NoMachine supports authentication forwarding with the following authentication methods:

- Connection by NX protocol and Kerberos ticket-base authentication
- Connection by SSH protocol and SSH key based authentication
- Connection by SSH protocol and Kerberos ticket-based authentication

In these cases an authentication agent (SSH agent) can be used to forward user's credentials inside the NoMachine session and make them available for single sign-on (SSO).

Credentials are forwarded to the host where the NoMachine session is running.

When the target machine uses GNOME Keyring, values set by NoMachine for the SSH_AUTH_SOCK environment variable to authenticate wit public key and SSH agent can be overwritten. As a consequence, credentials are not forwarded into the session.

We verified that this happens in particular on Ubuntu 14.x. Gnome-keyring connects to the gnome-session process, gnome-session sets the SSH_AUTH_SOCK environment variable and overwrite NoMachine settings .

Ubuntu 16.x that uses gnome-keyring instead than ssh-agent as well, doesn't exhibit this behavior.

As a possible workaround, set:

X-GNOME-Autostart-enabled=false

in one of these files:

~/.config/autostart/gnome-keyring-ssh.desktop
/etc/xdg/autostart/gnome-keyring-ssh.desktop