How to Install Xrdp Server (Remote Desktop) on CentOS 8

Posted 

4 min read

Xrdp is an open-source implementation of the Microsoft Remote Desktop Protocol (RDP) that allows you to graphically control a remote system. With RDP, you can log in to the remote machine and create a real desktop session the same as if you had logged in to a local machine.

This tutorial explains how to install and configure Xrdp server on CentOS 8.

If you prefer an open-source alternative, check out VNC.

Installing Desktop Environment

Generally, Linux servers don’t have a desktop environment installed. If the machine you want to connect to doesn’t have GUI, the first step is to install it. Otherwise, skip this step.

Gnome is the default desktop environment in CentOS 8. To install Gnome on your remote machine, run the following command

sudo dnf groupinstall "Server with GUI"

Depending on your system, downloading and installing the Gnome packages and dependencies may take some time.

Installing Xrdp

Xrdp package is included in the standard CentOS 8 repositories. To install it, run:

sudo dnf install xrdp 

When the installation process is complete, start the Xrdp service and enable it at boot:

sudo systemctl enable xrdp --now

You can verify that Xrdp is running by typing:

sudo systemctl status xrdp

The output will look something like this:

● xrdp.service - xrdp daemon
   Loaded: loaded (/usr/lib/systemd/system/xrdp.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2020-02-02 18:30:43 UTC; 11s ago
  ...

Configuring Xrdp

Xrdp configuration files are located in the /etc/xrdp directory. For regular Xrdp connections, you only need to set Xrdp to use Gnome. To do so open the following file in your text editor:

sudo nano /etc/xrdp/xrdp.ini

Add the following line at the end of the file:

/etc/xrdp/xrdp.ini
exec gnome-session

Save the file and restart the Xrdp service:

sudo systemctl restart xrdp

Configuring Firewall

By default, Xrdp listens on port 3389 on all interfaces. If you run a firewall on your CentOS machine (which you should always do), you’ll need to add a rule to allow traffic on the Xrdp port.

Typically you would want to allow access to the Xrdp server only from a specific IP address or IP range. For example, to allow connections only from the 192.168.1.0/24 range, enter the following command:

sudo firewall-cmd --new-zone=xrdp --permanentsudo firewall-cmd --zone=xrdp --add-port=3389/tcp --permanentsudo firewall-cmd --zone=xrdp --add-source=192.168.1.0/24 --permanentsudo firewall-cmd --reload

To allow traffic to port 3389 from anywhere use the commands below. Allowing access from anywhere is highly discouraged for security reasons.

sudo firewall-cmd --add-port=3389/tcp --permanentsudo firewall-cmd --reload

For increased security, you may consider setting up Xrdp to listen only on localhost and creating an SSH tunnel that securely forwards traffic from your local machine on port 3389 to the server on the same port.

Another secure option is to install OpenVPN and connect to the Xrdp server trough the private network.

Connecting to the Xrdp Server

Now that the Xrdp server is configured, it is time to open your local Xrdp client and connect to the remote CentOS 8 system.

Windows users can use the default RDP client. Type “remote” in the Windows search bar and click on “Remote Desktop Connection”. This will open up the RDP client. In the “Computer” field, type the remote server IP address and click “Connect”.

On the login screen, enter your username and password and click “OK”.

Once logged in, you should see the default Gnome desktop. It should look something like this:

You can now start interacting with the remote desktop from your local machine using your keyboard and mouse.

If you are using macOS, you can install the Microsoft Remote Desktop application from the Mac App Store. Linux users can use an RDP client such as Remmina or Vinagre.

Conclusion

Installing an Xrdp server allows you to manage your CentOS 8 server from your local desktop machine through an easy to use graphic interface.

If you have questions, feel free to leave a comment below.