Thank you for making this video. The presentation was clear and stayed on topic. It has a good description, timestamps, and a buffer at the end for cutoff and for those thumbnails that TH-cam places that can obscure the video. No noisy superfluous intro or outro, and no music (which is good for people with auditory processing issues; it can make it hard to understand dialog).
I used to play with X11 forwarding MANY years ago. It really was fun! And occasionally it was even quite useful. To be honest, I didn't realize anyone was still doing this. I appreciate the content and you have inspired me to start playing with some of this stuff again.
Great video! TH-cam recommends brought me here. One of the biggest selling points of Linux for me over 20 years ago was multi user or the ability to export apps running on multiple machines over into a single desktop out of the box... Facebook has been quarantined to a junk thinkpad in the corner for about 8 years. hehe.. I give it just enough room to breathe and not much else. Anyways great presentation and tutorial!
I've always been amazed how UNIX was multi-user in the 70s and graphically multi-user in the early 80s, and Windows still messed everything up on their end so badly for so long with a working example to look at.
Terminal servers have a lot of practical applications. Plenty of businesses have employees using terminal servers for stuff like call centers and kiosks. Where I work, we have a system that is only accessible over terminal servers, where everything about the session is recorded and monitored for security. Another place where the same concept is used is in modern casinos where a lot of slot machines are really just thin-client computers. In all these cases one useful security tip is to simply have internet access disabled. Stuff I liked about this video: History lesson about terminals Ryzen system Small MicroCenter 4GB flash drive (I have the same one) ZFS Install TrueNAS Mention of XRDP bug and developer coordination Breakdown of X11 with cool diagrams Cool factoid about quirks related to numbers in usernames Clients for different operating systems Security and performance concerns Configuration tips I just discovered your channel and I'm really impressed with your content!
Thanks! Its actually an 8G flashdrive and it's been with me for a long time now without failing. The numbers in usernames quirk was maddening. I started with VDIUser1 / VDIUser2 / ... and I'd often get a login failure when trying to login by providing a username/password within the client but retrying the same credentials within the rdp session login screen worked fine.
I've been struggling with making the change from an older Windows Server 2016 to XUbuntu as I know nothing about Linux, but this Distro was so easy to install and setup it was just a breeze. And I've already got XRDP running in the same evening allowing several of my Thin Clients to easily access the the Terminal Services on the xUbuntu server. Amazing !! Thank You !!
Great explanation! I was looking for this! Just some advice. If you want to expose the machine to the internet, don't forget to change the port. Xrdp operates on port 3389 by default. That's what 99.99% of bots target when scanning public IPs.
This is awesome! Thank you for sharing in a very structured and followable format. This makes Linux terminal server options far more approachable than I thought it could be. You clearly put a lot of thought into what/how/when to communicate each piece and it all fit very nicely together.
@@apalrdsadventures I do all my hacking shit via phone just bc ik what im doing more on a phone thn a computer when it comes to certain things like running up someones router installing shit on other peoples phones via backdoor I got multiple working phones I use for hacking but half of the time ill get on my lil fake phone aka a burner phone an use that 😂. Yea obviously its risky using my other non fake phones for hacking bc of ping location but I can switch my IP and I have like 3-4 VPNs on all at the same time so have fun running me up 😂. Obviously you could but it would take the feds some cracking to do. But if uk what ur doing then it’ll be a lil bit more easy for ya 😂. Ok ima stop talking before I spill to much info 🤣😭
Super fascinating. Most of my career has been supporting terminal server deployments in the windows world of things. Have dealt with Citrix, RDS, and lately the main focus is Azure virtual Desktop. Didn't know anything in the same category existed for linux. One thing I am curious about here is how you would scale this out further. Most deployments I have worked with have been multi user setups with load balanced pools of session host servers. In other words, user sally might wind up on terminal server 1 on Monday, but when they come into work on Tuesday, they end up on terminal server 14. In this case, their user profile needs to exist the same as if they never shifted session hosts. This allows you to have multiple session hosts so that if one crashes it doesn't bring the entire operation down, and also ensures that user storage is independent of the session host as they serve different functions. There are several profile roaming solutions out there to handle this like citrix upm, User Profile Disks, and the one I am using the most these days is FSlogix. Is there a solution similar to that for the linux world? My quick little google fu points me to nfs shares for the user home directory mounted at system startup. Is that what you would probably roll with?
There's really a few bits that would need to work together for this, but it would be nearly identical to setting up a Linux corporate network without a terminal server + adding a load balancer. 1. Linux would generally use Kerberos+LDAP or just LDAP for user management, or Active Directory (which is itself Kerberos+LDAP+Microsoft messing with both of them). So this gets us centralized username/password store and user information, and with Kerberos that gets us tickets to authenticate to other services across the network like storage or any internal services that are kerberized. The client-side for all of these is SSSD. 2. The traditional Linux way to deal with home directories is to mount them with NFS essentially straight off the network, although it's possible to have a local home directory if you want offline access (i.e. for laptops). You can either mount the entire home directory (the entire path where all of the home directories are located) on each terminal server and then the user's home directory is available with the required permissions, or you automount the specific directory on login. No sync necessary, just some caching. 3. HAProxy would be used as a load balancer, it can do generic TCP/TLS load balancing in addition to acting as an HTTP/HTTPS reverse proxy or TLS/HTTPS endpoint and is very flexible in protocol support. Another user commented previously here that he is able to persist states in HAProxy so a user gets reconnected to the same terminal server if they reconnect within a period of time, so they get their existing session back if they are within the termination window even when going through the load balancer.
Thank you for the video. When i worked in the hospitality business in the mid 2000s they had a linux server with 100+ guest pcs. Each guest pc booted by PXE from the main server and had full gui linux access. I have always wanted to do this but I have never found out how. This video guides you part of the way there. Now I just need to figure out the PXE boot part so the users could PXE boot and log in from any blank x86 pc to his/her account.
It's nice to see xrdp now installs that easy. Some years back I was upgrading ancient software on a number of HPC servers (some were still powerful enough at the time), they used some very old Debian and NX which was sorta-free when installed. I've tried to use xrdp then, but the installation was a pain (it was either source code, or dodgy repos), badly documented. It never worked as it should, so as NX was already commercial at the time, I went with x2go. Other than some obscure visual bugs (which I found how to fix years later) and rare stuck session, it worked pretty well.
Good summary. The origin of Windows Terminal Server is quite the story. Citrix had developed a multi-user addon for Windows NT 3.51 called WinFrame. It was such a good product that my company got certified and sold it. Microsoft bascally forced Citrix to give them the tech that went into NT 4.0.
Every time I hear the story behind something Microsoft in that era.... I wonder how they ever managed to make it work well enough to sell. They could have peeked at what the various UNIXes were doing back in the early 80s (and they should have been able to at least run and test them even if the source wasn't widely available yet), but no they went completely their own weird way and did their own hacks instead, and then had to keep supporting those hacks for decades.
In college in the early 90s this is basically how every computer lab was set up. They had NCD xterm thin clients, they'd all connect to a half dozen different IBM RS/6000 running AIX unix or DEC Station 5000 running Ultrix; all over 10gb ethernet using X protocol. The apps and window manager all ran remotely.
Glad to see you use xorg. I found that wayland protocol (the default gnome renderer) breaks allot of remote access, and remote vm server access. This caused me to switch to the unity fork of Ubuntu Focal which still uses xorg. Also I prefer the unity desktop and dislike all tablet style desktops. In the past I used x2go over xrdp, but for years now I have used nomachine (v6) for full opengl/gpu remote rendering support.
I ran the install under xubuntu focal and impish, as well as ubuntu (regular gnome) focal, but not impish. Wayland really seems like a step back from xorg in terms of compatibility with less standard setups, although some of that is by design. But really I chose xubuntu because it's lightweight and pretty easy to pick up, and when you want to run a ton of clients on one system lightweight is very important and desktop animations just increase the load on xrdp (which has to jpeg-encode screen areas which have changed). In theory xrdp sessions should be able to make use of gpu acceleration somewhat, but not gpu rendering - gpu compute / transcode should be accessible since those don't go through the display pipeline like OpenGL does.
You make some really nice videos with excellent outline and info. I really appreciate your work. Its really good stuff. If you get time, take a peek at the KASM server stuff. This is an interesting term/serv base using docker. I think term serv done your way is simpler and less resource intensive - but all the same, take a peek if you get a chance! Cheers!
A container based solution will have better isolation, but this was pretty easy to setup and depending on your use case isolation may not matter anyway. But definitely a neat solution still.
UNFORTUNATELY! I needed to do a VDI deployment and thought of KASM immediately. Sadly, the fine print limits the free/community install to only five simultaneous sessions, which doesn't work for me :(. I *HAVE* used JumpServer, a Guacamole implementation that includes SSO, 2FA, and session recording (it's what you would call a PAM product). VERY nice! Planning on merging that with this approach and having a basic controlled VDI with session recording until I find something better.
Great video! I haven't done much with remote desktop access on Linux and "back in the day", I used XDMCP a lot, which was cool. Anyway, I'll have to check out xrdp! Thanks for posting!
Nice! Good amount of detail, but presented in a very digestible way. Its been a while since I did any heavy-duty linux admin/setup work, but I could duplicate this with out a lot of fuss and muss! Thank you
QUESTION: Was your sound issue resolved with the developer? OTHERWISE, an Excellent video for a total Admin experience. The video gives admins the understanding to support users no matter which platform the user has to connect to the XRDP server.
What an awesome video! I've always wanted to do something like this but could never quite figure it out on my own. You explain things very well and don't waste time on anything. Definitely subscribed.
Years of RDP to windows machines made me unaware that I could do multiple sessions to a Linux server. I just tried it and it works a charm with stock Ubuntu 20.04
Linux is inherently a multi-user system, Windows just restricts multi-user access for $$. The intro shot in the video has all 7 devices connected to the same server at the same time, and at that point I didn't want to dig out more hardware to test with.
