summaryrefslogtreecommitdiff
path: root/system/xrdp/README
blob: e127d9d09adc9faaa7de6dd50583deb0a38d9e37 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
Xrdp provides a fully functional Linux terminal server, capable of accepting
connections from rdesktop and Microsoft's own terminal server/remote desktop
clients. Xrdp uses Xvnc or xorgxrdp (which are installed separately) to manage
the X session.  This means a RDP client can connect to a VNC server on the
xrdp server machine in addition to the RDP server. Xrdp can also act as a
bridging server, allowing RDP clients to connect to other RDP or VNC servers
through the xrdp server.

Xvnc is included with tigervnc (in Slackware /extra).
xorgxrdp can be compiled and installed after installing xrdp.

By default, this script will make xrdp without PAM support since PAM is not
installed in Slackware by default.  The script supports building with PAM,
but it is completely untested by us.  If you want to enable PAM, run the
script as follows:
  USE_PAM=YES ./xrdp.SlackBuild

By default, this script will make xrdp without GVFS support, as it can cause
a problem if a session is unexpectedly terminated leaving an orphan GVFS
mount. (This can be corrected by logging into the server hosting xrdp and
running 'fusermount -uz ~/thinclient_drives').
If you want to use drive redirection and shared clipboard support,
run the script as follows:
  USE_GVFS=YES ./xrdp.SlackBuild

After installing xrdp there are some configuration files in /etc/xrdp that
can be modified:

** sesman.ini **
sesman.ini has some useful options to take note of such as the ability to
allow xrdp use by only a certain group and to specify the log location.
*NOTE:* The default log location is now /var/log/xrdp-sesman.log, and
the logs are rotated according to /etc/logrotate.d/xrdp-sesman added
by the script.

** xrdp.ini **
xrdp.ini should be modified so that you have the options you want.
For instance, the server login screen can be customised.
The default protocol settings is 'ssl_protocols=TLSv1.2, TLSv1.3'.
OpenSSL 1.0.2 in Slackware 14.2 does not support TLSv1.3, which can
cause a harmless debug message.
The remote desktop client in Windows XP requires TLSv1 to connect.
When released, Windows 7 did not support TLSv1.2, but an official update
was released.
The man page for xrdp.ini has more details on the file.
*NOTE:* The default log location is now /var/log/xrdp.log, and
the logs are rotated according to /etc/logrotate.d/xrdp added
by the script.

** xrdp-xinitrc **
xrdp-xinitrc by default tries to load one of several DE/WMs in order to
start a X11rdp session.  Change this as desired to load a specific DE/WM.
A similar script can be executed on a per-user basis by creating an
executable script at ~/.xrdp-xinitrc.  A utility program, xrdp-xwmconfig,
is included to allow you to use your xinit scripts during sessions.
It works just like xwmconfig, so run it as root to set the global default,
or run it as a normal user to set only the default for that user.  See the
sesman.ini man page for details about defining different names or locations
for the startup scripts.

If using xorgxrdp, you will likely need a /etc/X11/Xwrapper.config wrapper
script containing a line:
  allowed_users = anybody
(See 'man Xwrapper.config' for details)