CentOS Debian Red Hat Ubuntu

How to Setup XRDP to Securely Connect Remote Linux Servers

Setup XRDP to securely connect Remote Linux Servers

xrdp is an Open Source Remote Desktop Protocol that works as an alternative to Windows RDP to connect to remote Linux servers with GUI. XRDP supports VNC (Virtual Network Compute) protocol that uses RFB ( Remote Buffer Protocol) to control remote systems. XRDP is a way easy to use in place of other tools because of no additional package required for this. In order to make it more secure, we will show you making its secure connection through SSH Tunneling.

Prerequisites:

The prerequisites in this article are to have a remote Linux server with GUI (Graphical User Interface) environment, running xrdp, and a local X windows system to connect to the remote server.

Let’s follow the steps below to install and use xrdp on a Linux OS.

Step 1: Installing XRDP

In order to install xrdp, let’s connect to your remote Linux server using ssh and run the system updates that you can do by the following commands.

For RHEL/CentOS:

# yum update -y 

For Debian/Ubuntu:

# apt-get update -y

Once your system has the latest update installed, you can install the xrdp by the use of the below command.

For RHEL/CentOS:

# yum install xrdp -y

For Debian/Ubuntu:

$ sudo apt-get install xrdp

Press “Y” to continue the installation along with its required dependencies.

Step 2: Starting XRDP Service

After the installation of xrdp we need to make sure that its service is running and enabled for the auto-restart at the time of reboot.

Use the below commands to check its running start and enable auto restart.

$ sudo systemctl status xrdp
$ sudo systemctl enable xrdp

The same commands can be used in case you are using a RHEL base Operating System.

Step 3: Securing XRDP Connections

Here in this step securing the xrdp connections is most important to restrict unauthorized access to your remote systems. To make it secure we are going to make some changes in its configuration file.

Let’s open the xrdp.ini using your favorite file editor as below.

$ sudo vim /etc/xrdp/xrdp.ini
port=tcp://.:3389

Save the changes and restart xrdp service.

$ sudo systemctl restart xrdp

Now you will see the state of port ‘3389’ listening for the localhost IP.

Step 4: Creating Secure SSH Tunnel

To make a secure tunnel between the remote and local system we are going to make use of Windows Powershell. Run the command below followed by the IP address of your remote Linux Server with GUI as below.

PS C:\Users\kashif\> ssh [email protected] -L 3399:127.0.0.1:3389

Once your ssh connection is established after giving the credentials of your user name, you are ready to connect to the Remote Linux Server through RDP.

Step 5: Connect to Remote Linux Server

After making the local session, now we are ready to connect to the remote Linux server, whether it’s a CentOS/RHEL or Ubuntu with GUI support.

Open the Remote Desktop Connection App of your source Windows system and connect using the localhost and source port ‘3399’ from your previous connection.

Localhost:3399

Give the same username and password that you have used while making the local ssh tunnel between your localhost and remote server IP as shown below.

After providing the right credentials, you will have a successful remote RDP session established.

Step 6: Improving XRDP Session Performance

While using the XRDP sessions, you might have come to know that its performance is slower than the traditional RDP sessions on Windows OS. To overcome this problem you can make some tweaks in the RDP settings as below.

Open the RDP App, go to its Display Tab and change the color depth of the remote session to a lower value. Next, move to the Experience Tab and choose the connection speed with optimal performance as 56kbps as shown.

Next, open your Task Manager and set the priority of mstcsc.exe to Realtime.

Conclusion:

At the end of this article, now you will be able to install and use XRDP to securely connect to remote servers. There are a couple of other tools available but XRDP is one of the most useful and easy to use applications. You can skip the ssh tunneling step by keeping the default configuration file of XRDP if you want to skip the secure connection. I hope you find this article much helpful while searching for a better and secure way to connect to remote Linux servers.

Similar Posts