Years of multi user work on linux and unix (48 tty's on a system with 12MB ram), I suddenly hit a concrete wall that was called the microsoft ecosphere. Nothing was possible. Remote management, never heard of. It was decades of computing taken back. Even at school I was working at a cloud of apollo domain computers, and I actually had no idea where my chip design emulation software was running on. There was no real distinction between this system or that system. And then the real world of DOS and WINDOS hit me in the face. Hoards of "system administrators" that called 340kB free on a dos system good maintenance. Novell drivers that had bugs in opportunistic locking which lead to numerous database bugs. Novell fixed that, but the system administrators did not care to update their systems. The main reason that Microsoft did not do remote working was of course licensing. The biggest interest of Microsoft was obliterating competitors with lawsuits or FUD and going after license violations. It's only after windows 10 that I might see a change in Microsoft's behavior. But the damage has been done, we have been kept back by Microsoft and their followers. And followers are brutal. I had to report some people working at dell selling FUD to potential big customers (the company I worked for). "Linux is a laughing stock" "Serial port is dead, it's USB now" Dell now runs linux on their BMC, and has serial port over IP and KVM over IP build in. Sorry... rant because it hurts when you get hurdled into a microsoft fud wall. @Rob If you can imagine any networked computing, it has already been done. Including a virtual single system that exists of multiple computers consolidated into one (mosix), or just plain a single system partitioned into several. If microsoft (or apple) announces a new feature, you can rest assured, it existed for over a decade. So welcome to the open side ;-). Where the network is the computer. And the computer is the network.
@@apalrdsadventures At one client I set up a single server that served over 50 DOS Boxes using dosemu to thin clients over X11 doing 10% CPU, because the terminal server dies at 5 boxes taking up all CPU. The dos boxes were needed for legacy administration software. And dosemu had a correct implementation of file locking. Also there were about 60 netscape browser sessions served over X11 to thin clients with software on that same server serving software to the browsers. The system had about 2GB RAM. And it run circles around a special dell windows terminal server with 4GB ram which was used for "important" software like word.
It's hilariously sad what they do to RDP, otherwise a great thing... (thanks citrix software!) and microsoft locks it down. There are some ghetto hacks to get up shadow viewing and other stuff to make it more "multi user" but still not great
Nice job. RDP is an interesting choice, but it makes sense. Hadn't considered using that for a terminal server approach. FYI, KER-ber-ohs (accent on the KER).
Very informative and helpful video. I've avoided using RPD because it has a Microsoft taste to it but I guess I was handicapping myself unnecessarily. I'm now running RDP under Windows 7 to connect to a Debian 8 server (with xfce desktop) and it works really well. Much better than VNC with the same setup. Thanks for opening my eyes to this combination.
VNC can work too, but there are so many vendor-specific extensions that it's not always clear what server and client you should choose to get the specific options you want (i.e. h264), and the trademarks are owned by a company with a proprietary server/client (RealVNC) although the original protocol is open source. Microsoft has published the protocol documentation for RDP, so it's not like xrdp is reverse engineering anything to make it work.
Thank you for this video. My work environment is similar and i've been fighting with xrdp to work. My issue is overlaying active directory and centrify rules as well to authenticate the session. Can't wait to go try some of your sessions such as TS users tieing to the AD group.
You're the second person to ask about AD! I'm not familiar with Centrify, but Canonical has a pretty thorough guide on adding Ubuntu to AD domains - ubuntu.com/engage/microsoft-active-directory I don't do Windows server work, so I probably won't be able to test it myself / make a video about it.
Great video! If you're up for a challenge, I'd love to see a video about something like this but implemented with Wayland instead of X. As I understand it, Wayland itself isn't network transparent like X is, but I believe other projects like waypipe have since added that functionality.
In some cases, your remote session may perform better than a local one. accessing a raspberry Pi may work better remotely, since your desktop may have better video horsepower than the pi you are remoting into. The new Pi 5 may change this, but that old gaming rig will still likely beat any Pi ever made. BTW there are options for remote access to a machine running Wayland, like those using the new version of PiOS.. You just need to run Wayland versions of the RDP or VNC software, rather than the Xwindows versions. Wayland is the new Linux display system, replacing the old and tired X11 system from the 90s, with thirty years of junk baked into it. Also Linux terminal services are not limited by license controls. as Microsoft stuff is.
I used to use xrpd about a decade ago to connect from windows to a linux host, but it was attached to a running X server, and the RDP desktop would not resize to match the client. I switched to xpra which lets me attach individual applications from a remote server to my local desktop, and it's much better for my use case. I've been using it through the pandemic to connect my laptop to my work pc and I have the ability to max out the memory usage on both systems (browsers, especially, can be greedy).
xpra is a bit of a different solution - you're sending individual applications, not whole desktops, so you basically need to be using a client that has a desktop to nest the remote applications with. That's great for desktop/laptop clients but doesn't work as well with tablets.
I run a handful of shared research server and went with x2go as I found that tunnelling everything an SSH tunnel a fairly simple procedure. Last time I tried XRDP it was kinda flaky and I found sessions would just disappear or they would remain active but XRDP was determined to spark up a new sessions. So I went with x2go at the time and have kinda just stuck to it (and retraining a bunch of users, I just don’t have time for) It looks xrdp has improved somewhat since then however. EDIT: I read in your other comments that iPad access was a must, so that absolutely makes sense using xrdp.
Yeah, I looked at x2go and xrdp. My personal use case is remote access, and being able to switch out the laptop with the iPad away from home. I haven't had any issues with xrdp doing weird things yet, thankfully.
Anticipating the pandemic to shut down our in person instruction at our University I setup Xrdp across all of our non Windows computer labs in February 2019. I choose Xrdp vs NX because rdp was already supported natively for the Windows labs and (good) NX was licensed software. To create a system in which one hostname could be given for the each lab I used haproxy to load balance connections to the backend Xrdp servers with hash/stick on src, persis rdp-cookie and leastconn. Further I'm utilizing ucarp, which was depicted with Bullseye? but I'm using the rhel7 rpm to install it on Rocky Linux 8.5, to have a, open source, VVRP virtual IP float between two instances of our load balancers. I'm also having the two haproxy peer their state tables between them so if someone is disconnected the aforementioned persistence should bring them back to their lost Xrdp/Windows RDP session. A couple months in to the pandemic we received funding for emergency equipment so I ordered our college 2 dual 128 core AMD Rome servers to augment our general use Proxmox virtualization platform and I virtualized our Xrdp instances. I decided to split Xrdp up into several, 20 per lab, VMs to avoid putting all our instructional eggs in the same basket instance. To be sure when your first video came across my TH-cam feed I have been keeping tabs on your content. Your work is very much inline with what I've been dealing with to keep supporting the education of our students, for the most part you're making me happy with my decisions and I thank you for all your content thus far! Since what you're doing is nearly the same as what I've deployed I can verify that everything has been running relatively smoothly. It's coincidental that your thin client has been the gleam in my eye since the start of the pandemic. One of our biggest plights is that electrical engineering have USB accessories, I haven't had them in hand but I assume either a breadboard, oscilloscope or software licensing chip that they want to do USB passthru with to our instances. Xrdp doesn't support USB devices beyond a very small subset and I don't think the code is enabled by default. Your thin client was wonders as I didn't know that the Spice console could do USB redirection. I setup an NX server and it worked "perfectly" but all logged into users share the USB space so there's no isolation. As a "mad scientist" I was considering the possibility of using udev to set the permissions of the USB devices to the logged in users but I think USB might require 1 student per VM. Lastly I will say in addition to using haproxy for Xrdp/RDP above, I figured out how to load balance ssh in a sane way with similar techniques. For it I have a similar haproxy definition but on the ssh server side, I have a systemd script that loads sshd using uniform hostkeys on a seperate port that only allows connection from haproxy so that when haproxy forwards the user to the backend there is no hostkey security kerfuffle while maintaining independent hostkeys for ssh port 22. Sorry for the stream of consciousness but with all the work you're doing I figured, maybe, I can offer back a lot of ideas to you for all the ideas and comfort you're giving me!
AFAIK the issue with USB passthrough in XRDP is really an issue with RDP, since Microsoft's implementation of device sharing puts the device driver on the client side (client speaks to USB device, RDP protocol forwards generic mass storage / webcam / printer / smart card reader / ..., not the raw USB). SPICE encapsulates USB over TLS (essentially raw), but it's much higher overhead than the terminal server approach since you're relying on a VM to run the user session. I'm working on a new project involving multiseat (multiple physical users on a single physical computer, no virtualization), and systemd has features to bind USB devices to specific user sessions for physical users. It seems like it's mostly for devices which would be run through the X server though (keyboard / mouse / audio) and generic USB hardware like USB-serial devices would still be available to all users. xrdp users don't show up as systemd seats though, so udev rules to bind devices to seats wouldn't apply to them. Not sure how NX handles this. I'm actually an electrical/computer engineer myself, so I'm very familiar with the struggles of USB lab equipment. I found that devices that natively work over Ethernet were usually a better experience to deal with. Almost all test equipment for sale now has LXI available either standard or as an option, and that's an Ethernet based protocol for lab equipment. Often they'll also have a web UI which may be very web 1.0 but completely works. I named all of the lab equipment, so their hostnames would end up in DNS, and they were pretty easy to use even as they moved around the lab. Unfortunately a lot of the devices that aren't lab equipment don't often support USB, like debuggers, USB-serial adapters, and processor boards. I don't really have a good solution to those, but at least the lab equipment half might be easy. Depending on your specific needs, trying to migrate the hardware to Ethernet and then making it easy to choose hardware devices from a remote session might be worthwhile. Feel free to reply or email me privately if you'd like to talk a bit more about this issue. I appreciate the long comment, it's nice to know that this sort of content is useful and that people are actually deploying things like this. I don't work at a large enough scale to consider load balancing, but I'm glad I can help!
