Introduction
Microsoft developed the Remote Desktop Protocol to streamline and secure connections between remote Windows machines. However, the technology is not limited to Windows.
The Remote Desktop Connection app allows system administrators to connect to other operating systems, including Debian, and manage remote workstations and servers.
Learn how to use RDP to connect to a Debian 12 system from Windows.
Prerequisites
- A client Windows machine with network connectivity.
- A host machine with Debian 12 installed.
- Sudo or root privileges on the host machine.
How to Connect to Debian 12 via Remote Desktop (xRDP)
The Debian system needs to be configured to accept incoming RDP connections.
Step 1: Install GUI on Debian 12 (Optional)
Remote servers are typically installed without a graphical interface to streamline deployment and conserve resources. When connecting from Windows, the RDP client expects the host machine to provide access to a graphical desktop environment, especially when using RDP servers such as xrdp.
The following steps explain how to install the lightweight XFCE desktop environment on Debian 12:
Note: This guide focuses on XFCE, but Debian 12 also supports other GUIs and desktop environments, including GNOME, LXDE, KDE Plasma, and MATE.
1. Access the Debian command line and enter update the package database and upgrade existing packages:
sudo apt update && sudo apt upgrade
2. Use the following command to install XFCE and the xfce4-goodies utility package:
sudo apt install xfce4 xfce4-goodies -y
3. Once the installation is complete, reboot the system:
sudo reboot
4. When prompted, enter the Debian user credentials.
You have successfully installed the XFCE desktop environment on Debian 12.
Step 2: Install xrdp on Debian
xrdp is an RDP-compatible server for Linux. It listens for incoming RDP connections from clients. The tool is usually not pre-installed on Debian systems.
To install xrdp on Debian 12:
1. Open the terminal in XFCE and use the following command to install xrdp:
sudo apt install xrdp -y
2. Check the status of the xrdp server:
sudo systemctl status xrdp
The output confirms the xrdp server is active.
Step 3: Configure xrdp to use XFCE
Users need to modify the /etc/xrdp/startwm.sh configuration file to allow xrdp to initiate XFCE for incoming RDP connections.
To configure xrdp to use XFCE:
1. Use a text editor like nano to open the /etc/xrdp/startwm.sh file:
sudo nano /etc/xrdp/startwm.sh
2. Locate the following lines and add a # (hashtag) at the beginning of each line:
test -x /etc/X11/Xsession && exec /etc/X11/Xsession
exec /bin/sh /etc/X11/Xsession
This ensures that xrdp starts an XFCE session instead of other potential desktop environments.
Note: If you have installed alternative desktop environments such as gnome-session or startlxde, comment out these lines as well.
3. Append the following line to the end of the file. It instructs xrdp to start an XFCE session when an RDP connection is initiated:
startxfce4
4. Press Ctrl+X, followed by y, and then Enter to save the changes and exit the file.
5. Restart the xrdp service:
sudo systemctl restart xrdp
xrdp is now configured to run the XFCE desktop environment by default.
Step 4: Configure xrdp Port (Optional)
The xrdp server monitors incoming RDP connections on port number
3389. Using a different port for RDP connections is a form of protection through obscurity. It is not a foolproof security measure, but it can protect a system from brute-force attacks.
To instruct xrdp to listen on a non-standard port:
1. Use nano to edit the xrdp configuration file, xrdp.ini:
sudo nano /etc/xrdp/xrdp.ini
2. Locate the port parameter in the [Globals] section and set the desired value. In this example, the RDP port is 49974:
port=49974
3. Press Ctrl+X, followed by y, and then Enter to save the changes and exit the file.
4. Restart the xrdp service to apply the changes:
sudo systemctl restart xrdp
There is no confirmation message or output after the xrdp service is restarted.
Step 5: Open a Port for Incoming Traffic in Firewalld
Debian 12 uses nftables as the default framework for managing network packet filtering rules. Users who want to configure and manage underlying nftables rules in a user-friendly environment can install firewall management tools like ufw or firewalld.
To open a specific port for RDP connections in Debian 12:
1. Use the following command to install firewalld:
sudo apt install firewalld -y
2. Start and then enable firewalld:
sudo systemctl start firewalld
sudo systemctl enable firewalld
3. Open port 49974 for RDP connections:
sudo firewall-cmd –add-port=49974/tcp –permanent
Note: Modify the command to open a port of your choice. Ensure that it matches the port number defined in the xrdp
configuration file.
The system displays a success message to confirm the port is open.
Note: Several tools that can help you check open ports in Linux.
4. Reload firewalld to apply the changes:
sudo firewall-cmd –reload
The output confirms the firewall rules have been updated.
Note: If trying to access the Debian machine from outside its local network, you might need to configure port forwarding on the router or adjust external firewalls.
Step 6: Set Up Remote Desktop Connection in Windows
To initiate an RDP connection from Windows to a remote Debian system:
1. Type rdp in the Windows search box.
2. Open the Remote Desktop Connection app.
3. Click Show Options to display additional RDP options.
4. (Optional) The different tabs in the Remote Desktop Connection app allow users to customize and fine-tune the RDP session settings for optimal performance. This includes adjusting the screen size and color, devices to use, etc.
5. Enter the IP address or name of the remote Debian system in the Computer field. If you changed the default port number for RDP connections on Debian, enter the port number after the IP address in the following format:
IP_address:port_number
For example:
234.432.55.109:49974
Note: Consult the following article if you need help locating IP addresses in Linux.
6. Type the username of the Debian user for the RDP connection.
7. (Optional) Save the connection details for future use.
8. Click Connect.
Step 7: Connect to Debian System
Enter the password for the Debian RDP user and click OK.
You can now interact with the Debian machine via the established RDP session.
Conclusion
By following the steps in this guide, you have established an RDP session from your Windows system to a remote Debian machine.
Check out our comprehensive Linux network commands cheat sheet if you need help managing or troubleshooting network connections on Debian.
Credit: Vladimir Kaplarevic