Installing XRDP on CentOS Redhat Linux

Linux Remote Desktop with XRDP

This Article will explain how to install and configure XRDP on CENTOS. The document will included both GUI and CLI references. The version of XRDP used for this installation is xrdp-0.4.1.

XRDP is a Linux program that allows you to terminal in to Linux from Windows using Remote Desktop Connection (RDP). No additional software is needed on the windows machine. You just put the Linux servers IP address in and press connect. This will take you to the XRDP login screen where you enter you Linux user name and password.

To install and test XRDP you need to complete the following steps.
1 - Install prerequisite software
2 - Install XRDP
3 - Add users
4 - Configure the firewall
5 - Start the XRDP server
6 - RDP to Linux from Windows XP


Step 1 - installing prerequisite software

In the XRDP intall.txt file it list the below prerequisite software that must be installed.
XRDP - Prerequisites
gcc and make
Header files for pam
Header files for openssl

One prerequisite software is missing in the install.txt for XRDP to work on Centos. This is the VNC-Server software. If VNC-Server software package is not installed you get to XRDP screen but when you log in, it will give you errors.

You can use the add/remove software utility in centos it install the prerequisite software. To do this go to System>Administration>Add/Remove Software. From here you can search for the software packages by typing the software package name into the search box and pressing enter. The search box is labeled with a binocular icon. Once you find the package place a check in box to left of it and continue searching. Once all packages are found press the Apply button. Below are the centos software package equivalents that need to be installed.

centos packages
gcc
make
pam-devel
openssl-devel
vnc-server

If you prefer to install the software via the command line use the below commands. I recommend using the su - command. The dash (-) changes you to the root users home directory and allows you to use the root users path variable. i.e. it will let you use the ifconfig command.

Log in as root:
su -
Enter the following to dowload and install all of the above packages.
yum install gcc make pam-devel openssl-devel vnc-server


Step 2 - installing XRDP

To install XRDP you need to download the current version, extract, make and make install it. To download go to Firefox, enter XRDP in the search box, and press enter. You should see the XRDP site first on the list. Click on it to go to the XRDP site. Next click on the download link. This will take you to the source forge XRDP site. it will list the xrdp package. Click on the download link. This takes you to XRDP package download site. Click on xrdp-0.4.1-tar.gz. When the opening xrdp-0.4.1-tar.gx windows comes up select the save to disk radio button and press OK. This will download XRDP.

Below is the link to the XRDP homepage.
http://xrdp.sourceforge.net/

Locate the xrdp tar.gz file. I found mine in my Download directory. Right click on the xrdp-0.4.1-tar.gz and select extract here. This will extract the file in the current directory.

Open a terminal session. Applications>System Tools>Terminal. You will need to log in as the root and change to extracted XRDP directory. Once here run the make and them the make install command. Below are the commands.
Log in as root:
su -
Enter the following code to make and install XRDP.
cd /home/{user name}/Download/xrdp-0.4.1
make
make install


Step 3 - Add users

In order to login through xrdp the user must be a member of the users group. A user can be added to the user group through the Users and Groups utility. To do this go to System>Administration>Users and Groups. From here you can go to the groups tab.

The users group is a system group and by default system users and groups are hidden. To unhide system users and groups go to Edit>Preferences and unselect the hide system users and groups check box and click close. This will display all the groups.

Find the users group, group number 100. Double click it to open the properties window and then select the Group Users Tab. This will list the user in the users group. To add a new user, scroll down until you find the user you want and select the check box next to it and click OK. This will add the selected user to the user group.


Step 4 - Configure the firewall

By default the RDP port 3389 is block by the firewall. In order to access the XRDP login screen the TCP and UDP port 3389 need to be allowed through the firewall. These ports can be enable through the Firewall utility.

To open the Firewall utility goto System>Administration>Firewall. On the left hand side select Other Ports. This with take you to the other ports window where you can add the TCP 3389 and UDP 3389 ports so they will be allowed through the firewall. Select the add+ button to open the add port window. Scroll down until you see port 3389 TCP ms-wbt-server select it and press OK. Next select the add+ button again and select the port 3389 UDP ms-wbt-server and select OK. You should now see both TCP and UDP 3389 port in the allow other port list. Select the Apply button to apply the changes. Select Yes on the conformation screen and then close Firewall utility.

