Remote Desktop Access

Last modified by Aysegül Omus on 2026/05/13 16:57

You can access the BlackBox Workplace via xrdp and the Remote Desktop Protocols (RDP).

You just need an RDP client. Those are available for all usual operating systems. You can find a list below.

The client needs to be late enough to support certificate-based authentication and modern cipher suites. (ciphers AES+aRSA:AES+aECDH:AES+aECDSA)

Because of this, an SSH tunnel is not further needed.

Access Server

You can access the informatics workplace, as it is accessible in the RechnerHallen, via


lxhalle.cit.tum.de</blockquote>

To access the mathematics workplace, as it is available on the BlackBox systems, is accessible via

ssh.ma.tum.de

Fingerprints

Depending on your client, a visible certificate check is possible.

ZugangsserverFingerprint
lxhalle.in.tum.de4c:ee:c1:05:58:96:8f:8c:66:e6:42:5e:1a:b7:95:d2:c1:88:63:98
ssh.ma.tum.de80:79:07:56:2f:c6:0b:67:a0:62:a6:f5:93:a8:5f:ac:09:3e:2a:93

Session

After verifying the server, you must provide your username and password to establish a session with your account.

This can either happen after connecting or, if your client asks for it, before then.

Session restore

A session can be held alive even if you aren't connected.

To achieve this, use the xrdp-dis command or just close the window. Please do not try to log out through the menu (sometimes it's just a matter of closing it).

When you reconnect to your session, it will be revived. This can happen on a completely different computer, and the resolution of the connection window will also be adjusted accordingly.

Executing applications multiple times

You can run software multiple times, such as in different RDP sessions or when you are logged into your account and have an RDP session open. Be aware that not all applications support this. If you receive a notification that your application is already open, you need to close it in the other user session so you can reopen it in the desired session.

Know problematic software

  • Firefox
  • Thunderbird
  • Chromium
  • Vivaldi
  • LibreOffice

Those - and other - applications warn you if you want to open them multiple times as the same user. These warnings can be correct(if you have multiple sessions open) but can also be the result of an incomplete shutdown of the program. Some software also offers to clean up the program folders so the program can be started again.

Care: This can result in severe data loss if the application is running!!

For Firefox and Thunderbird, you can execute the scripts. Those who clean up the locks that prohibit them from running multiple times.

Troubleshooting

thinclinet_drives

Occasionally, the File Manager can show an error message when you try to find the home directory: Failed to open directory ... thinclient_drives: Transport endpoint is not connected

This could happen when you have connected and disconnected the XRDp Server too often and do not release the directory thinclient_drives correctly. This Error could be fixed by giving the following command in the terminal:

$ fusermount -u ~/thinclient_drives

The directory thinclient_drives will be used as a file- and clipboard share with the local computer (which is supported by the RDP client).

The directory thinclient_drives also needs to be accessible to everyone, so execution rights need to be granted to unmount it. Please note this when the home directory is protected. This could be why the error message first occurred.

Immediately log out of the application

If your application terminates immediately despite the correct password, you can log in to the remote desktop Server via SSH and manually terminate the Session with killall Xorg.

$ ssh <Remote Desktop Server>

---

<remote Desktop Server>$ killall Xorg

Safety measures

The RDP server authenticates itself to the client using a certificate.

Care:

Notifications about an errand certificate should never be ignored. Check the fingerprint (look above)!

For access only, TLSv1.1 and TLSv1.2 with the following ciphers are allowed:

openssl ciphers AES+aRSA:AES+aECDH:AES+aECDSA

Be sure the version of your RDP client supports those.

RDP Clients

macOS

Microsoft Remote Desktop

 Version 10 doesn't show fonts in the login window. Not further problematic since it does need your account data in the config. The login window only shows if your data is wrong. You can also use the login without fonts. No other problems are known.

Linux

KRDC

  • Vinagre
  • Remmina (Installed on the BlackBox)
  • For best performance, configure RemoteFX (32 bpp) as the color depth.

Windows

The RDP client is preinstalled on Windows. Just search for Remote Desktop connection or Remote Desktop Verbindung