Try Nomachine, it is based on X (formerly nx) forwarding but also does HW based display encoding, resulting better bandwidth utiluzation, and much better refresh rates. Video playback is not a problem in this case.
You should consider looking at the Linux Terminal Server Project (LTSP). There are a number of negative side effects to the simple terminal server setup. Particularly resource contention and multimedia performance on busy server with no you acceleration.
LTSP is focused on netbooting clients though, not providing remote access. This is a solution to a different problem. Resource contention can be handled with cgroups, and acceleration is still available via libva (but not opengl) for media decoding (although every user is sharing the same GPU). You'll always be limited by re-encoding multimedia for RDP anyway though, as you would be for any remote access protocol.
I just discovered this in August 2024. I have four HP T620 Thin clients that I want to use throughout my home for my wife and I, having all 4 connected to the same desktop, so my wife and I can just hop online wherever we are in the house. Are there any updates, etc. I should know about in 2024 that weren't available when this video came out? :)
I had used xrdp for some time before eventually switching to VNC. Xrdp has significant drawbacks, for example, it requires credentials every time. Also if you have logged on to the remote machine and forget to sign off, it will fail to connect. However, VNC has problems too, so the final straw is performance. I can only say it is no more than terrible. Instead of a smooth experience provided by Windows RDP servers, xrdp is just laggy. When moving windows around, stripes can be seen clearly. At last, I gave up and turned to vncsever. The final conclusion is that graphical environments are plainly not fit for Linux. I'd rather use ssh instead. If I really need to access graphical environments from remote, I'll definitely choose Windows.
Fantastic walk through mate. Exactly what I'veben chasing for a while now, after some time ago trying to get xen(?)/open source citrix server to do this with a vm as the hypervisored client image to have multi users use. but this is far cleaner and what i was ultimately looking for, well done!
Great explainer of x11 forwarding vs xrdp vs vnc. Shared on reddit for greater reach. Unrelated question - whats the keyboard + trackpad combo you have on your desk ? 🙂
It's a GearHead Smart Touch II, but I've had it for around a decade now and it's pretty terrible quality really. It spent most of its life in the server closet.
It looks like xrdp and xorgxrdp are in the Fedora / Centos repositories but not Arch. You'd still need to run with x11 instead of wayland, and by default Fedora/CentOS run Wayland.
Does the iOS RD app not have a toggle between pointer and touch like the Android version? Also -- good video. To the point and doesn't waste anyone's time and is packed with good information about how the windowing system works.
Great video, but is there a write-up to reference? I'm finding it hard to follow with all the awesome, but superfluous, information. One thing that could stand some additional detail, is why you choose XFCE over Gnome other than the fact that gnome isn't really gnome on Ubuntu.
The blog post has the commands, most of them are about security but basically you can just "apt install xrdp" to get started with a basic setup without audio. I chose XFCE over GNOME since it's a lighter weight desktop and I generally prefer it as a general default. Ubuntu GNOME also went to Wayland by default (although xorg is still installed and working), and Wayland doesn't support really any remote access properly yet.
Thx for the video. I am still curious for a proper VDI solution to have also the possibility to get some VMs at home with wireguard if I am on the road. I am just curious: Why this manual ways of installing / setup? Wouldnt just a usb boot option with preinstalled packages make much more sense even to be not dependent from a local installed thinclient? Or make it a bootable PXE image? And maybe enhance the Python Ui with a settings tab to not make the ini to be a forced actionpoint? I can see some next steps by improve the Pythoon Logon to a "create an on demand VM" with the help of Terraform or/and packer for example... Nice content and the python projekt looks also a big step to a proper VDI UX :) Thx
I'm working on a bootable image in the future, but it'll still be a somewhat manual setup to create the image. I also didn't write the Python UI, although I'll definitely be working to improve it.
How do you like xrdp vs x2go etc, or haven't tried? rdp is probably much easier to setup.. since it doesn't really need much setup I saw when you switched to the bravo user, their menu is different. Are the desktop environments using different themes for admin and non sudo users or something?
I chose xrdp over x2go specifically because the client for iPadOS was important to me, and RDP has clients available on a lot more OSes than x2go. I haven't tried x2go yet. As to the bravo user desktop, it's actually a quirk in xubuntu's defaults. admin was the user created during install and the default configuration for that user uses the 'whisker menu' (a nice looking, searchable start menu), while the /etc/skel configuration (which is the template home directory copied for new users) has a simpler panel configuration with the more basic start menu. I prefer the whisker menu but the video was already long and talking about how to edit /etc/skel to customize the default user template was a bit of a lengthy topic when I went into it.
Just a great tutorial. Any chance to combine this setup with network namespaces per user? E.g. to allow 20 parallel users to use different vpn connections at the same time?
Great video, I followed this guide to add XRDP to my existing MXLinux media server, in hopes to ditch anydesk. Unfortunately upon connecting view windows RDP, I am only presented with a blank blue background and a cursor, I seem to be connected but maybe the wrong X Server? Currently using XFCE
That probably means the xrdp side is fine but sesman wasn't able to launch a new X server for the session (the two work together to maintain persistent sessions and such). I'm not sure what MXLinux would have changed over Debian.
@@apalrdsadventures thanks for your response! I ended up figuring it out, default was loading XORG, which I did not have the current version. After updating XORG and restarting XRDP all is well!
yeah I kind of moved away from RDP, I really need sound and video, gaming etc. Nomachine is good for typical desktop stuff, and Parsec I use for gaming.
Good video... It helps a lot. Good security tips, of which I used some of them already for my WSL2 installation. - @4:15 - So xrdp does not natively have audio? Is there a different alternative? Please let us know if the developer fixes this. Thank You.
xrdp does have audio, but it must be compiled to the specific headers of the version of Pulseaudio on the system since it's implemented as a Pulseaudio module. If you're on Debian / Ubuntu the developer has a script which does this, but it bind mounts /home into a schroot container to do the build in-place on the local system. For ZFS (and NFS) home directories, /home is not the same mount point as /home/vdialpha for example, so the build fails. He has already fixed it, but it hasn't been merged yet. The commands on my blog will pull down the updated script from his branch and apply it on top of master so it works. If you aren't using ZFS/NFS then you shouldn't have a problem with the default build script and it should work fine.
Aside from audio, the xrdp package includes absolutely everything (on Ubuntu and family at least). Audio is a a bit more tricky, but on Debian/Ubuntu it's pretty simple too since the devs maintain a script to build it in place against the pulseaudio version on your system. Were you using a desktop with Wayland? I'm using xubuntu which still uses x11, and I also tried Ubuntu Focal (20.04) without issues but AFAIK they switched GNOME Ubuntu from x11 to wayland for 21.04, but XFCE wasn't Wayland-ready yet.
@@apalrdsadventures I was using lxde if memory serves. Will have to try again, the most common problem I had was it not properly setting up the xsession and mysteriously dying after authentication...
Again with a great video, thanks!! I’ve tabbed your website and will be watching. I want to know the best way to connect to my proxmox VMs on other Linux (or mac) devices with the BEST connection - this video showed me one great way to doso- I think it’s better than vnc. Thanks much!!
Depending on what you want, xrdp, x2go, SPICE are all valid options (except SPICE client for Mac is a rough time). xrdp has by far the best client support, x2go in theory can potentially be faster although in reality it's unlikely to be any different, and SPICE lets you run unmodified VMs of any OS (which can be handy in Proxmox specifically).
@@apalrdsadventures Thx. Not hammering you, but I think a video on VPN usage would be awesome too!! Great job! “Using a proper remote-access VPN solution to your home/business or a cloud relay point is good seceuritt anyway, and I’d feel comfortable leaving RDP exposed to users within my private home/business network without further protection.”
The DE is mostly a personal preference, but for scalability to many users something that is lightweight and is less animation heavy (so less redrawing for RDP) is a good choice.
This is a great way to secure and distribute computing for a small group. Thank you. Question though: I've been using MS's RDP client for Android on my ChromeOS notebook to access my Win7 box. The video performance is deplorable - so awful, I never would have chosen it for an implementation as you suggest. Is there some trick that makes it work as well as desktop sharing apps like Splashtop?
So different protocols prioritize different things in their screen compression algorithm choices. Game streaming focused ones (i.e. Parsec) will go with hardware encoded h.264, which can be fast (because they are GPU accelerated) and support high framerates at the expense of visual quality. RDP and most remote-desktop 'work' focused protocols do a multi-pass approach that determines which regions of the screen have changed, and then losslessly compress the data in the changed regions. This uses far less bandwidth (so it's feasible to run over the internet), and has lossless image quality (so there are never compression artifacts which can blur and distort fonts), but very computationally intensive if the screen image is constantly changing (like full screen video) and it will end up dropping the frame rate significantly to maintain full quality. So basically the solutions that work with full screen video sacrifice image quality to do so, and may also rely on hardware acceleration which isn't possible on a multi-user terminal server. Up until the last few years it wasn't even feasible to run h.264 compression in real time with low latency, and RDP is compatible across a massive range of client and server OSes going pretty far back.
Love it! Question: Can you cover and show how to run xpra(X Remote Persistent Applications) from either Linux or FreeBSD(or any BSD variant). I struggled for days to get it right and only had it running a single FreeBSD app like calculator only once, and after that struggled forever and just gave up.
I'll look into it. I have a lot of remote access and thin client projects in various states of working, so it probably won't be within the next few weeks.
