Linux Kamarada

Remote Desktop Connection to Windows from Linux using RDP clients

Have you ever used the Windows app Remote Desktop Connection? This app, included in all Windows installations, allows you to remotely access another Windows PC or a server with Windows Server. For this purpose, it employs the Remote Desktop Protocol (RDP).

Organizations can install applications on a central server instead of various computers. To use those applications, employees must remotely access that server. Such centralization can make maintenance and troubleshooting easier. This technology was formerly known as Terminal Services (TS). Currently, web systems are more common. But, in some scenarios, Windows remote apps are still needed.

In those scenarios, Linux users can remotely access Windows computers and servers from their favorite system using an RDP client.

There are a few RDP clients available for Linux and we are going to talk about them today:

  1. Remmina
  2. FreeRDP
  3. rdesktop
  4. Vinagre

You can choose the one you like best or the one that best suits your needs.

Out of curiosity, FreeRDP is both an app and a library, which provides reusable features for other apps. Except for rdesktop, all of the other clients above use the FreeRDP library.

Enabling remote desktop on Windows

First of all, you must set up the computer you want to connect to so it allows remote connections. On the Windows machine you want to connect to, logged on with an administrator account, open the Start menu and click Settings. To do that, on the window that appears, open the System category, and then Remote Desktop. Finally, enable it:

Note that you can’t connect to computers running a Windows Home edition (for instance, Windows 10 Home). This screen informs you, if that is the case:

Your Home edition of Windows 10 doesn't support Remote Desktop.

Your Home edition of Windows 10 doesn't support Remote Desktop.

Source of the image: Digital Citizen

If you want more information about remote desktop on Windows, take a look at:

Remmina

Remmina is a remote desktop client that supports many remote access protocols such as RDP, VNC, NX, XDMCP and SSH. It aims to be useful for system administrators and travellers, who need to work with lots of remote desktops and/or servers. Remmina is included in the Ubuntu Linux distribution and is its default remote desktop client.

To install Remmina on Linux Kamarada and openSUSE, run:

1
# zypper in remmina remmina-plugin-rdp

Once installed, to start Remmina, if you use the GNOME desktop environment, open the Activities menu, on the top-left screen corner, type remmina and click its icon:

To quickly start a remote access, select the RDP protocol, type the hostname or IP address of the computer you want to connect to (e.g. 10.0.0.251) and hit Enter:

If it’s the first time you connect to this computer, Remmina asks whether to trust its certificate, click Yes:

On the next screen, enter your User name and Password on the remote computer. Also inform the Domain, if necessary. Optionally, you can choose to Save password. Click OK:

You will see the remote computer’s desktop in the Remmina window:

From now on, you are using that computer, but remotely, without sitting in front of it. Each clicking and typing is sent to be processed on the remote computer.

If the remote computer is a Windows desktop, its screen is locked during remote access.

If you are going to access this computer often, consider saving the connection settings, so that remote access can be easily initiated. To do this, click the Create a new connection profile button on the top-left corner of the Remmina main window:

On the next screen, give a Name to identify the connection, select RDP in the Protocol field and enter the connection settings: Server, User name, User password and Domain (if necessary). When you’re finished, click Save:

After that, the connection becomes listed on the Remmina main window:

When you want to remotely access that computer, just double-click it on the list.

FreeRDP

FreeRDP is a free implementation of the Remote Desktop Protocol following the Microsoft Open Specifications. This implementation provides both the client and the server applications as well as a library, which allows other applications to use the RDP protocol. Today, we are interested in the FreeRDP client application.

