
Xrdp: An open source RDP server - tomato2juice
https://github.com/neutrinolabs/xrdp
======
peckrob
So a long time ago I worked volunteer IT for a fan convention. This is roughly
mid to late 2000s. Among many other things, I was constantly looking for ways
to speed up the registration line. And rather than have reg workers type
things in, one way I hit on was to have terminals there for people to enter
their own information.

Shoestring doesn't even begin to cover it. Buying computers was definitely
out. So I hit on the idea of buying used Wyse Winterms. Winterms are thin
clients that talk either RDP or Citrix ICA. These could be had for about $20 a
pop on eBay. I would hit local pawn shops, thrift stores and recycling places
to get monitors and keyboards to go with them.

But they're just dumb terminals with Windows CE on them. How to actually use
them?

xrdp!

I set up a Linux system with xrdp and a bunch of X sessions for the Winterms
to talk to. Took a lot of fiddling to get it right. Like I probably spent two
weeks in the evenings getting everything right. But even I was surprised how
well it worked. With a full-screen web browser in kiosk mode it shaved massive
amounts of time off how long it took to get through the reg line.

We actually used that setup for about three years before we had enough money
to invest in better hardware. Over that time I'd estimate about 8,000 people
used them. But I'll always have a soft spot for those stupid Winterms and
xrdp.

~~~
laumars
I used those same winterms too. The problem was we were then updating our
network for PCI compliance and one of the issues we had was our call centre
teams used old green screens which were connected to via telnet and there was
no way to update these winterms to install PuTTY.

Then I hit upon the idea of using them as even more dumb terminals. So I set
up a PXE server that would serve an NFS volume hosting a minimal Linux distro
and setting those winterms to boot via DHCP.

Surprisingly those winterms not only supported Linux but ran it really well.

This system ran for several years until those old green screens were replaced
with web front ends instead. Which made me sad for two reasons, firstly the
end of the PXE solution which works so smoothly, and secondly seeing the old
green screen server decommissioned, which was a Sun SPARC box bought in the
90s and had an uptime of something ridiculous like 8 years.

------
rudolph9
Another option is [http://xpra.org/](http://xpra.org/) . It’s a bit more of a
commitment as (from what I understand) it replaces you displayManager (e.g.
Gnome gdm) and I haven’t gotten around to trying it but I personally prefer
Xforwarding over rdp.

Is the difference between RDP and xforwarding basically RDP is giving you a
video of the remote display and sending the mouse clicks + XY position top? Vs
xfowarding which natively renders the buttons and such and in the button
example sending signal that a particular button got clicked?

I imagine a trade off is more security vulnerabilities with xforwarding? Does
some have more incite into this?

~~~
Cadwhisker
For me, XPRA has been a revelation for how I use Linux remotely. It's the GUI
version of the "screen" command.

For those who haven't used it and want to try it, you install "xpra" on your
Linux box with "yum" or "apt", then fire up an xpra server with "xpra start"
(or "nohup xpra start &"), then make a note of which extra display it has
added (like ":1"). It's not replacing the display manager (as far as I'm
aware).

Download a windows client from xpra.org, then connect through SSH. Once
connected, you get a small icon in the Windows taskbar with lots of menu
options. Under the "Start" option, you have sub-menus which give you access to
all the Linux desktop programs on the target machine.

For example, I use XPRA to connect to my Ubuntu 20.04 laptop and run "Start ->
Accessories -> Terminal Emulator". It opens an XFCE4 terminal on my Windows
desktop, looking as if it was a native Windows application. In the terminal, I
can type "thunar" and a new Thunar file manager window will open on the
Windows desktop, or "xemacs" for a text editor.

It's very fast because it's only sending 1 window at a time, not the whole
desktop. I can disconnect, then re-connect and the windows will re-appear as I
had left them.

It's not perfect (some dialog boxes don't respond to mouse clicks), but it is
worth playing with.

~~~
znpy
I haven't tried xpra specifically, but from your description it reminds me of
regular X server running on either windows or mac is (xming and xquartz
respectively).

~~~
m000
Nope, completely different. Xpra is resistant to network failures, while X
server requires a stable network connection to keep the apps running. Xpra is
also completely agnostic to the applications GUI: it just streams video and
input events.