Hello apalrd's, thank you for the interesting and helpful video, just to confirm, you are displaying the XFCE desktop on all the devices using some client application that leverages the XRDP protocol correct? I am wondering if today there is a way to install Linux on an iPhone, I know is possible on a Mac but I have a couple of old iPhones lying around e.g. iPhone 7 I don't use anymore since I changed to Pixel 6, and would like to test Linux on these. This is offtopic I believe but if you hang out on discord or telegram will be great to chat. Thank you again.
Yes, the desktop for all of the devices is running on the same server, and all of the clients are remotely connected. AFAIK there's no alternate OSes for iPhones currently, but it's also not a fantastic experience to use a full desktop on such a small screen. The iPad was better.
@@apalrdsadventures Thank you for the prompt response, I am definitely interested in testing the individual light terminal services run from one fairly strong server, I am guessing that you can even go lighter with the applications to use, but again, I agree that XFCE is one of the lightest and nice Desktops UIs there is. Thank you again!
I've seen a video about a product for Windows that lets you have multiple users log into and use the same desktop with each user just having his own keyboard, mouse, and monitor plugged in. I'd like to see how to set that up in Linux.
It's called multiseat and you're in luck, I just started recording for a video on that. It's not necessarily a trivial setup though, depending on what hardware you have.
Is there a way to get XRDP on linux to work like RDP works on Windows? I'd like to connect into my computer at home when I'm at work (and pick up where I left off), but when I try that use case in Debian Bookworm (X and KDE) it fails. Then after work, resume again where I left off at the console.
It does work like this, except for the local session. XRDP keeps active sessions around, but the local console on the physical system is separate from XRDP's pool of sessions. This is probably the quirk you're seeing.
@@apalrdsadventures So it doesn't work like Windows. On Windows I can switch from RDP to local session/console and it works perfectly. Do you know of a way to make Linux/Gnome/KDE work like Windows in this respect?
good video thanks. i bought a server a few years back to do this but using vnc or spice wasnt fast enough to watch videos. i was hoping it could serve as an upgrade to all my old laptops/android devices/projectors. i run a few vm and apache2 but im interested in allowing users of my website remote access to a shared vm . what would be the best way to do this so they can actually watch smooth video over internet within remote vm?
The issues I had were with logging in with the username/password passed in the RDP client. Sometimes it would give a login failure and kick me back to the login screen, then logging in via the xrdp login screen would be fine. If I didn't pass a username/password in the RDP client and start the session with no authentication, and then log in with the xrdp login screen, there were no issues.
Probably different default configs then, not a huge surprise between Debian and Ubuntu. I do recall Debian having a screensaver when I was testing my thin cilents, and Ubuntu did not.
i've used xming a long time, but that was during transition, windows is not pleasant, i mostly use slackware for my main... not now as i moved and am still setting back up, but slackware is easier than windows, yet it makes many quiver.
RDP the protocol is really well designed for remote access, and since Microsoft has published the protocol specs the Linux implementation is quite good
great video. i missed a section where we login using a linux terminal with just an xclient. is tat possible with xrdp? i remember old times doing this with thinclients. i wonder if there is a compatible way without setting up an ancient linux.
xrdp is going to stream an entire session. If you only want a single application to come to the client, then x11 forwarding or xpra is what you want instead.
Has anyone used the setup, but instead of using a workable desktop, when they sign in this will automatically start up a specific app? Like running them in a kiosk? What about local printers attached (USB). Look at some ways to make this like a THIN CLIENT to run an Azure Remote Desktop software (session)
I have a problem, programs tend to be unable to display a GUI in administrator mode, a notable is when I do "sudo thunar" in mint20. It cannot display the window in the xrdp monitor because it apparently cannot find it. It has been a few months and I still cannot find a solution for that haha
It depends on what applications you need. If you have apps that run on Linux they are almost identical to their Windows builds, so running a system like this is a massive cost savings to doing the same with Windows Server and remote licensing.
i am a teacher we have 40 computers i3 and core to duo , we have ibm server 3200x. I want to configure client client server system . Like student can login from any computers and get authorised from servaerand get his file on any computer . something like NIS NFS . Pls suggest which debian client server shall i use. I tried with ubuntu desktop 22.04 but it hangs a lot . Thank you
Yeah, I have one question, can you run XRDP without an actual graphics card on the system or a graphical X session running on a real GPU or Framebuffer? Basically I would want the X server to run *"locally"* on a virtual, displayless graphics driver and have it only be accessible via RDP, basically X GUI running exclusively via RDP and not needing or displaying anything locally. This is something I need as I want to have an X server running pretty much headless on the server itself. (Should also endup saving some RAM with this approach). I know we can do this wihout a "locally" active X GUI session on the system, I have successfully done this before tough at this time for some reason I am not being able to get this working without a local running GUI. Worse, some approaches are actually logging in a starting a local GUI session and keep the RDP session basically with a blank screen, not sure what the hell is causing this, I have pretty much followed the same approach to get the server running headless as on previous times I'd done this, though the results are definitely not the same. Any ideas what may be causing these two issues? Needing a local GUI session on a real GPU and in some situations only having the GUI properly displayed locally and the RDP session just showing a blank empty screen and the mouse cursor.
It should work without an actual graphical session on the physical system. I have not personally tested that setup, I let the graphical session run and ignore it. xrdp spawns new X servers each time someone connects (and it keeps the X server running when they logout unless you use kill disconnected sessions), so the xrdp X servers are completely separate from the 'main' one and there is never a connection between the 'main' session (which would get bound to the GPU) and the xrdp ones. As to the blank screen, I'd check the xrdp.log and sesman.log to see if maybe it's having some sort of error in launching the X session. It sounds like it's successfully connected but then is unable to launch an X server on the new connection.
@@apalrdsadventures The odd thing is that the exact same setup did work before (with an active local session though). My goal is to have a virtual graphical interface locally, basically a dummy graphics output just to make the X server happy and then only use RDP for real output. This will need more work into, the logs weren't really useful. Need to find a dummy GPU driver or similar to test this further. Can use SSH + an X client (like Xming) but that is somehow slow (my bonded ethernet link seems to cause isses with this one, though for the disk shares it really shines on multiuser access...)
xrdp should act as a 'dummy' graphics output for its own X sessions - xorgxrdp is the backend for the X server. I wonder if it's a system level thing, like the system thinks it's not fully booted until the X server is up and running (the old-ish 'run level' number, which indicated when you were in single user, multi user, and graphical stages of boot)
Thanks a lot for your tutorials. Is there a way to achieve "retina" image quality for this kind thin graphical Linux client? I've been using an iPad Pro 12.9" for RDP connection to my Windows 10 ( WSL2) machine and the fonts quality is quite amazing. The blurry fonts I've seen so far in graphical remote Linux env cause eye strain and hardly suitable for full day gazing at.
I believe that's more a limitation of DPI scaling in Linux than the remote access protocol itself. On very small but high res displays it's running the remote session at a lower resolution and rescaling it at the client, if the server doesn't support high DPI scaling (W10 does, W7 does not afaik, xrdp does not). xrdp currently has an issue open on Github, but part of the problem is that high DPI scaling isn't well supported on Linux in general, so many desktop environments will ignore the DPI field even if it's present in the X server. It's generally expected that you'd use their customization tools (like font size, etc.) rather than a single DPI scaler.
Thank you for making this video. The presentation was clear and stayed on topic. It has a good description, timestamps, and a buffer at the end for cutoff and for those thumbnails that TH-cam places that can obscure the video. No noisy superfluous intro or outro, and no music (which is good for people with auditory processing issues; it can make it hard to understand dialog).
Glad you enjoyed it!
I used to play with X11 forwarding MANY years ago. It really was fun! And occasionally it was even quite useful. To be honest, I didn't realize anyone was still doing this. I appreciate the content and you have inspired me to start playing with some of this stuff again.
Glad you liked it!
Great video! TH-cam recommends brought me here. One of the biggest selling points of Linux for me over 20 years ago was multi user or the ability to export apps running on multiple machines over into a single desktop out of the box... Facebook has been quarantined to a junk thinkpad in the corner for about 8 years. hehe.. I give it just enough room to breathe and not much else. Anyways great presentation and tutorial!
I've always been amazed how UNIX was multi-user in the 70s and graphically multi-user in the early 80s, and Windows still messed everything up on their end so badly for so long with a working example to look at.
@@apalrdsadventures 🤣 nvm I spilled tm info in that one lil comment 😬
Terminal servers have a lot of practical applications. Plenty of businesses have employees using terminal servers for stuff like call centers and kiosks. Where I work, we have a system that is only accessible over terminal servers, where everything about the session is recorded and monitored for security. Another place where the same concept is used is in modern casinos where a lot of slot machines are really just thin-client computers. In all these cases one useful security tip is to simply have internet access disabled.
Stuff I liked about this video:
History lesson about terminals
Ryzen system
Small MicroCenter 4GB flash drive (I have the same one)
ZFS Install
TrueNAS
Mention of XRDP bug and developer coordination
Breakdown of X11 with cool diagrams
Cool factoid about quirks related to numbers in usernames
Clients for different operating systems
Security and performance concerns Configuration tips
I just discovered your channel and I'm really impressed with your content!
Thanks! Its actually an 8G flashdrive and it's been with me for a long time now without failing.
The numbers in usernames quirk was maddening. I started with VDIUser1 / VDIUser2 / ... and I'd often get a login failure when trying to login by providing a username/password within the client but retrying the same credentials within the rdp session login screen worked fine.
I've been struggling with making the change from an older Windows Server 2016 to XUbuntu as I know nothing about Linux, but this Distro was so easy to install and setup it was just a breeze. And I've already got XRDP running in the same evening allowing several of my Thin Clients to easily access the the Terminal Services on the xUbuntu server. Amazing !! Thank You !!
Glad it's working well for you!
Great explanation! I was looking for this!
Just some advice. If you want to expose the machine to the internet, don't forget to change the port. Xrdp operates on port 3389 by default. That's what 99.99% of bots target when scanning public IPs.
