Remote Desktop Protocol allows users to access remote systems desktops. The XRDP service provides you with a graphical login to the remote machines using Microsoft RDP (Remote Desktop Protocol). The XRDP also supports two-way clipboard transfer (text, bitmap, file), audio redirection, and drive redirection (local mount client drives on remote machines).
XRDP is an easy-to-install and configurable service for Ubuntu systems. This post is going to show you the steps on how you can get your Ubuntu desktop and xRDP installed on Oracle ARM-based VM.
System Update and New User
apt update -yAdd a new user netsec which later you can use to log in
adduser netsecEnable Password Log In (Optional)
By default, Oracle VM is using the certificate to log in and password login has been disabled. Therefore we can enable the root login instead of the certificate.
nano /etc/ssh/sshd_configOnce opened the file on an editor, update the following lines
# PermitRootLogin prohibit-password
# PasswordAuthentication noto
PermitRootLogin yes
PasswordAuthentication yesOnce the changes are updated, restart the ssh service to changes take effect.
systemctl restart sshdInstall Desktop
There are various desktop environments available in Ubuntu repositories that you can choose. One option is to install Gnome, which is the default desktop environment in Ubuntu 20.04. Another option is to install Xfce. It is a fast, stable, and lightweight desktop environment, which makes it ideal for usage on a remote server.
Run one of the commands below to install the desktop environment.
apt install ubuntu-desktop -yInstall and Configure xRDP
Xrdp has been included in the default Ubuntu repositories. To install it, run the following:
apt install xrdp -yOnce the installation is complete, the Xrdp service will automatically start. You can verify it by typing:
systemctl status xrdpEnable 3389 port on IPv4 interface. Somehow, the default configuration, port=3389, which will cause the 3389 port to run on the inet6 interface. You can verify the port running status by following two commands.
apt install net-tools
netstat -na | grep 3389To change the configuration, edit the xrdp.ini file using the following command:
sudo nano /etc/xrdp/xrdp.iniAnd change the port value
port=tcp://:3389Reboot the service to take the configuration change into effect.
systemctl restart xrdpAllow Port 3389 from the Oracle Network security group
Don’t forget to add an inbound rule into your network security group to allow TCP port 3389 or the port you have changed to.
Remove Built-in Firewall Rules – iptable
Even if you have added the 3389 port in Oracle NSG, if you are using Oracle’s Ubuntu image, you will still have connectivity issues with port 3389 since built-in iptables will block the external connection. Testing from locally will still work, but not remotely.
You can log into your Ubuntu SSH terminal, and use the command “telnet localhost 3389” to verify port 3389 is listening to the connection. But you won’t be able to connect it from outside of this machine because of iptables.
Here is the command to disable iptables. You might need to install Netfilter-persistent using the command first:
apt install netfilter-persistent -ysudo iptables -F
sudo netfilter-persistent saveiptables -F: Flush (remove all) iptables rules and netfilter-persistent save Save empty ruleset to disk so it.
Checking iptables rules using iptables -L or iptables –list command. If the iptables ruleset is empty, it will look like this:
The default output is:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destinationAdding Sound Support
To make the configuration steps much simple, here is the script which includes all commands you will need to get sound working in the xRDP environment.
wget https://cdn.jsdelivr.net/gh/51sec/xrdp4arm@main/install_xrdp_audio.sh && bash install_xrdp_audio.shAfter the script running is completed, you can RDP into the environment again to try sound support. This time, you should be able to hear some sounds coming out from your local speakers.