Rough X vs Xpra sketch:

    
    
                              |                    |
      display <-> X server    | <----X proto-----> | app
                              |                    |
                              |                    |
      display <-> Xpra client | <---h264/input---> | Xpra server <-X proto-> app
                              |                    |
                              |~~~~~~network~~~~~~~|

~~~
znpy
thanks for the explanation!

------
anonymousse1234
I use RDP multiple times every day. I have tested Linux RDP server
implementations and they are very buggy and really not production ready only
NX kinda is (yet not as good as MS RDP). VNC is so bad and lacks so many
features that it's not even considered a competition - it's old insecure slow
protocol that should be forgotten by now.

~~~
dmurray
RDP isn't really meant to be cross platform, right? It's a Windows graphics
server telling a Windows client how to draw some Windows widgets. The fact
that there are working Linux implementations at all is impressive. By
contrast, VNC is pretty close to just sending an image of the screen, with
some clever optimization.

VNC over SSH should be as secure as you need, but it's never likely to be as
performant as RDP.

~~~
tasogare
There is an official RDP client for macOS. I use it every to connect to the
Windows PC under my desk, while using the monitors on my laptop.

~~~
thayne
keyword: client, not server.

------
thaniri
I used to maintain some linux remote desktops at my job for specific workflows
of certain employees.

Wow, using xrdp was a complete gong show to manage. The most common bugs were
in the assignment of displays on user logon, as well as a crappy, often buggy,
login screen (though GUI logins for linux are fascinatingly weird pretty much
universally.)

That being said, even in evaluating alternatives there wasn't anything much
better. Linux remote desktop managers are just not that great yet.

As much as I hate Windows, I have to tip my hat to Microsoft's and say that
their RDP implementation stands more than head and shoulders above any
alternative remote desktop implementations I've tried.

Developers these days are getting much better at doing things over the command
line. The trend of using GUIs for everything recently appears to be ebbing
into a "right tool for the right job" mindset. Which is a very promising trend
I've noticed. Hopefully remote workflows are entirely done through emulating
terminals over SSH in a few years time :)

~~~
joking
How windows rdp manages multiple monitors, and window resizing when you aren’t
on a full screen is bananas compared to vnc, the only problem I had is
sometimes it d

~~~
wlesieutre
The resizing/scaling behavior varies widely depending on which of Microsoft’s
three RDP clients you were using

(Not kidding)

------
ryanmjacobs
Xrdp has been buggy for me as an RDP server... but... it's been a godsend as a
VNC proxy.

The student computers at my lab run Windows and do not allow user's to install
software or run foreign executables. They have great monitors though. I use an
RDP instance to access my VNC linux boxes remotely.

Windows 7 and Windows 10 come with a built-in RDP client.

Also, VNC is pretty insecure. So I only listen on localhost, then connect via
RDP for authentication.

------
wronglebowski
Can someone explain to me how Xrdp is so much simpler to use than VNC? I setup
a new CentOS workstation the other day and ended up trying to follow long
tutorials with config files and services. I gave up, installed the Xrdp
package and seconds later I had a remote session going.

~~~
Arnavion
>long tutorials with config files and services

On the server:

    
    
        x11vnc -display :0 -noxdamage -shared -repeat -forever
    

On the client:

    
    
        ssh -T server 'nc 127.0.0.1 5900'
        vncviewer 127.0.0.1:5900

~~~
simcop2387

        ssh -N -L5900:127.0.0.1:5900 user@server
    

is usually cleaner than using nc, it doesn't require running any commands on
the remote system and lets you do any port changing that you need to make
things work between each side.

~~~
Arnavion
Right, I had to use `nc` instead of forwarding the port from SSH itself
because I use systemd socket activation for that ssh command, with

    
    
        ExecStart=ssh -T server 'nc 127.0.0.1 5900'
        StandardInput=socket
        StandardOutput=socket
    

in the service file and

    
    
        ListenStream=0.0.0.0:5900
    

in the socket file.

The socket has to be connected to stdin/stdout instead of using SSH forwarding
since SSH doesn't support fd-based socket activation.

~~~
simcop2387
Yea that's definitely a bit more of an edge case. and for the downvoted
sibling commentor, this is the same kind of setup that previously would be
done with inetd or xinetd and the lack of security or monitoring or logging
that that usually entails. I'd be surprised if there's not some other way to
do it but this seems like a perfectly fine work around otherwise.

------
dhrjtnc
Tried to use xrdp on couple clients' machines and gave up at the end after 2
months (Ubuntu was used as host and client). Always had problems starting with
keyboard layouts, xdisplays, remmina client, and ending with black screens
([https://github.com/neutrinolabs/xrdp/issues/1358](https://github.com/neutrinolabs/xrdp/issues/1358)).
Also, it requires a very good connection, if you have sometimes a long ping -
your clients would be randomly frozen. The solution only restart sessions on
host. Very unstable not only xrdp itself, but xorg, vnc, xdisplays, etc within
protocol implementation, at least for Ubuntu.

