aboutsummaryrefslogtreecommitdiff
path: root/system/xrdp/README
blob: f04525fa8573867b70e04d667e2e0bab3890f7b9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
Xrdp provides a fully functional Linux terminal server, capable of
accepting connections from rdesktop and Microsoft's own terminal
server/remote desktop clients. Xrdp uses Xvnc or xorgxrdp (which
are installed separately) to manage the X session.  This means a
RDP client can connect to a VNC server on the xrdp server machine in
addition to the RDP server. Xrdp can also act as a bridging server,
allowing RDP clients to connect to other RDP or VNC servers through
the xrdp server.

Xvnc is included with tigervnc (in Slackware /extra).
xorgxrdp can be compiled and installed after installing xrdp.

By default, this script will make xrdp without PAM support since
PAM is not installed in Slackware by default.  The script supports
building with PAM, but it is completely untested by us.  If you want
to enable PAM, run the script as follows:
  USE_PAM=YES ./xrdp.SlackBuild

By default, this script will make xrdp without GVFS support, as it
can cause a problem if a session is unexpectedly terminated leaving
an orphan GVFS mount. (This can be corrected by logging into the
server hosting xrdp and running 'fusermount -uz ~/thinclient_drives').
If you want to use drive redirection and shared clipboard support, run
the script as follows:
  USE_GVFS=YES ./xrdp.SlackBuild

After installing xrdp there are some configuration files in /etc/xrdp
that can be modified:

** sesman.ini **
sesman.ini has some useful options to take note of such as the ability
to allow xrdp use by only a certain group and to specify the log
location.
*NOTE:* The default log location is now /var/log/xrdp-sesman.log, and
the logs are rotated according to /etc/logrotate.d/xrdp-sesman added
by the script.

** xrdp.ini **
xrdp.ini should be modified so that you have the options you want.
For instance, the server login screen can be customised.
The default protocol settings is 'ssl_protocols=TLSv1.2, TLSv1.3'.
OpenSSL 1.0.2 in Slackware 14.2 does not support TLSv1.3, which can
cause a harmless debug message.
The remote desktop client in Windows XP requires TLSv1 to connect.
When released, Windows 7 did not support TLSv1.2, but an official update
was released.
The man page for xrdp.ini has more details on the file.
*NOTE:* The default log location is now /var/log/xrdp.log, and
the logs are rotated according to /etc/logrotate.d/xrdp added
by the script.

** xrdp-xinitrc **
xrdp-xinitrc by default tries to load one of several DE/WMs in order
to start a X11rdp session.  Change this as desired to load a specific
DE/WM.  A similar script can be executed on a per-user basis by
creating an executable script at ~/.xrdp-xinitrc.  A utility program,
xrdp-xwmconfig, is included to allow you to use your xinit scripts
during sessions. It works just like xwmconfig, so run it as root to
set the global default, or run it as a normal user to set only the
default for that user. See the sesman.ini man page for details about
defining different names or locations for the startup scripts.

If using xorgxrdp, you will likely need a /etc/X11/Xwrapper.config
wrapper script containing a line:
  allowed_users = anybody
(See 'man Xwrapper.config' for details)