Step 5 - Start the XRDP server

The XRDP program is a stand alone program so you have to start it manualy. Below are the commands to start, stop, and reload the xrdp server. To start the XRDP server at startup you will need to create a script.

To access the xrdp_control.sh command you must be in the /usr/local/xrdp directory.

To start XRDP:
cd /usr/local/xrdp
./xrdp_control.sh start

To stop XRDP:
cd /usr/local/xrdp
./xrdp_control.sh stop

To Reload XRDP:
cd /usr/local/xrdp
./xrdp_control.sh start

STARTUP Service :

cp xrdp_control.sh /etc/init.d/xrdp_control
chkconfig --add xrdp_control
chkconfig xrdp_control on
service xrdp_control start

6 - RDP to Linux from Windows XP

Now that the xrdp server is up, a user in the users group, and the RDP ports have been allowed, you can RDP in to Linux (Centos). To RDP in to centos from Windows all you need is RDP (Remote Desktop connection), no other software needs to be installed.

Open RDP, Start>All Programs>Accesories>Remote Desktop Connection, enter the IP address of the Linux server and press connect. This will open the XRDP screen. Enter you Linux user name and password and press OK. This will take you to your Fedora desktop terminal.

If you are currently logged on to fedora this is OK. Fedora treats them as different terminals. So if you open a program on the RDP session the the program will not open on the Linux computer that you are logged into. It treats them totally separate, more like a terminal session and not a desktop sharing session.

On Linux client machine install rdesktop client software

#Yum install rdesktop

#Rdesktop –u user1 –p- 192.168.15.119

Full screen

#Rdesktop –u user1 –p- 192.168.15.119 -f

Enter user password to get the remote desktop displayed.

VNC Remote Desktop on RedHat / CentOS

VNC is the best thing since sliced bread. If you don't believe me, give it a try.

There are two ways to use VNC. The first way is to provide remote access to your normal desktop, the desktop you get when you sit down in-front of your computer and login. The second way, which we will be exploring, is to create a desktop that is separate from the physical display and only lives in memory.

We will use VNC much like one would use a shell account with screen. We will set up an instance of an interactive desktop that is not attached to a physical keyboard, monitor or mouse. This kind of configuration is perfect for headless servers, or for running GUI applications on a server that you never actually touch. This desktop will appear in a window on your client machine. When you disconnect from this desktop, the programs will remain running/persistent, and still be there the next time you reconnect.

On our remote server, let's install the VNC packages:
server# yum -y install vnc vnc-server

and start a vnc server as a normal user account on the server:
server$ vncserver :8 -geometry 1024x768 -depth 16

Now, we could connect directly to the vnc server by supplying the hostname and port to our viewer, but chances are the connection is traversing a public network. So let's set up an ssh encrypted tunnel first. On your client machine run this ssh command:
client$ ssh -L 5908:localhost:5908 myserver.net \
"echo connected to localhost:5908 ; sleep 30"

This ssh command will securely forward your local port 5908 to the remote port 5908, where vncserver is listening. With the encrypted tunnel set up, run the vnc viewer on your client in another terminal:
client$ vncviewer localhost:8

So now you should be looking at your remote desktop in a window, but it isn't pretty because it is running the bare-minimum system default for your window manager. Let's make it look like a real Gnome desktop by un-commenting a few lines in the ~/.vnc/xstartup file on the server:
server$ vim ~/.vnc/xstartup

# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
exec /etc/X11/xinit/xinitrc

Now stop and re-start the vnc server with the new session manager:
server$ vncserver -kill :8
server$ vncserver :8 -geometry 1024x768 -depth 16

When you re-connect with ssh & vncviewer, you will have the normal Gnome desktop. This desktop will persist until you "-kill" it. This means you can open and close your viewer as much as you like, from where ever you like, to peak in on your GUI applications. Happy VNC-ing!

Hibernate Tools Code Generation