Settings needed to make xrdp work (FreeBSD15 current)

L

Louis

Hello,

I did install an FreeBSD VM on TrueNas which Gnome since I would like to use it as an FreeBSD machine via a window on a WINDOWS11 machine.

I managed to create the VM ans see the initial Gnome screen via TrueNas VM GUI spice. However that is of course not my intention.

So I installed xRDP and did expected it to run ...... Not So.
I get vague messages like
•Do not forget to edit the configuration files in "/usr/local/etc/xrdp"
•and the "/usr/local/etc/xrdp/startwm.sh" script.

And when starting the vm without these files modified I get
louis@:~ $ xrdp
Could not start log
Could not start log
error opening log file [The log is not properly started]. quitting.
louis@:~ $ xrdp-sesman
Could not start log
Could not start log
error opening log file [The log is not properly started]. quitting.

I did a trail with a change of startwm.sh disabling xterm and enabling Gnome but that is not what is needed, at least not all

Probably other things as well e.g. related to
runtime_user=xrdp
runtime_group=xrdp

Perhaps settings related to keys etc.

What ever I hope some one can explain which settings to add and/or change

Of course I would have hoped that the install script would have taken care of all of this !! :(


At the Microsoft Windows side ... Microsoft was so friendly :( to remove the rdp viewer recently.
So my idea is to use remote desktop manager for that .....
 
The actual situation is that the FreeBSD15 VM is running and starting Gnome. I can access Gnome via TrueNAS VM spice.

After the modifications described below (logs => syslog), xrdp and xrdp-sysmon are automaticly starting at boot and are running.

However I can not access the VM via RDP.
- I can ping the VM
- I can telnet the vm <address>:3389; telnet stays active? and the telnet console does not show any thing
- the RDP-programms I tried can not find the VM !!??
- I did add the VM-s name and address to my DNS, which did not help

I did make the following changes to the default xrdp related configs,
however ...... it still does not work !!!

How to solve this !!?? 😔😔

Created a user xrdp
sudo pw user add xrdp -d / -c 'xrdp daemon' -s /usr/sbin/nologin
louisb@:~ $ sudo pw user show xrdp
xrdp:*:1002:1002::0:0:xrdp daemon:/:/usr/sbin/nologin

Made the following changes to files inside /usr/local/etc/xrdp
- changed the logging settings to syslog to prevent the start problem (Could not start log)

ls -la /usr/local/etc/xrdp
•reconnectwm.sh
none
•sesman.ini
- SessionSockdirGroup=xrdp (enable)
- log to syslog not to its own log
•xrdp.ini
note: Unprivileged User name and group to run the xrdp daemon. It is HIGHLY RECOMMENDED you set these values.
See the xrdp.ini(5) manpage for more information on setting and checking these.
- enable runtime_user=xrdp
- enable runtime_group=xrdp
- disable ; port=3389
- enable port=tcp://192.168.100.30:3389 ^my FreeBSD15 server address^
- log to syslog not to its own log
•startwm.sh
- disabled xterm enable gnome after snapshot !! ^because I am using gnome^
•xrdp_keyboard.ini
- none

I did not add a ^.startwh.sh^ file in my home directory, since I assume the startwm.sh in /usr/local/etc/xrdp will do the job
 
Using wireshark to trace what was happening, I noticed that there was communication between FreeBSD15 xrdp and windows Devolutions Remore Desktop Manager.

So I started to verdict 'security' So I looked for security settings in '/usr/local/etc/xrdp/xrdp.ini'

Changing the crypt_level from high to none solved the problem.

I am not saying that is the prefered setting 🙂
However for now it is working and that is the important first step.
And my usage is between two systems on my own network and rdp is not allowed to enter my network
 
You must log in or register to reply here.
Back
Top