To install the FreeRDP client on Linux Kamarada and openSUSE, run:

1
# zypper in freerdp

The FreeRDP client does not have a main screen like Remmina. To start a remote access using the FreeRDP client, run this command from a terminal:

1
$ xfreerdp /v:hostname_or_ip_address /u:username

Making the appropriate substitutions. For example:

1
$ xfreerdp /v:10.0.0.251 /u:Kamarada

If you need to inform the computer’s domain, use the /d parameter:

1
$ xfreerdp /v:hostname_or_ip_address /d:domain /u:username

If it’s the first time you connect to this computer, the FreeRDP client asks whether to trust its certificate:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
[18:10:18:588] [3213:3214] [INFO][com.freerdp.client.common.cmdline] - loading channelEx cliprdr
[18:10:18:604] [3213:3214] [INFO][com.freerdp.crypto] - creating directory /home/linux/.config/freerdp
[18:10:18:604] [3213:3214] [INFO][com.freerdp.crypto] - creating directory [/home/linux/.config/freerdp/certs]
[18:10:18:604] [3213:3214] [INFO][com.freerdp.crypto] - created directory [/home/linux/.config/freerdp/server]
[18:10:18:613] [3213:3214] [ERROR][com.freerdp.crypto] - @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
[18:10:18:613] [3213:3214] [ERROR][com.freerdp.crypto] - @           WARNING: CERTIFICATE NAME MISMATCH!           @
[18:10:18:613] [3213:3214] [ERROR][com.freerdp.crypto] - @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
[18:10:18:613] [3213:3214] [ERROR][com.freerdp.crypto] - The hostname used for this connection (10.0.0.251:3389)
[18:10:18:613] [3213:3214] [ERROR][com.freerdp.crypto] - does not match the name given in the certificate:
[18:10:18:613] [3213:3214] [ERROR][com.freerdp.crypto] - Common Name (CN):
[18:10:18:613] [3213:3214] [ERROR][com.freerdp.crypto] - 	WinDev2003Eval
[18:10:18:613] [3213:3214] [ERROR][com.freerdp.crypto] - A valid certificate for the wrong name should NOT be trusted!
Certificate details:
	Subject: CN = WinDev2003Eval
	Issuer: CN = WinDev2003Eval
	Thumbprint: 23:7e:de:bc:85:d7:13:f3:e5:ce:e2:56:58:93:7d:f7:db:d1:bd:85
The above X.509 certificate could not be verified, possibly because you do not have
the CA certificate in your certificate store, or the certificate has expired.
Please look at the OpenSSL documentation on how to add a private CA to the store.
Do you trust the above certificate? (Y/T/N)

Type Y (yes) and hit Enter. Then type your user password on the remote computer and hit Enter:

1
2
3
4
5
Do you trust the above certificate? (Y/T/N) Y
Password:
[18:11:31:595] [3213:3214] [INFO][com.freerdp.gdi] - Local framebuffer format  PIXEL_FORMAT_BGRX32
[18:11:31:596] [3213:3214] [INFO][com.freerdp.gdi] - Remote framebuffer format PIXEL_FORMAT_RGB16
[18:11:32:782] [3213:3214] [INFO][com.winpr.clipboard] - initialized POSIX local file subsystem

After that, the remote desktop connection is initiated:

If you have ever started the remote desktop connection on Windows by the Command Prompt (using the mstsc command), you may have noticed that the FreeRDP client uses the same command syntax. It was implemented that way on purpose, to keep compatibility.

If you are a curious person and want to check it out by yourself:

  • on Windows, run:
1
> mstsc /?
  • on Linux, run:
1
$ xfreerdp /?

rdesktop

rdesktop was the first RDP client for Linux and, for many years, it was the most used. But since November 2019, the project is looking for a new maintainer.

In contrast, FreeRDP was born in 2009 as a fork of rdesktop, when Microsoft decided to open the RDP specifications. As time passed and the FreeRDP project evolved, it became the standard RDP client on systems where no native Microsoft client is available.

I present rdesktop here for information purposes only. Unless you have a good reason to use it, you are advised to use one of the other RDP clients, based on FreeRDP.