Even having working it was much slower than on windows stack within same
datacenter.

I've recently heard good words about x2go. I didn't know about it earlier.
Maybe it could save someone brain cells :)

For myself I decided do not use the RDP protocol on linux clients' machines.

~~~
gsich
Maybe Spice is the answer. It works good on VMs.

~~~
ryanmjacobs
I wish Spice worked better. Right now I'm running my workstation on a server
KVM instance. Spice too laggy for me. VNC works great.

Although, I leave a connected tty backgrounded with Spice -- the audio works
seamlessly. Small bits of lag, but I use it for spotify in the background.

~~~
gh123man
In my experience, SPICE is awesome on a fast local network. I even run it at
4k with a remote VM. I experience more frame drops than straight up lag - but
things like video and audio are surprisingly good.

I've been searching for a good (free) virtual desktop/workstation solution but
Proxmox as a host + SPICE so far as the best I have found. I'd love to also
find something free that supports virtualized or pass-through GPU. I agree
that SPICE is not perfect, but it's the only protocol that feels like I am
actually using the remote machine as a local desktop unlike VNC or RDP.

------
philsnow
In the past I've used and loved [https://xpra.org/](https://xpra.org/) .

The performance is good and it doesn't rely on weird (to me) installation like
NX does (NX installation creates a unix user, maybe this is necessary for some
enterprise-y things, but my use case is "a smoother VNC").

I seem to recall facing issues with having exactly the same version on both
client and server because the code didn't try for any forward or backwards
compatibility, don't know if that's still the case.

~~~
rudolph9
Just posted something on xpra too!
[https://news.ycombinator.com/item?id=23494012](https://news.ycombinator.com/item?id=23494012)

------
pixelhorse
A few years ago, I managed to build XRDP with RemoteFX enabled. This was the
smoothest remote desktop I have ever experienced.

I couldn't replicate it a while later after an OS upgrade and I have since
given up on it. Does anybody else have experience with this? Should I give it
another try?

~~~
rcarmo
Have a look at [https://github.com/rcarmo/ubuntu-
xrdp](https://github.com/rcarmo/ubuntu-xrdp). I _think_ it has RemoteFX
enabled, but to be honest I haven’t delved into the internals for a while and
last time I did I was trying to get audio working.

------
ttul
And then there is Teradici’s PCoIP hardware, which is shockingly good. It
compresses and encapsulates video, audio, and device data. You just install a
card into your machine at one end and run a thin client box at the other end -
or use a software client.

The quality is amazing.

~~~
hedora
Nvidia and Amd video cards (and probably also intel) have done the same thing
for a while.

------
alexellisuk
I would usually have gone for vnc and have used TigerVNC on my Mac - you can
even run a VNC server and desktop in a Docker container. I actually learned
about xrdp over the weekend whilst trying to help an inlets user connect to
his remote lab in Edinburgh from Vienna. There's a couple of screenshots here
showing it in action -
[https://twitter.com/alexellisuk/status/1269639837335904257?s...](https://twitter.com/alexellisuk/status/1269639837335904257?s=20)
\- inlets PRO is a pure TCP tunnel with TLS encryption
[https://inlets.dev/](https://inlets.dev/)

------
rcarmo
If anyone wants to have a go at a “normal” end-to-end user experience, I have
a Docker setup with Xrdp and audio enabled at
[https://github.com/rcarmo/ubuntu-xrdp](https://github.com/rcarmo/ubuntu-xrdp)
that I poke at now and then, and loads of previous attempts at the same all
over my GitHub (many of my “desktop app” containers have VNC, Xrdp or
Guacamole bundled in for remote access from my Mac and iPad).

Right now the biggest issue I have with RDP on Linux is that the default
packages that ship with most distros are useless—they are either outdated
(still in VNC proxy mode) or poorly integrated with login managers. Also, even
though I get “free” multi-head when accessing a Windows desktop from my Mac
(and believe me, that is an amazing way to work on a daily basis) I have yet
to get it to work 100% with a Linux server (it works and I get multi-head, but
sometimes displays are swapped for some reason).

Many people don’t “get” RDP because they confuse it with VNC and other remote
display solutions. But when it is set up properly, it is _massively_ better
than VNC, NX or Xpra in terms of bandwidth, latency, and client support (yes,
there are thousands of VNC clients, and every Linux box can do X over SSH, but
I can use RDP from my iPad, Android, etc., and those are the thin clients I
travel with).

------
jennasys
I've been using xrdp for headless Raspberry Pi installations running Rasbian
for years. It's easy to install and is a way smoother experience than vnc.
Connections from Windows and Linux have rarely ever been a problem. Connecting
from Android used to be an issue, but I think even that has been resolved at
this point.

------
smooc
We run over 500 concurrent desktops with Guacamole and XRDP in Kubernetes in
non privileged conatiners. This allows us have a secure environment while
still having it light weight and not having te resort to Citrix for example.

Anyone comparing VNC to RDP favorably is nuts. RDP is a much more optimized
protocol for high latency, low bandwidth. Only Citrix compares favorably from
user's point of view. Maybe NoMachine NX as well. Both i cannot get to work
over https (nomachine) and kubernetes (citrix).

Not requiring a custom, vague client also helps.

XRDP uses a Xorg driver or is able to use a VNC backend. Even then its faster
than VNC. It can use pam for authentication.

------
fomine3
Xrdp is now used by Hyper-V Enhances Session Mode. It performs great.

Personally I encountered a problem that Xrdp recognizes wrong keyboard layout
(I use JPN Windows and US keyboard, but recognized as JP keyboard in Xrdp)

------
fock
so, is there any open-source alternative including a login manager and
preferably supporting accelerated graphics - xrdp is no solution you can sell
anyone today just from the looks of it? I suppose the state of this affair is,
what is really killing Desktop-linux deployment - to my knowledge you can't
setup a VDI-infrastructure a la Windows Terminal Server at all without buying
into Citrix or various other vendors (at which any "clients can be cheaper
with Linux" argument is just obliterated)

------
monksy
x2go always worked well for me.

~~~
pcast
X2Go was great for me also. Installation is quick (compared to xrdp), and
screen loads faster.

------
cpbotha
I've been using xrdp more extensively with WSL2 recently. Because WSL2 often
gets a new network interface assigned, X connections back to Windows are
terminated, while rdesktop to xrdp running on the WSL2 instance does not.

RemoteFX is active, but on my 2560x1440 display there is still a bit of
sluggishness. However, it's fine to run PyCharm locally on the WSL2, which is
my primary use case with this.

------
oddly
I used this as a solution for remote workers in my company. Set up rdp on
Windows with 24-bit color and select "LAN" connectivity improves sluggishnes.
It takes a bit of tinkering to get the xRDP config working well, but when it
works, it's really smooth. I used X over RDP. Make sure no users are locally
logged in before logging in via RDP.

------
m1keil
I've been recently evaluating vnc and xrdp for a project. xrdp was much harder
to install and configure. Documentation was sparse and outdated. VNC provided
multiple choices of well established implementations and in low latency
environment with simple Desktop (xfce), both provided pretty good feel.

------
cf100clunk
Headless?

In the Features section of the xrdp GitHub project page is this: "Connect to a
Linux desktop using RDP from anywhere (requires xorgxrdp Xorg module)"

Does this imply that serving from a headless Linux machine is not possible
like we can with vncserver instances?

~~~
rcarmo
No. It means that you need an X server willing to provide access to the
bitmaps inside it using that module, but you can run Xrdp fully headless
against a memory buffer (like VNC does with Xvnc) or proxy via RDP to an in-
memory VNC server (which is the “old” way of using Xrdp).

------
hendry
Not sure why you would use this over `ssh -Y`, so I guess it's for Windows
users to experience the joy of the "Linux Desktop"?

MacOS sorely needs an RDP server though. VNC is an awful UX for me and idk
why. Didn't start off that way.

~~~
tn1
X11 is an _extremely_ chatty protoy. Try it over a higher latency connection
(say, across the US from you) and you will notice that it can take minutes
before even xterm will show up.

Also, another benefit of VNC is that it's like tmux: if your session gets
interrupted then your programs won't all get HUP'd.

------
skee0083
Wow. i'm glad i found this. I've been looking for a way to connect to my
laptop running Ubuntu 20.04 from my desktop running windows 10. I tried a few
other programs before but they weren't compatible with windows rdp.

------
mehrdadn
Does it support UDP?

------
nunez
xrdp is nice but i prefer rdesktop since it's more established

~~~
grosswait
Rdesktop is a client, xrdp is a server.

