Unable to do remote desktop using xrdp

Question

I have an Ubuntu virtual machine to which I need to do remote desktop. I do not have physical access to that machine and I can do only ssh to the machine. I wanted to do remote desktop and came up with lot of options (vnc, xrdp, opennx). I used xrdp and I installed the necessary packages in the ubuntu machine (xrdp and dependent). Then I enabled the remote access in the ubuntu using the following command line option.

gconftool-2 -s -t bool /desktop/gnome/remote_access/enabled true

gconftool-2 -s -t bool /desktop/gnome/remote_access/prompt_enabled false

Then I restarted the xrdp (/etc/init.d/xrdp start). But when I try to do rdp using the windows client (mstsc), I get the following error. Remote access to the server is not enabled.

How do I solve this? Kindly help.

Raj

Answer 1

On file /etc/xrdp/xrdp.ini add address=0.0.0.0 which is the default xrdp address.

Also you have to permit firewall to listen to connections on port 3389 that xrdp is working on. For this execute:

sudo ufw allow 3389

If that doesn't work either:

1. Restart PCs
2. Disable firewall (sudo ufw disable) on server pc and then recheck (might even need another restart).

In case you missed it, i will list the entire procedure below (which was a pain to assemble). You'll be fine with that if you follow step by step (promise!).

---

Remote Desktop between any OS's Step-By-Step guide

I. Windows to / from Windows:

Use Windows Remote Desktop software

II. Linux / Unix to / from anywhere

First do the following on the server computer that you will connect via remote desktop:

- Allow other users to view your desktop
- Best to require a password
- service ssh status
- To allow computers to connect with X11 graphics system capabilities as well, you need to 
    install an X11 server on the computer that is trying to connect (client). So
    * for a Windows computer use XMing
    * for a Linux Ubuntu computer use XQuartz

IIa. Windows to Linux from terminal with graphics support

- Launch XMing on Windows client
- Launch Putty
    * Fill in basic options
    * Connection -> SSH -> X11
        -> Enable X11 forwarding
        -> X display location = :0.0
        -> MIT-Magic-Cookie-1
        -> X authority file for local display = point to the Xming.exe executable

IIb. (b for better) Windows to Linux with full GUI support. This is what most of you will want.

- install xrdp which uses the remote desktop protocol to present a GUI to the user. 
    It can provide a fully functional Linux terminal server, capable of accepting connections 
    from rdesktop, freerdp, and Microsoft's own terminal server / remote desktop clients. 
    xrdp is the daemon that handles RDP remote desktop access from Windows machines to Linux 
- edit the "/etc/xrdp/xrdp.ini" file to include the line:
    address=0.0.0.0
    right under #background=626x72 line. 0.0.0.0 is the local server address of xrdp
- Restart xrdp service
- allow xrdp port (probably 3389) through firewall
- We also need a VNC server. Install tightvncserver on Linux server machine. 
- run tightvncserver (no need to create a view-only password)
- "netstat -lvp | grep vnc" to check out the ports that tightvnc is listening on for 
    connections
- allow the vncserver port from the firewall: sudo ufw allow #
- allow the xrdp server
- Install xfce4 desktop environment an update to xfce, minimalistic faster and lightweight
    sudo apt-get install xfce4
- sudo apt-get install xfce4-terminal : way better than xterm
- sudo apt-get install gnome-icon-theme-full tango-icon-theme : installs icon sets
- Now we modify 2 files to make sure xrdp uses xfce4
    * echo xfce4-session >~/.xsession
    * secondly we modify startup file for xRDP located at /etc/xrdp/startwm.sh
        so it will start xfce4. Replace the last line with 
        startxfce4 
        (before it had something which started with a ., but no matter whatever it is, just 
        replace the last line)
    * restart xrdp service: sudo service xrdp restart
- Now you are ready to log into the computer from client using Remote Desktop (mstsc.exe). 
    Just supply the ipv4 or hostname of the VNC server.

III. *nix to / from *nix

- ssh -X [preferedUserName]@[targetIpv4Address] : -X flag enales X11 forwarding
- accept security certificates from trusted hosts when prompted

IV. Making the connection secure (optional step - applies to any configuration)

VNC & xrdp protocols are not secure which means that they are not encrypted.

To make the connection secure edit the /etc/xrdp/xrdp.ini file so that the address becomes 127.0.0.1. This will be the localhost address of the ssh server. SSH encryption will be used underneath to tunnel the vnc traffic.

- sudo service xrdp restart
- sudo service ssh restart
- pkill Xtightvnc
- tightvncserver
- putty -> Connection -> SSH -> Tunnels 
    * Source port: 5555
    * Destination: localhost:3389

---

If the above don't work:

1. You may need to restart both computers,
2. Disable firewall (sudo ufw disable) on server pc and then recheck (might even need another restart).
3. If above don't work then you have messed up your system, by installing conflicting packages. You have to do manual troubleshooting on that (very unlikely you reach this step if you follow the instructions properly).

---

Sources and credit:

• "danscourses" channel excellent 4 video series on YouTube
• https://www.tweaking4all.com/software/linux-software/use-xrdp-remote-access-ubuntu-14-04/

Answer 2

I'm not familiar with xrdp in particular, but the first thing I'd check is to see if the port its using is a) listening for connections and b) open to the outside world. The default port for RDP is 3389.

The first is pretty easy to check; simply run this in terminal on the machine you're trying to connect to (change 3389 if xrdp is listening on a different port):

netstat -an | grep "LISTEN " | grep ":3389"

If you get something similar to the following, something at least (hopefully xrdp) is listening for connections:

tcp        0      0 127.0.1.1:3389            0.0.0.0:*               LISTEN

If you don't get any output, try (re)starting xrdp or check to make sure you have the right port.

