ~/.nx/config/authorized.crt

编辑配置文件

sudo vim /usr/NX/etc/server.cfg

找到如下部分

#
# Specify how clients will have to authenticate to the server, by
# default all the available methods are supported. This corresponds
# to value all. To specify a subset of methods use a comma-separated
# list.
#
# Supported methods for connections by NX protocol are:
# NX-password   : Password authentication.
# NX-private-key: Key-based authentication.
# NX-kerberos   : Kerberos ticket-based authentication.
#
# Supported method for connections by SSH protocol is:
# SSH-system    : All methods supported for the system login.
#                 SSH authentication methods for the system login
#                 have to be set on the system for example in the
#                 PAM configuration.
#
# For example:
# AcceptedAuthenticationMethods NX-private-key,SSH-system
#
# This key has to be used in conjunction with ClientConnectionMethod.
# See also the EnableNXClientAuthentication key for enabling SSL
# client authentication for connections by NX protocol.
#
#AcceptedAuthenticationMethods all

然后在这行注释#AcceptedAuthenticationMethods all的后面添加以下代码

AcceptedAuthenticationMethods NX-private-key

然后重启nomachine

sudo /usr/NX/bin/nxserver --restart

然后再去登录发现已经无法使用密码登录nomachine了