Setup a rdp honeypot on 3389 and switch it to something else! They can waste their bots time 😊
This is awesome! Thank you for sharing in a very structured and followable format. This makes Linux terminal server options far more approachable than I thought it could be. You clearly put a lot of thought into what/how/when to communicate each piece and it all fit very nicely together.
Glad you liked it! Hopefully you can find a use for it in your own setup
@@apalrdsadventures I do all my hacking shit via phone just bc ik what im doing more on a phone thn a computer when it comes to certain things like running up someones router installing shit on other peoples phones via backdoor I got multiple working phones I use for hacking but half of the time ill get on my lil fake phone aka a burner phone an use that 😂. Yea obviously its risky using my other non fake phones for hacking bc of ping location but I can switch my IP and I have like 3-4 VPNs on all at the same time so have fun running me up 😂. Obviously you could but it would take the feds some cracking to do. But if uk what ur doing then it’ll be a lil bit more easy for ya 😂. Ok ima stop talking before I spill to much info 🤣😭
I love how calm and relaxed you present your information. Nice to watch a master at work too.
I appreciate that!
Super fascinating. Most of my career has been supporting terminal server deployments in the windows world of things. Have dealt with Citrix, RDS, and lately the main focus is Azure virtual Desktop. Didn't know anything in the same category existed for linux. One thing I am curious about here is how you would scale this out further. Most deployments I have worked with have been multi user setups with load balanced pools of session host servers. In other words, user sally might wind up on terminal server 1 on Monday, but when they come into work on Tuesday, they end up on terminal server 14. In this case, their user profile needs to exist the same as if they never shifted session hosts. This allows you to have multiple session hosts so that if one crashes it doesn't bring the entire operation down, and also ensures that user storage is independent of the session host as they serve different functions. There are several profile roaming solutions out there to handle this like citrix upm, User Profile Disks, and the one I am using the most these days is FSlogix. Is there a solution similar to that for the linux world? My quick little google fu points me to nfs shares for the user home directory mounted at system startup. Is that what you would probably roll with?
There's really a few bits that would need to work together for this, but it would be nearly identical to setting up a Linux corporate network without a terminal server + adding a load balancer.
1. Linux would generally use Kerberos+LDAP or just LDAP for user management, or Active Directory (which is itself Kerberos+LDAP+Microsoft messing with both of them). So this gets us centralized username/password store and user information, and with Kerberos that gets us tickets to authenticate to other services across the network like storage or any internal services that are kerberized. The client-side for all of these is SSSD.
2. The traditional Linux way to deal with home directories is to mount them with NFS essentially straight off the network, although it's possible to have a local home directory if you want offline access (i.e. for laptops). You can either mount the entire home directory (the entire path where all of the home directories are located) on each terminal server and then the user's home directory is available with the required permissions, or you automount the specific directory on login. No sync necessary, just some caching.
3. HAProxy would be used as a load balancer, it can do generic TCP/TLS load balancing in addition to acting as an HTTP/HTTPS reverse proxy or TLS/HTTPS endpoint and is very flexible in protocol support. Another user commented previously here that he is able to persist states in HAProxy so a user gets reconnected to the same terminal server if they reconnect within a period of time, so they get their existing session back if they are within the termination window even when going through the load balancer.
Thank you for the video. When i worked in the hospitality business in the mid 2000s they had a linux server with 100+ guest pcs. Each guest pc booted by PXE from the main server and had full gui linux access. I have always wanted to do this but I have never found out how. This video guides you part of the way there. Now I just need to figure out the PXE boot part so the users could PXE boot and log in from any blank x86 pc to his/her account.
It's nice to see xrdp now installs that easy. Some years back I was upgrading ancient software on a number of HPC servers (some were still powerful enough at the time), they used some very old Debian and NX which was sorta-free when installed. I've tried to use xrdp then, but the installation was a pain (it was either source code, or dodgy repos), badly documented. It never worked as it should, so as NX was already commercial at the time, I went with x2go. Other than some obscure visual bugs (which I found how to fix years later) and rare stuck session, it worked pretty well.
Very comprehensive. This certainly has come a long way, and nice to be able to use rdp as opposed to VNC for Linux servers.
Yeah, it's a much better experience than VNC for me
You presenting skill is rare..
I've no question to ask because you've answered all of them.
You are awesome. ♥
Thank you! 😃
Good summary. The origin of Windows Terminal Server is quite the story. Citrix had developed a multi-user addon for Windows NT 3.51 called WinFrame. It was such a good product that my company got certified and sold it. Microsoft bascally forced Citrix to give them the tech that went into NT 4.0.
Every time I hear the story behind something Microsoft in that era.... I wonder how they ever managed to make it work well enough to sell. They could have peeked at what the various UNIXes were doing back in the early 80s (and they should have been able to at least run and test them even if the source wasn't widely available yet), but no they went completely their own weird way and did their own hacks instead, and then had to keep supporting those hacks for decades.
Finally some good video recommended by YT. Very informative too...you saved me going through countless web articles and wikis
Glad it was helpful!
In college in the early 90s this is basically how every computer lab was set up. They had NCD xterm thin clients, they'd all connect to a half dozen different IBM RS/6000 running AIX unix or DEC Station 5000 running Ultrix; all over 10gb ethernet using X protocol. The apps and window manager all ran remotely.
Glad to see you use xorg. I found that wayland protocol (the default gnome renderer) breaks allot of remote access, and remote vm server access. This caused me to switch to the unity fork of Ubuntu Focal which still uses xorg. Also I prefer the unity desktop and dislike all tablet style desktops. In the past I used x2go over xrdp, but for years now I have used nomachine (v6) for full opengl/gpu remote rendering support.
I ran the install under xubuntu focal and impish, as well as ubuntu (regular gnome) focal, but not impish. Wayland really seems like a step back from xorg in terms of compatibility with less standard setups, although some of that is by design.
But really I chose xubuntu because it's lightweight and pretty easy to pick up, and when you want to run a ton of clients on one system lightweight is very important and desktop animations just increase the load on xrdp (which has to jpeg-encode screen areas which have changed).
In theory xrdp sessions should be able to make use of gpu acceleration somewhat, but not gpu rendering - gpu compute / transcode should be accessible since those don't go through the display pipeline like OpenGL does.
OMG that is a blast from the past, much better than today but how do we dare say it? LOL!
You make some really nice videos with excellent outline and info. I really appreciate your work. Its really good stuff.
If you get time, take a peek at the KASM server stuff. This is an interesting term/serv base using docker. I think term serv done your way is simpler and less resource intensive - but all the same, take a peek if you get a chance!
Cheers!
A container based solution will have better isolation, but this was pretty easy to setup and depending on your use case isolation may not matter anyway. But definitely a neat solution still.
UNFORTUNATELY! I needed to do a VDI deployment and thought of KASM immediately. Sadly, the fine print limits the free/community install to only five simultaneous sessions, which doesn't work for me :(.
I *HAVE* used JumpServer, a Guacamole implementation that includes SSO, 2FA, and session recording (it's what you would call a PAM product). VERY nice! Planning on merging that with this approach and having a basic controlled VDI with session recording until I find something better.
This will help a lot of folks! Great explanation, keep making more and more videos.
Great video! I haven't done much with remote desktop access on Linux and "back in the day", I used XDMCP a lot, which was cool. Anyway, I'll have to check out xrdp! Thanks for posting!
You're welcome!
Fantastic demo and video, Question: Was the audio bug finally fixed such that users no longer need to install the audio feature separately?
Yes, it's been resolved.
Woooww so many important tips in one video!! Thank you very mutch!!!!
You're welcome! Hopefully it helps you with your setup!
Nice! Good amount of detail, but presented in a very digestible way. Its been a while since I did any heavy-duty linux admin/setup work, but I could duplicate this with out a lot of fuss and muss! Thank you
Glad it helped!
QUESTION: Was your sound issue resolved with the developer? OTHERWISE, an Excellent video for a total Admin experience. The video gives admins the understanding to support users no matter which platform the user has to connect to the XRDP server.
Yes, the sound compiling on zfs issue has been merged.
What an awesome video! I've always wanted to do something like this but could never quite figure it out on my own. You explain things very well and don't waste time on anything. Definitely subscribed.
Glad I could help!
Years of RDP to windows machines made me unaware that I could do multiple sessions to a Linux server. I just tried it and it works a charm with stock Ubuntu 20.04
Linux is inherently a multi-user system, Windows just restricts multi-user access for $$. The intro shot in the video has all 7 devices connected to the same server at the same time, and at that point I didn't want to dig out more hardware to test with.
Years of multi user work on linux and unix (48 tty's on a system with 12MB ram), I suddenly hit a concrete wall that was called the microsoft ecosphere.
Nothing was possible. Remote management, never heard of. It was decades of computing taken back.
Even at school I was working at a cloud of apollo domain computers, and I actually had no idea where my chip design emulation software was running on.
There was no real distinction between this system or that system.
And then the real world of DOS and WINDOS hit me in the face. Hoards of "system administrators" that called 340kB free on a dos system good maintenance.
Novell drivers that had bugs in opportunistic locking which lead to numerous database bugs. Novell fixed that, but the system administrators did not care to update their systems.
The main reason that Microsoft did not do remote working was of course licensing. The biggest interest of Microsoft was obliterating competitors with lawsuits or FUD and going after license violations.
It's only after windows 10 that I might see a change in Microsoft's behavior.
But the damage has been done, we have been kept back by Microsoft and their followers.
And followers are brutal. I had to report some people working at dell selling FUD to potential big customers (the company I worked for).
"Linux is a laughing stock"
"Serial port is dead, it's USB now"
Dell now runs linux on their BMC, and has serial port over IP and KVM over IP build in.
Sorry... rant because it hurts when you get hurdled into a microsoft fud wall.