Next, you need to make sure that the machine is accessible to the Internet on that port, which involved two things: making sure that the firewall on the machine itself isn't blocking connections to that port, and making sure that any network device (i.e. a router) between the computer you're trying to connect to and the Internet isn't blocking connections. PortForward.com can help with the latter; the first depends on what kind of firewall is installed on your machine, if any.

Hope this helps!

Answer 3

I finally got this to work for me; setup: older laptop running ubuntu 13.10 running standard unity; I have installed cairo dock (which makes it much more usable for me); still not used to the left side app bar;

It would be nice to be able to use my win7 system to rdp into this ubuntu 13.10 so I spent a couple of hours this morning doing research. Here is what I did:

sudo apt-get update
sudo apt-get install xrdp

or you could use ubuntu software center to install.

The installation appeared to go ok and it appeared that the xrdp service was started ok.

From my win7 box, I opened an rdp window and used the laptop's IP address to get in; a window did open up but just a standard x11 windows screen (cross-hatch pattern with x cursor); no links, icons or menus to use.

More google research. I installed the gnome-session-fallback:

$ sudo apt-get install gnome-session-fallback
$ echo "gnome-session --session=gnome-fallback" > ~/.xsession

This didn't work; I got the same blank screen, but found another URL that suggested another windows session mgr like XFCE, so I installed xubuntu desktop:

$ sudo apt-get install xubuntu-desktop
$ echo "xfce4-session" > ~/.xsession

Don't forget to sudo /etc/init.d/xrdp restart after all the changes.

This worked. At first, on initial start-up of rdp session, I got the same blank screen but after 10 seconds (probably because I am using a win7 VDI at work from a remote location) up popped a usable xfce xubuntu desktop; not as nice as gnome but very usable.

Hope this info will be useful, as I couldn't get the initial attempts to work for me.

Dave

Answer 4

Welcome to Ubuntu Community.

First of all Check Network Settings of windows Virtual Machine in Virtual Box. Choose Bridge Connection in Network settings.Check that RDP is allowed to pass through Firewall of Window Client.

Answer 5

sudo ufw disable 

then try logging in using your rdp.. client software. I am in the process of setting this up for 12.04 linux vps, so far i got connected but not seeing a desktop only a command window.

Hi bud, you said you got connected and all you see is a terminal window, i dont know what your complete set up is but here,s mine i hope it helps.

Be sure your vncserver is running by vncserver :1 next nano into ~/.vnc/xstartup this brings you to a bin!! bla bla file, where you see the last line (& -x-window-manager), add & /etc/X11/Xsession &

Now go into this file, /etc/xrdp/startwm.sh and be SURE IN THERE, your last line is

. /etc/X11/Xsession

after doing so restart the vncserver by doing this.

vncserver -kill :1 

then restart

vncserver :1

By the way i had to install more than just the Xrdp and i did a few more commands for a fall back if Xrdp failed, all seems good at the minute for me, give it a go sure and lets know whats cooking or not. Good luck. Ps.. its frecking great when it works, stay with it.

Answer 6

I think it is more important to show how to get to the real problem. So, I'll contribute with this: Change in /etc/xrdp/sesman.ini and /etc/xrdp/xrdp.ini LogLevel from INFO to DEBUG

LogLevel=DEBUG

Add to Xvnc cmd (In /etc/xrdp/sesman.ini, under [Xvnc] )

param=-Log
param=*:syslog:50

Now both xrdp and xvnc will tell you in logs (files in /var/logs/ ) what it is going on. Enjoy !!

Answer 7

If only port 22 is being permitted through the firewall, and you lack control over your network path, you may want to use ssh tunneling to tunnel your chosen port on the remote box through to your local system.

If doing this from a Linux/Unix box look at the -L flag for ssh:

ssh -L 3390:127.0.0.1:3389 -l remote_user remote_host

where the first 3390 is the local port number and the second 3389 is the remote port number; you would then RDC to 127.0.0.1:3390 to connect. Note that the tunnel is tied to the ssh session - if you close that ssh session, the tunnel will also close and your connection to the remote desktop will drop. Make sure you use an unused port for the local side.

If connecting from a Windows system use putty and enable the ssh tunnelling options for your session (look at connection->SSH->Tunnels in the session configuration options.)

Once the tunnel is established you can use your chosen RDP client to connect. Several of the other answers address this part of the setup (personally I wound up following the xfce4-session suggestion.)

Answer 8

Run the commands in terminal:

sudo apt-get install xrdp
sudo apt-add-repository ppa:ubuntu-mate-dev/ppa
sudo apt-add-repository ppa:ubuntu-mate-dev/trusty-mate
sudo apt-get update 
sudo apt-get upgrade
sudo apt-get install ubuntu-mate-core ubuntu-mate-desktop


echo mate-session >~/.xsession
sudo service xrdp restart

Answer 9

my problem is, that xfce4-session was still running after xrdp restart.. so i just had to kill it with

sudo killall xfce4-session

. not a solution but a quick workaround

Answer 10

Into my context, there was a security issue.

this file: /etc/xrdp/key.pem is link from /etc/ssl/private/ssl-cert-snakeoil.key hasn't permission for current user which connect into RDP protocol.

Change this by adding user into ssl-cert group like that : sudo adduser xrdp ssl-cert

restart session after and this good !

Answer 11

Try editing /etc/xrdp/xrdp.ini so that it has: port=tcp://:3389

otherwise it may not be listening for tcp connections.