Skip to content

Commit e6fb6e7

Browse files
Merge pull request #388 from hpcleuven/feature/MFA_authentication
More tips on MFA with e.g. NX
2 parents 32e5b1e + a74018b commit e6fb6e7

File tree

2 files changed

+16
-7
lines changed

2 files changed

+16
-7
lines changed

source/access/mfa_guide.rst

Lines changed: 14 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -120,10 +120,16 @@ First of all, verify that your agent is running. You can do this by executing::
120120

121121
If the agent is not running, you will get a
122122
``Could not open a connection to your authentication agent.`` message. In this
123-
case you can start the agent with::
123+
case you can start an instance of the agent with::
124124

125125
eval $(ssh-agent)
126126

127+
.. note::
128+
If you start your agent in this way, it is only accessible within the context of your
129+
current shell. If you want to connect with NoMachine NX, you should also start your
130+
NoMachine client from within this shell via the ``nxplayer`` command. Otherwise it will
131+
not be able to access the certificate stored in your agent.
132+
127133
(to kill the agent use ``eval "$(ssh-agent -k)"``)
128134

129135
If your agent is running, the ``ssh-add -l`` will list the identities that were
@@ -157,10 +163,13 @@ continuing:
157163
The indentation is not strictly necessary, but is recommended for readability.
158164

159165
If you now connect to the cluster using your standard ``ssh`` command, the
160-
certificate will automatically be stored for as long as your agent lives. If
161-
you want to use apps that use ``ssh`` in the background (NX, FileZilla), you will
162-
have to do this connection to the cluster as well. You are free to log out of
163-
that session afterwards.
166+
certificate will automatically be stored for as long as your agent lives.
167+
168+
If you want to use apps that use ``ssh`` in the background (NX, FileZilla), you
169+
should also first inject a certificate in your agent before trying to connect.
170+
This can be done by connecting to the VSC firewall page with agent forwarding::
171+
172+
164173

165174
.. note::
166175

source/access/nx_start_guide.rst

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ NX session.
1919
You may also refer to :ref:`MFA Quick Start Guide <mfa for nx>` for additional information.
2020

2121

22-
1. Start the NoMachine client and press **Continue** till you see the screen
22+
1. Start the NoMachine client and press **Continue** until you see the screen
2323
listing your connections, titled **Machines**.
2424

2525
#. Press **Add** to create a new connection
@@ -43,7 +43,7 @@ You may also refer to :ref:`MFA Quick Start Guide <mfa for nx>` for additional i
4343

4444
#. If this is your first login via NX, you will need to enter your VSC username
4545

46-
#. Your private key will be automatically fetched from your SSH agent
46+
#. Your private key or certificate will be automatically fetched from your SSH agent
4747

4848
#. If you are creating for the first time choose **Create a new virtual desktop**.
4949
Otherwise please refer to the :ref:`section on how to reconnect to an NX session

0 commit comments

Comments
 (0)