Remote Desktop Protocol allows users to access remote systems desktop. The XRDP service provides you a graphical login to the remote machines using Microsoft RDP (​Remote Desktop Protocol). The XRDP also supports two-way clipboard transfer (text, bitmap, file), audio redirection, and drive redirection (mount local client drives on the remote machines).

XRDP is an easy-to-install and configurable service for Ubuntu systems. This post is going to show you the steps how you can get your Ubuntu desktop and xRDP installed on Oracle ARM based VM.

System Update and Add a new user

update system repositories
apt update -y

optional: apt upgrade -y

add a new user netsec which later you can use it to log in

adduser netsec

Enable Password Log In  (Optional)

By default, Oracle vm is using certificate to log in and password login has been disabled. 

nano /etc/ssh/sshd_config

comment the line

#PasswordAuthentication no

Make sure restart the sshd service to take the changes into effect.
service restart sshd

Install Desktop 

There are various desktop environments available in Ubuntu repositories that you can choose. One option is to install Gnome, which is the default desktop environment in Ubuntu 20.04. Another option is to install Xfce . It is a fast, stable, and lightweight desktop environment, which makes it ideal for usage on a remote server.

Run one of the commands below to install the desktop environment of your choice.

  • Install Gnome:

    sudo apt updatesudo apt install ubuntu-desktop
  • Install Xfce:

    sudo apt updatesudo apt install xubuntu-desktop

Depending on your system, downloading and installing GUI packages will take some time.

Install and Configure xRDP

Xrdp is incuded in the default Ubuntu repositories. To install it, run:

sudo apt install xrdp 

Once the installation is complete, the Xrdp service will automatically start. You can verify it by typing:

sudo systemctl status xrdp

Enable 3389 port on IPv4 interface. For somehow, the default configuration, port=3389, which will cause 3389 port running on inet6 interface. You can verify port running status from following two commands

  • apt install net-tools
  • netstat -na | grep 3389

To change the configuration, edit xrdp.ini file using following command:

sudo nano /etc/xrdp/xrdp.ini

Reboot the service to take the configuration change into effect. 

  • systemctl restart xrdp 

Allow Port 3389 from Oracle NSG (Network security group)

Don’t forget to add inbound rule into your network security group to allow tcp port 3389. 

Remove Built-in Firewall Rules – iptable

Even you have added 3389 port in Oracle NSG, if you are using Oracle’s Ubuntu image, you will still have connectivity issue to the port 3389 since built-in iptables will block the external connection. Testing from local will still work, but not from remote. 

You can log into your Ubuntu SSH terminal ,and use command “telnet localhost 3389” to verify port 3389 is listening the connection. But you wont be able to connect it from outside of this machine because of iptables.
Here is command to disable iptables. You might need to install netfilter-persitent using command first : “apt install netfilter-persistent -y”

sudo iptables -F
sudo netfilter-persistent save

Explanation:

  • iptables -F: Flush (remove all) iptables rules
  • netfilter-persistent save Save empty ruleset to disk so it 
Checking iptables rules using iptables -L or iptables –list command.
If the iptables ruleset is empty, it will look like this:

Default output is:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

MSTSC (RDP Client) Log in

Issues

I found another annoying thing which this desktop has no sound forwarding from remote to my local computer with RDP connection. 

All commands:

Here are all commands I have used to get xRDP working on Ubuntu ARM instance in Oracle cloud

[email protected]:~# history
    1  apt update -y
    2  adduser netsec
    3  apt install ubuntu-desktop -y && apt install xrdp -y
    4  systemctl status xrdp
    5  netstat -nat | grep 3389
    6  apt install net-tools
    7  netstat -nat | grep 3389
    8  nano /etc/xrdp/xrdp.ini
    9  systemctl restart xrdp
   10  netstat -nat | grep 3389
   11  telnet localhost 3389
   12  iptables -list
   13  iptables --L
   14  clear
   15  iptables -L
   16  iptables -F
   17  iptables -L
   18  netfilter-persistent save
   19  history
[email protected]:~#

Adding Sound Support

To make the configuration steps much simple, here is the a script which includes all commands you will need it to get sound working in xRDP environment. 

wget https://cdn.jsdelivr.net/gh/51sec/[email protected]/install_xrdp_audio.sh && bash install_xrdp_audio.sh

After the script running completed, you can RDP into environment again to try sound support. This time, you should be able to hear some sounds coming out from your local speakers. 

By Jon

Leave a Reply

%d bloggers like this: