You want to tighten up the client-side a bit by not allowing users to be able to save passwords in the Nxclient login screen.
Create an empty file on the client named /usr/NX/share/nopasswd:
# touch /usr/NX/share/nopasswdOn Windows clients, create \Program Files\NX Client for Windows\Share\nopasswd.
This disables saving the login and password.
If you have chronically roaming users, or users sharing Windows PCs, or generic public terminals, it is wise to disable login and password saving.
Obviously, you must make sure that the nopasswd file is read-only by the user. On Linux , this is easy:
# chown root:root nopasswd
# chmod 644 nopasswdOn Windows, it isn't so easy. Windows NT, 2000, 2003, and XP Pro running the NTFS filesystem let you tweak individual file permissions; just right-click on the file icon, and go to the Security tab to set ownership and access permissions.
However, any Windows running the FAT32 filesystem does not have ACLs. Windows XP Home does not include an ACL-capable filesystem, nor does Windows XP Pro in Simple File Sharing mode.
Simple File Sharing is on in XP Pro by default; to turn it off, open My Computer → Tools → Folder Options → View → Advanced Settings, and uncheck "Use simple file sharing (Recommended)."
You should do this as Administrator because Simple File Sharing is enabled/disabled per user. So, make sure the boss has control, however feeble. You can also make nopasswd a hidden file, for a wee bit of extra obscurity.
Run /usr/bin/nxserver--help as
root to see all server commands
NoMachine's Support Center:
| http://www.nomachine.com/support.php |
NX Server System Administrator's Guide:
| http://www.nomachine.com/documentation/admin-guide.php |