@Rob If you can imagine any networked computing, it has already been done.
Including a virtual single system that exists of multiple computers consolidated into one (mosix), or just plain a single system partitioned into several.
If microsoft (or apple) announces a new feature, you can rest assured, it existed for over a decade.
So welcome to the open side ;-). Where the network is the computer. And the computer is the network.
@@apalrdsadventures At one client I set up a single server that served over 50 DOS Boxes using dosemu to thin clients over X11 doing 10% CPU, because the terminal server dies at 5 boxes taking up all CPU.
The dos boxes were needed for legacy administration software. And dosemu had a correct implementation of file locking.
Also there were about 60 netscape browser sessions served over X11 to thin clients with software on that same server serving software to the browsers. The system had about 2GB RAM. And it run circles around a special dell windows terminal server with 4GB ram which was used for "important" software like word.
It's hilariously sad what they do to RDP, otherwise a great thing... (thanks citrix software!) and microsoft locks it down. There are some ghetto hacks to get up shadow viewing and other stuff to make it more "multi user" but still not great
Nice job. RDP is an interesting choice, but it makes sense. Hadn't considered using that for a terminal server approach.
FYI, KER-ber-ohs (accent on the KER).
yeah, Kerberos is a ... fun topic to explore.
Yep, mispronouncing kerberos (ker-ber-ohs, as pointed out) and xubuntu (zoo-bun-too). Small thing, but meant to be constructive feedback.
Very informative and helpful video. I've avoided using RPD because it has a Microsoft taste to it but I guess I was handicapping myself unnecessarily. I'm now running RDP under Windows 7 to connect to a Debian 8 server (with xfce desktop) and it works really well. Much better than VNC with the same setup. Thanks for opening my eyes to this combination.
VNC can work too, but there are so many vendor-specific extensions that it's not always clear what server and client you should choose to get the specific options you want (i.e. h264), and the trademarks are owned by a company with a proprietary server/client (RealVNC) although the original protocol is open source.
Microsoft has published the protocol documentation for RDP, so it's not like xrdp is reverse engineering anything to make it work.
Thank you for this video. My work environment is similar and i've been fighting with xrdp to work. My issue is overlaying active directory and centrify rules as well to authenticate the session. Can't wait to go try some of your sessions such as TS users tieing to the AD group.
You're the second person to ask about AD! I'm not familiar with Centrify, but Canonical has a pretty thorough guide on adding Ubuntu to AD domains - ubuntu.com/engage/microsoft-active-directory
I don't do Windows server work, so I probably won't be able to test it myself / make a video about it.
Great video! If you're up for a challenge, I'd love to see a video about something like this but implemented with Wayland instead of X. As I understand it, Wayland itself isn't network transparent like X is, but I believe other projects like waypipe have since added that functionality.
Awesome it is exactly what I need for my Linux experiments. And your picture how windows works also awesome. Thanks a lot. Try to do it!
Glad you enjoyed it!
Excellent valuable and well-rounded presentation.
Thanks!
In some cases, your remote session may perform better than a local one. accessing a raspberry Pi may work better remotely, since your desktop may have better video horsepower than the pi you are remoting into. The new Pi 5 may change this, but that old gaming rig will still likely beat any Pi ever made. BTW there are options for remote access to a machine running Wayland, like those using the new version of PiOS.. You just need to run Wayland versions of the RDP or VNC software, rather than the Xwindows versions. Wayland is the new Linux display system, replacing the old and tired X11 system from the 90s, with thirty years of junk baked into it. Also Linux terminal services are not limited by license controls. as Microsoft stuff is.
I used to use xrpd about a decade ago to connect from windows to a linux host, but it was attached to a running X server, and the RDP desktop would not resize to match the client. I switched to xpra which lets me attach individual applications from a remote server to my local desktop, and it's much better for my use case. I've been using it through the pandemic to connect my laptop to my work pc and I have the ability to max out the memory usage on both systems (browsers, especially, can be greedy).
xpra is a bit of a different solution - you're sending individual applications, not whole desktops, so you basically need to be using a client that has a desktop to nest the remote applications with. That's great for desktop/laptop clients but doesn't work as well with tablets.
I run a handful of shared research server and went with x2go as I found that tunnelling everything an SSH tunnel a fairly simple procedure. Last time I tried XRDP it was kinda flaky and I found sessions would just disappear or they would remain active but XRDP was determined to spark up a new sessions. So I went with x2go at the time and have kinda just stuck to it (and retraining a bunch of users, I just don’t have time for)
It looks xrdp has improved somewhat since then however.
EDIT: I read in your other comments that iPad access was a must, so that absolutely makes sense using xrdp.
Yeah, I looked at x2go and xrdp. My personal use case is remote access, and being able to switch out the laptop with the iPad away from home. I haven't had any issues with xrdp doing weird things yet, thankfully.
This is fantastic! You have a new subscriber. 😊👍
Very good vedio, not only describing how but also explaining why.
Glad you liked it
I tried XRDP to access a remote PC. But the PC was old so I didn't like responsiveness. X2GO looked better and I chose it.
x2go works great if you don't need as wide of client compatibility. I really cared about the iPad client, so x2go isn't an option.
Anticipating the pandemic to shut down our in person instruction at our University I setup Xrdp across all of our non Windows computer labs in February 2019. I choose Xrdp vs NX because rdp was already supported natively for the Windows labs and (good) NX was licensed software. To create a system in which one hostname could be given for the each lab I used haproxy to load balance connections to the backend Xrdp servers with hash/stick on src, persis rdp-cookie and leastconn. Further I'm utilizing ucarp, which was depicted with Bullseye? but I'm using the rhel7 rpm to install it on Rocky Linux 8.5, to have a, open source, VVRP virtual IP float between two instances of our load balancers. I'm also having the two haproxy peer their state tables between them so if someone is disconnected the aforementioned persistence should bring them back to their lost Xrdp/Windows RDP session.
A couple months in to the pandemic we received funding for emergency equipment so I ordered our college 2 dual 128 core AMD Rome servers to augment our general use Proxmox virtualization platform and I virtualized our Xrdp instances. I decided to split Xrdp up into several, 20 per lab, VMs to avoid putting all our instructional eggs in the same basket instance.
To be sure when your first video came across my TH-cam feed I have been keeping tabs on your content. Your work is very much inline with what I've been dealing with to keep supporting the education of our students, for the most part you're making me happy with my decisions and I thank you for all your content thus far! Since what you're doing is nearly the same as what I've deployed I can verify that everything has been running relatively smoothly. It's coincidental that your thin client has been the gleam in my eye since the start of the pandemic.
One of our biggest plights is that electrical engineering have USB accessories, I haven't had them in hand but I assume either a breadboard, oscilloscope or software licensing chip that they want to do USB passthru with to our instances. Xrdp doesn't support USB devices beyond a very small subset and I don't think the code is enabled by default. Your thin client was wonders as I didn't know that the Spice console could do USB redirection. I setup an NX server and it worked "perfectly" but all logged into users share the USB space so there's no isolation. As a "mad scientist" I was considering the possibility of using udev to set the permissions of the USB devices to the logged in users but I think USB might require 1 student per VM.
Lastly I will say in addition to using haproxy for Xrdp/RDP above, I figured out how to load balance ssh in a sane way with similar techniques. For it I have a similar haproxy definition but on the ssh server side, I have a systemd script that loads sshd using uniform hostkeys on a seperate port that only allows connection from haproxy so that when haproxy forwards the user to the backend there is no hostkey security kerfuffle while maintaining independent hostkeys for ssh port 22.
Sorry for the stream of consciousness but with all the work you're doing I figured, maybe, I can offer back a lot of ideas to you for all the ideas and comfort you're giving me!
AFAIK the issue with USB passthrough in XRDP is really an issue with RDP, since Microsoft's implementation of device sharing puts the device driver on the client side (client speaks to USB device, RDP protocol forwards generic mass storage / webcam / printer / smart card reader / ..., not the raw USB). SPICE encapsulates USB over TLS (essentially raw), but it's much higher overhead than the terminal server approach since you're relying on a VM to run the user session.
I'm working on a new project involving multiseat (multiple physical users on a single physical computer, no virtualization), and systemd has features to bind USB devices to specific user sessions for physical users. It seems like it's mostly for devices which would be run through the X server though (keyboard / mouse / audio) and generic USB hardware like USB-serial devices would still be available to all users. xrdp users don't show up as systemd seats though, so udev rules to bind devices to seats wouldn't apply to them. Not sure how NX handles this.
I'm actually an electrical/computer engineer myself, so I'm very familiar with the struggles of USB lab equipment. I found that devices that natively work over Ethernet were usually a better experience to deal with. Almost all test equipment for sale now has LXI available either standard or as an option, and that's an Ethernet based protocol for lab equipment. Often they'll also have a web UI which may be very web 1.0 but completely works. I named all of the lab equipment, so their hostnames would end up in DNS, and they were pretty easy to use even as they moved around the lab. Unfortunately a lot of the devices that aren't lab equipment don't often support USB, like debuggers, USB-serial adapters, and processor boards. I don't really have a good solution to those, but at least the lab equipment half might be easy. Depending on your specific needs, trying to migrate the hardware to Ethernet and then making it easy to choose hardware devices from a remote session might be worthwhile. Feel free to reply or email me privately if you'd like to talk a bit more about this issue.
I appreciate the long comment, it's nice to know that this sort of content is useful and that people are actually deploying things like this. I don't work at a large enough scale to consider load balancing, but I'm glad I can help!
Try Nomachine, it is based on X (formerly nx) forwarding but also does HW based display encoding, resulting better bandwidth utiluzation, and much better refresh rates. Video playback is not a problem in this case.
Bro! You fucking knocked it out of the park!!! Best RDP on Linux video on the internet. (And I've been looking for _years_)
Thanks!
