How to Install and Configure XRDP on a Debian 11 Desktop Environment

If you have a Debian 11 server with Desktop Environment and want to remotely access it, this article will show you how to step by step.

Xrdp is an open-source implementation of the Microsoft Remote Desktop Protocol (RDP) that allows you to control a remote system graphically. With RDP, you can log in to the remote machine and create a real desktop session the same as if you had logged in to a local machine.

Prerequisites

We expect that you already have a Desktop Environment setup on your Debian server. If not, you can follow our guide on how to install Desktop Environment for this.

Should have root access to the server to perform the below steps.

Install XRDP

Let us install XRDP with the below command,

apt install xrdp 

Check the status of XRDP using the following systemctl command.

systemctl status xrdp

Output:

[email protected]:~# systemctl status xrdp
● xrdp.service - xrdp daemon
 Loaded: loaded (/lib/systemd/system/xrdp.service; ena>
 Active: active (running) since Tue 2021-08-10 11:04:4>
   Docs: man:xrdp(8)
         man:xrdp.ini(5)

Xrdp uses the /etc/ssl/private/ssl-cert-snakeoil.key default file which is readable only by users that are members of the “ssl-cert” group.

Run the following command to add the xrdp user to the group :

adduser xrdp ssl-cert

Output:

[email protected]:~# adduser xrdp ssl-cert
Adding user `xrdp' to group `ssl-cert' ...
Adding user xrdp to group ssl-cert
Done.

The XRDP configuration files are stored in the /etc/xrdp directory. Xrdp will use the default X Window desktop, which in this case, is XFCE.

Before you make any changes to the configuration file you need to restart the Xrdp service.

systemctl restart xrdp

Configuring Firewall

By default, Xrdp listens on port 3389 on all interfaces. you’ll need to add a rule that will enable traffic on the Xrdp port.

To allow access to the Xrdp server from a specific IP address or IP range, Run the following command.

ufw allow from server_ip_addr to any port 3389

If you want to allow access from anywhere, run the following command

ufw allow 3389

Connecting to the Xrdp Server

Now that you have set up your Xrdp server, it is time to open your Xrdp client and connect to the server.

This will open up the RDP client. In the “Computer” field, enter the remote server IP address and click “Connect”.

images

On the login screen, enter your username and password and click “OK”.

images

Once logged in, you should see the default Xfce desktop. It should look like this

images

Done.