To install rdesktop on Linux Kamarada and openSUSE, run:

1
# zypper in rdesktop

Then, to start a remote access using rdesktop, invoke it from a terminal followed by the hostname or IP address of the computer you want to connect to. For example:

1
$ rdesktop 10.0.0.251

In the past, that would suffice and rdesktop would just work. But now we face a problem that comes from the lack of proper maintenance and updates:

1
2
3
Autoselected keyboard map en-us
ERROR: CredSSP: Initialize failed, do you have correct kerberos tgt initialized ?
Failed to connect, CredSSP required by server.

At some point, Microsoft released an Windows update that has since made the use of Network Level Authentication (NLA) required by default. FreeRDP does support NLA, while rdesktop does not. You can still use rdesktop for remote access, as long as you disable NLA on the computer you want to connect to. Note that this makes the connection less secure.

To disable NLA on the Windows machine you want to connect to, logged on with an administrator account, open the Control Panel, open the System and Security category, then click the System icon. On the next screen, click the Remote settings link by the left. On the dialog box that appears, select the Remote tab. Finally, disable the option Allow connections only from computers running Remote Desktop with Network Level Authentication and click OK:

With NLA disabled, back to the Linux computer that will start the remote access, try again:

1
$ rdesktop 10.0.0.251

This time, rdesktop will work. A window presents the Windows logon screen. Enter your username and password and press Enter to start the remote access:

If you want more information about that rdesktop bug, see:

Vinagre

Vinagre is the default remote desktop client for the GNOME desktop. That’s why it is also the default remote desktop client for Linux Kamarada 15.1, the current stable release. Like Remmina, it supports some connection protocols: SSH, RDP, SPICE and VNC. However, like rdesktop, Vinagre is unmaintained for some time now.

When trying a RDP access, Vinagre only displays a black screen, as I reported on the openSUSE mailing list some time ago:

On some distributions, like Debian, Vinagre works. I believe that those distributions applied some patch to Vinagre.

Probably, the next Linux Kamarada release will come with Remmina instead of Vinagre, following the Ubuntu Linux distribution.

Because of that, I present Vinagre here just for information purposes as well.

Vinagre comes already installed by default on Linux Kamarada and openSUSE, if you chose the GNOME desktop, but if you need or want to install it, you can do this by running:

1
# zypper in vinagre

To start Vinagre, which appears as Remote Desktop Viewer on the applications list, open the Activities menu, on the top-left screen corner, type remote or vinagre and click the corresponding icon:

On the Vinagre main screen, click Connect:

Fill in the next screen fields with the connection settings:

  • on the Protocol field, select RDP;
  • on the Host field, enter the hostname or IP address of the computer to connect to;
  • enter your Username on the remote computer; and
  • enter the Domain, if necessary.

When you are finished, click Connect.

If it’s the first time you connect to this computer, Vinagre asks whether to trust its certificate:

Tell it to do so by clicking Connect.

Enter your Password, optionally enable Remember this credential and click Authenticate:

At this point, you should see the remote computer’s desktop. You can notice it has its screen locked (as it normally does during RDP accesses). But, as I said, Vinagre only displays a black screen:

Like Remmina, Vinagre allows you to memorize the connection settings, to easily connect to the same computer again in the future. To do this, during the remote access, open the Bookmarks menu and click Add Bookmark.

After you created the bookmark, it will now be listed on the Bookmarks menu. When you want to remotely access this computer again, just open this menu and click the bookmark.

References

Since it’s not possible to remotely access computers running Windows 10 Home, to write this how-to I used a VirtualBox virtual machine with a Windows 10 Enterprise evaluation version legally downloaded from:

Would you buy me a coffee?
If you really liked it, if it was really helpful for you, is it worth a coffee? If you want, you can "buy me a coffee" with PayPal or contribute to the project in other ways.

Comments

About

The Linux Kamarada Project aims to spread and promote Linux as a robust, secure, versatile and easy to use operating system, suitable for everyday use be at home, at work or on the server. The project focuses mainly on distribution and documentation.

Ads

Facebook

Author