You should consider looking at the Linux Terminal Server Project (LTSP).
There are a number of negative side effects to the simple terminal server setup. Particularly resource contention and multimedia performance on busy server with no you acceleration.
LTSP is focused on netbooting clients though, not providing remote access. This is a solution to a different problem.
Resource contention can be handled with cgroups, and acceleration is still available via libva (but not opengl) for media decoding (although every user is sharing the same GPU). You'll always be limited by re-encoding multimedia for RDP anyway though, as you would be for any remote access protocol.
Best video about this subject so far. Thank you.
+1
Thanks!
I just discovered this in August 2024.
I have four HP T620 Thin clients that I want to use throughout my home for my wife and I, having all 4 connected to the same desktop, so my wife and I can just hop online wherever we are in the house.
Are there any updates, etc. I should know about in 2024 that weren't available when this video came out? :)
I had used xrdp for some time before eventually switching to VNC.
Xrdp has significant drawbacks, for example, it requires credentials every time. Also if you have logged on to the remote machine and forget to sign off, it will fail to connect.
However, VNC has problems too, so the final straw is performance. I can only say it is no more than terrible. Instead of a smooth experience provided by Windows RDP servers, xrdp is just laggy. When moving windows around, stripes can be seen clearly. At last, I gave up and turned to vncsever.
The final conclusion is that graphical environments are plainly not fit for Linux. I'd rather use ssh instead. If I really need to access graphical environments from remote, I'll definitely choose Windows.
Fantastic walk through mate. Exactly what I'veben chasing for a while now, after some time ago trying to get xen(?)/open source citrix server to do this with a vm as the hypervisored client image to have multi users use. but this is far cleaner and what i was ultimately looking for, well done!
This has less separation with a single system than using Xen (the hypervisor), but for most use cases this is sufficient
Really enjoying your videos. Thanks!
Glad you like them!
Great! Nice explanations, very helpful.
Great explainer of x11 forwarding vs xrdp vs vnc. Shared on reddit for greater reach. Unrelated question - whats the keyboard + trackpad combo you have on your desk ? 🙂
It's a GearHead Smart Touch II, but I've had it for around a decade now and it's pretty terrible quality really. It spent most of its life in the server closet.
Awesome video. Keep up the great work.
Glad you enjoyed it!
Absolutely brilliant!
Great video! Thanks you!
Glad you liked it!
Nice video! Thanks for creating!
Glad you enjoyed it!
Just learning, Linux... I love it please keep up the awesome work. Just Subed as well.
Linux is so incredibly versatile in what it can do and what it's good at. Thanks!
Yep I said it before, love your stuff.
Thanks!
Awesome video. Only question I have is if this works with Arch or Redhat based systems?
It looks like xrdp and xorgxrdp are in the Fedora / Centos repositories but not Arch. You'd still need to run with x11 instead of wayland, and by default Fedora/CentOS run Wayland.
@@apalrdsadventures Excellent, I can roll with Fedora. Thanks so much for the info...
Does the iOS RD app not have a toggle between pointer and touch like the Android version?
Also -- good video. To the point and doesn't waste anyone's time and is packed with good information about how the windowing system works.
Yes, that's an option on iOS as well
Great video, but is there a write-up to reference? I'm finding it hard to follow with all the awesome, but superfluous, information.
One thing that could stand some additional detail, is why you choose XFCE over Gnome other than the fact that gnome isn't really gnome on Ubuntu.
The blog post has the commands, most of them are about security but basically you can just "apt install xrdp" to get started with a basic setup without audio.
I chose XFCE over GNOME since it's a lighter weight desktop and I generally prefer it as a general default. Ubuntu GNOME also went to Wayland by default (although xorg is still installed and working), and Wayland doesn't support really any remote access properly yet.
very nice explanation! Thanks a lot.
Thx for the video. I am still curious for a proper VDI solution to have also the possibility to get some VMs at home with wireguard if I am on the road. I am just curious: Why this manual ways of installing / setup?
Wouldnt just a usb boot option with preinstalled packages make much more sense even to be not dependent from a local installed thinclient? Or make it a bootable PXE image?
And maybe enhance the Python Ui with a settings tab to not make the ini to be a forced actionpoint?
I can see some next steps by improve the Pythoon Logon to a "create an on demand VM" with the help of Terraform or/and packer for example... Nice content and the python projekt looks also a big step to a proper VDI UX :)
Thx
I'm working on a bootable image in the future, but it'll still be a somewhat manual setup to create the image.
I also didn't write the Python UI, although I'll definitely be working to improve it.
How do you like xrdp vs x2go etc, or haven't tried? rdp is probably much easier to setup.. since it doesn't really need much setup
I saw when you switched to the bravo user, their menu is different. Are the desktop environments using different themes for admin and non sudo users or something?
I chose xrdp over x2go specifically because the client for iPadOS was important to me, and RDP has clients available on a lot more OSes than x2go. I haven't tried x2go yet.
As to the bravo user desktop, it's actually a quirk in xubuntu's defaults. admin was the user created during install and the default configuration for that user uses the 'whisker menu' (a nice looking, searchable start menu), while the /etc/skel configuration (which is the template home directory copied for new users) has a simpler panel configuration with the more basic start menu. I prefer the whisker menu but the video was already long and talking about how to edit /etc/skel to customize the default user template was a bit of a lengthy topic when I went into it.
@@apalrdsadventures yea rdp definitely has a lot of clients. & I see thanks, yea kinda funny how their templates are.
Just a great tutorial. Any chance to combine this setup with network namespaces per user?
E.g. to allow 20 parallel users to use different vpn connections at the same time?
Thank you for this! Works great!
Glad you liked it!
Great video,
I followed this guide to add XRDP to my existing MXLinux media server, in hopes to ditch anydesk. Unfortunately upon connecting view windows RDP, I am only presented with a blank blue background and a cursor, I seem to be connected but maybe the wrong X Server? Currently using XFCE
That probably means the xrdp side is fine but sesman wasn't able to launch a new X server for the session (the two work together to maintain persistent sessions and such). I'm not sure what MXLinux would have changed over Debian.
@@apalrdsadventures thanks for your response! I ended up figuring it out, default was loading XORG, which I did not have the current version. After updating XORG and restarting XRDP all is well!
Good to hear!
You don't have to use Ubuntu. This can be done on virtually any Linux distro.
I set everything up according to your video and blog, my Windows 10 Remote Desktop app won't connect to the IP of my "server". (mope)
This is a great video!! Thanks so much!!
Thanks!
This is awesome thank you for this amazing content :)
Glad you enjoy it!
yeah I kind of moved away from RDP, I really need sound and video, gaming etc. Nomachine is good for typical desktop stuff, and Parsec I use for gaming.
Good video... It helps a lot. Good security tips, of which I used some of them already for my WSL2 installation.
- @4:15 - So xrdp does not natively have audio? Is there a different alternative? Please let us know if the developer fixes this. Thank You.
xrdp does have audio, but it must be compiled to the specific headers of the version of Pulseaudio on the system since it's implemented as a Pulseaudio module. If you're on Debian / Ubuntu the developer has a script which does this, but it bind mounts /home into a schroot container to do the build in-place on the local system. For ZFS (and NFS) home directories, /home is not the same mount point as /home/vdialpha for example, so the build fails.
He has already fixed it, but it hasn't been merged yet. The commands on my blog will pull down the updated script from his branch and apply it on top of master so it works. If you aren't using ZFS/NFS then you shouldn't have a problem with the default build script and it should work fine.
@@apalrdsadventures - Audio in xrdp natively is great news. Thank you for the excellent update. As they say in the U.K... Brilliant.
Wow, this is a lot smoother than my installation of xrdp from a mere year ago.... Wonder what changed?
Aside from audio, the xrdp package includes absolutely everything (on Ubuntu and family at least). Audio is a a bit more tricky, but on Debian/Ubuntu it's pretty simple too since the devs maintain a script to build it in place against the pulseaudio version on your system.
Were you using a desktop with Wayland? I'm using xubuntu which still uses x11, and I also tried Ubuntu Focal (20.04) without issues but AFAIK they switched GNOME Ubuntu from x11 to wayland for 21.04, but XFCE wasn't Wayland-ready yet.
@@apalrdsadventures I was using lxde if memory serves. Will have to try again, the most common problem I had was it not properly setting up the xsession and mysteriously dying after authentication...
Again with a great video, thanks!! I’ve tabbed your website and will be watching. I want to know the best way to connect to my proxmox VMs on other Linux (or mac) devices with the BEST connection - this video showed me one great way to doso- I think it’s better than vnc. Thanks much!!
Depending on what you want, xrdp, x2go, SPICE are all valid options (except SPICE client for Mac is a rough time). xrdp has by far the best client support, x2go in theory can potentially be faster although in reality it's unlikely to be any different, and SPICE lets you run unmodified VMs of any OS (which can be handy in Proxmox specifically).
@@apalrdsadventures Thx. Not hammering you, but I think a video on VPN usage would be awesome too!! Great job! “Using a proper remote-access VPN solution to your home/business or a cloud relay point is good seceuritt anyway, and I’d feel comfortable leaving RDP exposed to users within my private home/business network without further protection.”
@Dyeffson Dorsaint yes but there’s a difference in using a vpn service and routing your self hosted services thru one for security.
I do the same but the Q4OS that is based on debian and TDE plus the XPQ4 package, you can put a Windows interface to the terminals
The DE is mostly a personal preference, but for scalability to many users something that is lightweight and is less animation heavy (so less redrawing for RDP) is a good choice.
This is a great way to secure and distribute computing for a small group. Thank you. Question though: I've been using MS's RDP client for Android on my ChromeOS notebook to access my Win7 box. The video performance is deplorable - so awful, I never would have chosen it for an implementation as you suggest. Is there some trick that makes it work as well as desktop sharing apps like Splashtop?
