TLS Encryption for XRDP on Linux

Photo by Towfiqu barbhuiya on Unsplash

TLS Encryption for XRDP on Linux

Karthick D's photo
Karthick D
Β·

2 min read

XRDP β€” Login Screen

What is XRDP?

Remote Desktop Protocol (RDP) is a widely used protocol that allows users to connect to a remote server or desktop environment. XRDP is an open-source implementation of RDP for Linux-based systems like Ubuntu and CentOS. While XRDP provides convenient remote access, it is essential to prioritize security to protect sensitive data and prevent unauthorized access. One effective way to achieve this is by implementing SSL/TLS encryption to secure XRDP connections. In this blog, we’ll explore the process of setting up SSL/TLS encryption for XRDP on Ubuntu and CentOS, enhancing the overall security of your remote desktop environment.

In this blog we will look into how to Secure XRDP on Ubuntu/CentOS with SSL/TLS Encryption and how to install XRDP on Linux machines.

Requirements:

  1. Xrdp

  2. Openssl

  3. SSL Certificate ( .cert , .key )

How to install XRDP ?

For Ubuntu /Debian based

sudo apt update -y 
sudo apt install xrdp openssl -y

For Centos/ Red hat/ Rocky

sudo yum update -y
sudo yum install xrdp openssl -y

Secure Your XRDP:

Copy your cert and key file to the /etc/xrdp/

Change the permission to the cert and key file

sudo chmod 600 /etc/xrdp/example.key
sudo chmod 600 /etc/xrdp/example.crt

Note: Generate Self Signed SSL Certificate Key checkout here

Edit the config file of XRDP

(Use your own comfortable editor like, nano)

Here modify the setting like below in [Globals]

vim /etc/xrdp/xrdp.ini  
[Globals]

tls_ciphers=HIGH # set to high
ssl_protocols=TLSv1.2,TLSv1.3
key_file=/etc/xrdp/example.key # add your SSL key path
certificate=/etc/xrdp/example.crt # add your SSL crt path
crypt_level=high # set to High
security_layer=rdp,tls # You can use tls,rdp or tls

Save the config.

Enable and Restart the XRDP services

sudo systemctl enable xrdp
sudo systemctl restart xrdp 
sudo systemctl status xrdp

Connect your system by using RDP clients:

(RDP default port 3389)

For Windows Connect via Remote Desktop connection

For Linux Connect via Remmina

Ubuntu Cinnamon Desktop

Thanks for the time!

Follow for more ! Karthick D

πŸ‘Like and share βœ…

Follow for More πŸ‘‰
Medium β€” https://karthidkk123.medium.com/
Linked In β€” https://www.linkedin.com/in/karthick-dkk/
Instagram β€” https://www.instagram.com/karthick_dkk_dk/

XRPLinuxDevopsSecurityTLSUbuntucentosSSL
Β