Xrdp is an open-source implementation of Microsoft’s Remote Desktop Protocol. With Xrdp you can log in to a remote Linux machine with a full desktop session.
This guide assumes that you are running a Desktop Environment on the system that you wish to install Xrdp.
Installing a Desktop Environment
Ubuntu Servers do not have a Desktop Environment installed by default. If you wish to use Xrdp, you can install one of the below Desktop Environments.
You can skip this step if you are running Ubuntu Desktop.
- Install the Gnome DE
sudo apt update && sudo apt upgrade -y sudo apt install ubuntu-desktop -y
- Install the Xfce DE
sudo apt update && sudo apt upgrade -y sudo apt install xubuntu-desktop -y
The Xrdp package is in the Ubuntu Repositories. Run the following command to install Xrdp.
sudo apt install xrdp -y
Upon installation, verify the Xrdp service automatically starts with the following command.
sudo systemctl status xrdp
You should see the output similar to the following:
● xrdp.service - xrdp daemon Loaded: loaded (/lib/systemd/system/xrdp.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2021-12-29 05:03:18 EST; 40min ago Docs: man:xrdp(8) man:xrdp.ini(5) Process: 10425 ExecStartPre=/bin/sh /usr/share/xrdp/socksetup (code=exited, status=0/SUCCESS) Process: 10434 ExecStart=/usr/sbin/xrdp $XRDP_OPTIONS (code=exited, status=0/SUCCESS) Main PID: 10435 (xrdp) Tasks: 1 (limit: 4636) Memory: 752.0K CGroup: /system.slice/xrdp.service └─10435 /usr/sbin/xrdp
Xrdp uses the /etc/ssl/prvate/ssl-cert-snakeoil.key that is readable only to members of the ssl-cert group. Run the below commands to add the xrdp service account to the ssl-cert group and restart the xrdp service:
sudo adduser xrdp ssl-cert sudo systemctl restart xrdp
The configuration files for Xrdp are located in the /etc/xrdp directory. For typical Xrdp connections there is no need to make any changes to the configuration files.
The main configuration file is xrdp.ini. This file is laid out into sections for setting global configuration and security settings.
Configuring the Xrdp Server Firewall for Incoming Xrdp Sessions
If you are running a firewall on your Xrdp enabled machine, run the following commands to allow RDP protocol sessions.
- To allow access from a specific IP address or IP range, for example, 192.168.0.0/24 run the following command:
sudo ufw allow from 192.168.0.0/24 to any port 3389
- To allow access from anywhere, which I think is horrible and risky from a security standpoint, run the following command:
sudo ufw allow 3389
Connecting to the Xrdp Server
To connect to the Xrdp Server using a Windows PC, you can use the RDP Client. Type remote in the Windows Search Bar and click on Remote Desktop Connection. In the Computer field input the IP Address or Computer Name and click Connect.
Linux and Mac users can use a RDP client such as Remmina or Vinagre.
At the Login Screen, input your username and password and select OK.
Once you have logged in you will see your Ubuntu Desktop and you can use your machine through the Graphical User Interface.
We have successfully installed and configured Xrdp on Ubuntu 20.04!