NavigationContentFooter
Jump toSuggest an edit

Configuring a remote desktop with xRDP on Ubuntu Bionic Beaver

Reviewed on 08 January 2024Published on 02 December 2019
  • remote-desktop
  • remote
  • session
  • xRDP
  • rdp
  • desktop
  • pc
  • xFCE

xRDP - Overview

xRDP is an open-source alternative to Microsoft RDP (Microsoft Remote Desktop Protocol).

The tool provides a graphical login to remotely access machines and accept connections from various RDP clients: FreeRDP, rdesktop, NeutrinoRDP and Microsoft Remote Desktop Client (for Windows, macOS, iOS, and Android).

RDP connections are encrypted by default using TLS for increased security.

In this tutorial you will learn how to install the xRDP server together with xfce, a lightweight and stable desktop environment ideally suited for the use as a remote desktop.

Before you start

To complete the actions presented below, you must have:

  • A Scaleway account logged into the console
  • Owner status or IAM permissions allowing you to perform actions in the intended Organization
  • An SSH key
  • An Instance running on Ubuntu Bionic Beaver (18.04) or later
  • sudo privileges or access to the root user

Installing the desktop environment

  1. Connect to your Instance using ssh: 
    ssh root@<your_instance_ip>
  2. Update the apt sources list and upgrade the software already installed on the instance: 
    apt update && apt upgrade -y
  3. Install the required packages for the desktop environment using the apt package manager:
apt install xorg xfce4 xfce4-goodies dbus-x11 x11-xserver-utils

Installing xRDP

  1. The xRDP server is available in the default Ubuntu repositories, and it can be installed easily using apt. The following command installs the packages xrdp and ufw a firewall to protect your instance from unauthorized access:

    apt install xrdp ufw

  2. The package manager configures the service to be automatically started upon system reboot. Run the following command to check that the service has been started during the installation:

    systemctl status xrdp.service

    You will see a message like the following, confirming the status active (running):

    ● xrdp.service - xrdp daemon
        Loaded: loaded (/lib/systemd/system/xrdp.service; enabled; vendor preset: >
        Active: active (running) since Mon 2024-01-08 10:33:36 UTC; 36s ago

  3. If the service has not been started automatically, start it with systemctl:

    systemctl start xrdp.service

  4. Open the xrdp configuration file in a text editor of your choice, for example nano:

    nano /etc/xrdp/xrdp.ini

  5. Scroll to the bottom of the file and add the following line, then save the file and exit the text editor:

    exec startxfce4

  6. Restart the xrdp service using systemctl to activate the new configuration:

    systemctl restart xrdp.service

  7. Restrict the access to port 3389 to an IP address or a range of IPs. To allow access from the block 192.168.1.0/24 launch the following command:

    ufw allow from 192.168.1.0/24 to any port 3389

    To allow connections from any host run the following command:

    Important

    This action leaves your connection vulnerable and represents is a high security risk.

    ufw allow 3389
    Tip

    For more information on how to configure the firewall of your Instance, you can read our tutorial about the configuration of ufw on Ubuntu.

Adding a regular user

For security reasons, it is recommended to create a regular user to connect to the remote desktop.

  1. Add the user with the adduser command: 
    adduser <myuser>
  2. (Optionally) If you want to give superuser rights to the user, install sudo using the apt package manager: 
    apt install sudo
  3. (Optionally) Add the user to the sudoers file: 
    adduser <myuser> sudo

Connecting using RDP

  1. Download and install an RDP client of your choice. We will use the Microsoft Remote Desktop Client in this tutorial.
  2. Start the RDP client and click Add Desktop to add a new connection :
  3. Enter the connection details. You need to enter at least your Instance’s IP in the PC name. Optionally you can add a Friendly Name to facilitate the identification of your Instance in case you configure several RDP connections.
  4. Double-click the connection icon. During the first connection, you may be asked to validate the fingerprint of the Instance. Click OK to confirm the connection.
  5. Enter the identifier and password of your regular user when prompted.
  6. You are now connected and the remote desktop displays. You can launch applications on the remote machine, as you would do locally.
Docs APIScaleway consoleDedibox consoleScaleway LearningScaleway.comPricingBlogCarreer
© 2023-2024 – Scaleway