So different protocols prioritize different things in their screen compression algorithm choices. Game streaming focused ones (i.e. Parsec) will go with hardware encoded h.264, which can be fast (because they are GPU accelerated) and support high framerates at the expense of visual quality.
RDP and most remote-desktop 'work' focused protocols do a multi-pass approach that determines which regions of the screen have changed, and then losslessly compress the data in the changed regions. This uses far less bandwidth (so it's feasible to run over the internet), and has lossless image quality (so there are never compression artifacts which can blur and distort fonts), but very computationally intensive if the screen image is constantly changing (like full screen video) and it will end up dropping the frame rate significantly to maintain full quality.
So basically the solutions that work with full screen video sacrifice image quality to do so, and may also rely on hardware acceleration which isn't possible on a multi-user terminal server. Up until the last few years it wasn't even feasible to run h.264 compression in real time with low latency, and RDP is compatible across a massive range of client and server OSes going pretty far back.
Love it!
Question: Can you cover and show how to run xpra(X Remote Persistent Applications) from either Linux or FreeBSD(or any BSD variant). I struggled for days to get it right and only had it running a single FreeBSD app like calculator only once, and after that struggled forever and just gave up.
I'll look into it. I have a lot of remote access and thin client projects in various states of working, so it probably won't be within the next few weeks.
Hello apalrd's, thank you for the interesting and helpful video, just to confirm, you are displaying the XFCE desktop on all the devices using some client application that leverages the XRDP protocol correct? I am wondering if today there is a way to install Linux on an iPhone, I know is possible on a Mac but I have a couple of old iPhones lying around e.g. iPhone 7 I don't use anymore since I changed to Pixel 6, and would like to test Linux on these. This is offtopic I believe but if you hang out on discord or telegram will be great to chat. Thank you again.
Yes, the desktop for all of the devices is running on the same server, and all of the clients are remotely connected.
AFAIK there's no alternate OSes for iPhones currently, but it's also not a fantastic experience to use a full desktop on such a small screen. The iPad was better.
@@apalrdsadventures Thank you for the prompt response, I am definitely interested in testing the individual light terminal services run from one fairly strong server, I am guessing that you can even go lighter with the applications to use, but again, I agree that XFCE is one of the lightest and nice Desktops UIs there is. Thank you again!
I've seen a video about a product for Windows that lets you have multiple users log into and use the same desktop with each user just having his own keyboard, mouse, and monitor plugged in. I'd like to see how to set that up in Linux.
It's called multiseat and you're in luck, I just started recording for a video on that. It's not necessarily a trivial setup though, depending on what hardware you have.
Great guide! Thank you!
Thanks!
Is there a way to get XRDP on linux to work like RDP works on Windows? I'd like to connect into my computer at home when I'm at work (and pick up where I left off), but when I try that use case in Debian Bookworm (X and KDE) it fails. Then after work, resume again where I left off at the console.
It does work like this, except for the local session. XRDP keeps active sessions around, but the local console on the physical system is separate from XRDP's pool of sessions. This is probably the quirk you're seeing.
@@apalrdsadventures So it doesn't work like Windows. On Windows I can switch from RDP to local session/console and it works perfectly. Do you know of a way to make Linux/Gnome/KDE work like Windows in this respect?
I love your energy
Thanks!
good video thanks. i bought a server a few years back to do this but using vnc or spice wasnt fast enough to watch videos. i was hoping it could serve as an upgrade to all my old laptops/android devices/projectors. i run a few vm and apache2 but im interested in allowing users of my website remote access to a shared vm . what would be the best way to do this so they can actually watch smooth video over internet within remote vm?
Are you asking about using RDP for this, or ways to secure RDP for remote access? There are a few different options.
Been running xrdp for years, and I have never had a problem with a user having a number at the end of their user name.
The issues I had were with logging in with the username/password passed in the RDP client. Sometimes it would give a login failure and kick me back to the login screen, then logging in via the xrdp login screen would be fine. If I didn't pass a username/password in the RDP client and start the session with no authentication, and then log in with the xrdp login screen, there were no issues.
I recommend you to remove xscreensaver, it may burn your cpu for disconnected sessions, if it's installed of course.
I believe the default user setting is to black the screen and power it off, which comes through on the remote session as just blacking the screen
@@apalrdsadventures maybe on unbuntu, but i had this problem once on debian setup using xfce4...
Probably different default configs then, not a huge surprise between Debian and Ubuntu. I do recall Debian having a screensaver when I was testing my thin cilents, and Ubuntu did not.
i've used xming a long time, but that was during transition, windows is not pleasant, i mostly use slackware for my main... not now as i moved and am still setting back up, but slackware is easier than windows, yet it makes many quiver.
Nice content, thanks for sharing.
Glad you enjoyed it!
excelente!!!!
I'm a Linux guy but I have to admit MS RDP is still king.
RDP the protocol is really well designed for remote access, and since Microsoft has published the protocol specs the Linux implementation is quite good
Can I use KDE on my terminal server? Or better Can I let the user log into the KDE, GNOME or XFCE based on there choice?
great video. i missed a section where we login using a linux terminal with just an xclient. is tat possible with xrdp? i remember old times doing this with thinclients. i wonder if there is a compatible way without setting up an ancient linux.
xrdp is going to stream an entire session. If you only want a single application to come to the client, then x11 forwarding or xpra is what you want instead.
Has anyone used the setup, but instead of using a workable desktop, when they sign in this will automatically start up a specific app? Like running them in a kiosk? What about local printers attached (USB). Look at some ways to make this like a THIN CLIENT to run an Azure Remote Desktop software (session)
Do you know if we create bookmarks and things on the server, if all users automatically get those bookmarks and things for themselves?
I have a problem, programs tend to be unable to display a GUI in administrator mode, a notable is when I do "sudo thunar" in mint20. It cannot display the window in the xrdp monitor because it apparently cannot find it. It has been a few months and I still cannot find a solution for that haha
It seems like that's unique to running graphical apps in sudo? Graphical apps which pop up authentication dialogs work fine.
TY but what is this really good for because almost all users non technical use Windows
It depends on what applications you need. If you have apps that run on Linux they are almost identical to their Windows builds, so running a system like this is a massive cost savings to doing the same with Windows Server and remote licensing.
Quality video subscribed
Thank you!
i am a teacher we have 40 computers i3 and core to duo , we have ibm server 3200x. I want to configure client client server system . Like student can login from any computers and get authorised from servaerand get his file on any computer . something like NIS NFS . Pls suggest which debian client server shall i use. I tried with ubuntu desktop 22.04 but it hangs a lot . Thank you
That's not how the did it back in my day! XDMCP for the win!
Yeah, I have one question, can you run XRDP without an actual graphics card on the system or a graphical X session running on a real GPU or Framebuffer? Basically I would want the X server to run *"locally"* on a virtual, displayless graphics driver and have it only be accessible via RDP, basically X GUI running exclusively via RDP and not needing or displaying anything locally. This is something I need as I want to have an X server running pretty much headless on the server itself. (Should also endup saving some RAM with this approach). I know we can do this wihout a "locally" active X GUI session on the system, I have successfully done this before tough at this time for some reason I am not being able to get this working without a local running GUI. Worse, some approaches are actually logging in a starting a local GUI session and keep the RDP session basically with a blank screen, not sure what the hell is causing this, I have pretty much followed the same approach to get the server running headless as on previous times I'd done this, though the results are definitely not the same. Any ideas what may be causing these two issues? Needing a local GUI session on a real GPU and in some situations only having the GUI properly displayed locally and the RDP session just showing a blank empty screen and the mouse cursor.
It should work without an actual graphical session on the physical system. I have not personally tested that setup, I let the graphical session run and ignore it.
xrdp spawns new X servers each time someone connects (and it keeps the X server running when they logout unless you use kill disconnected sessions), so the xrdp X servers are completely separate from the 'main' one and there is never a connection between the 'main' session (which would get bound to the GPU) and the xrdp ones.
As to the blank screen, I'd check the xrdp.log and sesman.log to see if maybe it's having some sort of error in launching the X session. It sounds like it's successfully connected but then is unable to launch an X server on the new connection.
@@apalrdsadventures The odd thing is that the exact same setup did work before (with an active local session though).
My goal is to have a virtual graphical interface locally, basically a dummy graphics output just to make the X server happy and then only use RDP for real output. This will need more work into, the logs weren't really useful. Need to find a dummy GPU driver or similar to test this further.
Can use SSH + an X client (like Xming) but that is somehow slow (my bonded ethernet link seems to cause isses with this one, though for the disk shares it really shines on multiuser access...)
xrdp should act as a 'dummy' graphics output for its own X sessions - xorgxrdp is the backend for the X server. I wonder if it's a system level thing, like the system thinks it's not fully booted until the X server is up and running (the old-ish 'run level' number, which indicated when you were in single user, multi user, and graphical stages of boot)
Thanks a lot for your tutorials.
Is there a way to achieve "retina" image quality for this kind thin graphical Linux client?
I've been using an iPad Pro 12.9" for RDP connection to my Windows 10 ( WSL2) machine and the fonts quality is quite amazing.
The blurry fonts I've seen so far in graphical remote Linux env cause eye strain and hardly suitable for full day gazing at.
I believe that's more a limitation of DPI scaling in Linux than the remote access protocol itself. On very small but high res displays it's running the remote session at a lower resolution and rescaling it at the client, if the server doesn't support high DPI scaling (W10 does, W7 does not afaik, xrdp does not).
xrdp currently has an issue open on Github, but part of the problem is that high DPI scaling isn't well supported on Linux in general, so many desktop environments will ignore the DPI field even if it's present in the X server. It's generally expected that you'd use their customization tools (like font size, etc.) rather than a single DPI scaler.
@@apalrdsadventures Thank you very much for your explanation.
Awesome video
Thanks!