Wiki source code of Remote Desktop Zugang
Last modified by Aysegül Omus on 2024/05/14 12:33
Hide last authors
| author | version | line-number | content |
|---|---|---|---|
 |
1.1 | 1 | {{toc/}} |
| 2 | |||
| |
15.1 | 3 | You can access the BlackBox Workplace via xrdp and the Remote Desktop Protocols (RDP). |
| |
1.1 | 4 | |
| |
15.1 | 5 | You just need a RDP client. Those are available for all usual operating systems. You can find a list down below. |
| |
1.1 | 6 | |
| |
15.1 | 7 | The client needs to be late enough to support certificate-based authentification and modern cipher suites. (##ciphers AES+aRSA:AES+aECDH:AES+aECDSA##) |
| |
1.1 | 8 | |
| |
15.1 | 9 | Because of this a ssh tunnel is not further needed. |
| |
1.1 | 10 | |
| |
15.1 | 11 | = Access Server = |
| |
11.1 | 12 | |
| |
15.1 | 13 | You can access the informatic workplace, as it is accessible in the RechnerHallen, via |
| 14 | |||
| |
14.1 | 15 | {{code}} |
| 16 | |||
| |
15.1 | 17 | lxhalle.in.tum.de</blockquote> |
| |
8.1 | 18 | {{/code}} |
| |
7.1 | 19 | |
| |
15.1 | 20 | To access the mathematics workplace, as it is available on the BlackBox systems, is accessible via |
| |
1.1 | 21 | |
| |
8.1 | 22 | {{code}} |
| 23 | ssh.ma.tum.de | ||
| 24 | {{/code}} | ||
| |
1.1 | 25 | |
| |
8.1 | 26 | == Fingerprints == |
| |
1.1 | 27 | |
| |
15.1 | 28 | Depending on your client a visible certificate check is possible. |
| |
6.1 | 29 | |
| |
8.1 | 30 | |=Zugangsserver|=Fingerprint |
| |
15.1 | 31 | |lxhalle.in.tum.de|{{code language="none"}}4c:ee:c1:05:58:96:8f:8c:66:e6:42:5e:1a:b7:95:d2:c1:88:63:98{{/code}} |
| |
8.1 | 32 | |ssh.ma.tum.de|{{code language="none"}}80:79:07:56:2f:c6:0b:67:a0:62:a6:f5:93:a8:5f:ac:09:3e:2a:93{{/code}} |
| |
1.1 | 33 | |
| |
8.1 | 34 | = Session = |
| |
1.1 | 35 | |
| |
15.1 | 36 | After verification of the server, you have to provide your username and password to establish a session with your account. |
| |
1.1 | 37 | |
| |
15.1 | 38 | This can either happen after connecting or if your client asks for it before that. |
| |
1.1 | 39 | |
| |
15.1 | 40 | == Session restore == |
| |
1.1 | 41 | |
| |
15.1 | 42 | A session can be held alive even if you aren't connected. |
| |
1.1 | 43 | |
| |
15.1 | 44 | To achieve this use the xrdp-dis command or just close the window, please do not try to log out through menu {{html wiki="true"}}<span > Apllication -> logout</span>{{/html}} (Sometimes it's just closing it). |
| |
1.1 | 45 | |
| |
15.1 | 46 | When you reconnect to your session it will be revived. This can happen from a completely different computer and also the resolution of the connection window will be adjusted. |
| |
1.1 | 47 | |
| |
15.1 | 48 | = Executing applications multiple times = |
| |
1.1 | 49 | |
| |
15.1 | 50 | You can execute software multiple times, like in different rdp sessions or if you are logged into your account directly and have a rdp session open. Be aware that not all applications support this. If you receive a notification that your application is already open you need to close it in the other user session so you can reopen it in the wanted session. |
| |
1.1 | 51 | |
| |
15.1 | 52 | == Know problematic software == |
| |
6.1 | 53 | |
| |
15.1 | 54 | * Firefox |
| |
1.1 | 55 | * Thunderbird |
| 56 | * Chromium | ||
| 57 | * Vivaldi | ||
| |
7.1 | 58 | * LibreOffice |
| |
8.1 | 59 | |
| |
15.1 | 60 | Those - and other - applications warn you if you want to open them multiple times as the same user. These warnings can be correct(if you have multiple sessions open) but can also be the result of a incomplete shutdown of the program. Some software also offers to clean up the program folders so the program can be started again. |
| |
1.1 | 61 | |
| |
15.1 | 62 | Care: This can result to severe loss of data if the application is running!! |
| |
1.1 | 63 | |
| |
15.1 | 64 | For Firefox and Thunderbird you can execute the scripts {{code}}repair_firefox.sh{{/code}} and {{code}}repair_thunderbrid.sh{{/code}}. Those clean up the locks that prohibit these to run multiple times. |
| |
1.1 | 65 | |
| |
15.1 | 66 | = Troubleshooting = |
| |
1.1 | 67 | |
| |
15.1 | 68 | == thinclinet_drives == |
| |
1.1 | 69 | |
| |
15.1 | 70 | Occasionally the Filemanager can show an error message when you try to find the home directory: {{code language="none"}}Failed to open directory ... thinclient_drives: Transport endpoint is not connected{{/code}} |
| |
1.1 | 71 | |
| |
15.1 | 72 | This could happen when you have connected and disconnected the xrdp Server too often and do not release the directory thinclient_drives correctly. This Error could be fixed by giving the following command in the terminal: |
| |
1.1 | 73 | |
| |
8.1 | 74 | {{code}} |
| |
7.1 | 75 | $ fusermount -u ~/thinclient_drives |
| 76 | {{/code}} | ||
| |
1.1 | 77 | |
| |
15.1 | 78 | The directory thinclient_drives will be used as File- and clipboard share with the local computer (which is supported by the rdp client). |
| |
1.1 | 79 | |
| |
15.1 | 80 | The directory thinclient_drives also needs to be accessible for everyone, which means execution rights have to be given to unmount this. Please note this, when the home directory is protected. This could be the reason that the error message first occurred. |
| |
1.1 | 81 | |
| |
15.1 | 82 | == immediately Log out from the application == |
| |
1.1 | 83 | |
| |
15.1 | 84 | If your application terminates immediately despite the correct password, you can log in to the remote desktop Server via ssh and the Session with killall Xorg manually terminate. |
| |
1.1 | 85 | |
| |
8.1 | 86 | {{code}} |
| |
7.1 | 87 | $ ssh <Remote Desktop Server> |
| |
15.1 | 88 | |
| |
1.1 | 89 | --- |
| |
15.1 | 90 | |
| |
1.1 | 91 | <remote Desktop Server>$ killall Xorg |
| |
7.1 | 92 | {{/code}} |
| |
1.1 | 93 | |
| |
15.1 | 94 | = Safety measures = |
| |
1.1 | 95 | |
| |
15.1 | 96 | The RDP server authenticates itself by certificate to the client. |
| |
1.1 | 97 | |
| 98 | {{html wiki="true"}} | ||
| |
15.1 | 99 | <span class='WYSIWYG_COLOR ' style='color:Red'>Care:</span> |
| |
1.1 | 100 | {{/html}} |
| 101 | |||
| |
15.1 | 102 | Notifications about an errand certificate should never be ignored. Check the fingerprint (look above)! |
| |
1.1 | 103 | |
| |
15.1 | 104 | For access only TLSv1.1 and TLSv1.2 with the following ciphers are allowed: |
| |
1.1 | 105 | |
| |
15.1 | 106 | {{code language="none"}} |
| 107 | openssl ciphers AES+aRSA:AES+aECDH:AES+aECDSA | ||
| 108 | {{/code}} | ||
| 109 | |||
| 110 | Be sure the version of your RDP client support those. | ||
| 111 | |||
| |
8.1 | 112 | = RDP Clients = |
| |
6.1 | 113 | |
| |
8.1 | 114 | == macOS == |
| |
6.1 | 115 | |
| |
15.1 | 116 | [[Microsoft Remote Desktop>>https://apps.apple.com/de/app/microsoft-remote-desktop/id1295203466?l=en&mt=12]] |
| |
6.1 | 117 | |
| |
15.1 | 118 | Version 10 doesn't show fonts in the login window. Not further problematic since it does need your account data in the config. The login window just gets shown if your data is wrong. You can also use the login without fonts. No other problems are known. |
| 119 | |||
| |
8.1 | 120 | == Linux == |
| |
1.1 | 121 | |
| |
15.1 | 122 | [[KRDC>>http://www.kde.org/applications/internet/krdc/]] |
| 123 | |||
| |
1.1 | 124 | * [[Vinagre>>https://wiki.gnome.org/Apps/Vinagre/]] |
| |
15.1 | 125 | * [[Remmina>>https://www.remmina.org/]] (Installed on the BlackBox) |
| 126 | * For best performance configure ##RemoteFX (32 bpp)## as Color depth. | ||
| |
1.1 | 127 | |
| |
8.1 | 128 | == Windows == |
| |
6.1 | 129 | |
| |
15.1 | 130 | The RDP client is preinstalled on Windows. Just search for **Remotedesktop connection** or **Remotedesktopverbindung** |