35

I just installed Ubuntu 22.04 LTS and was delighted to see that a remote desktop server is built in and supports MS RDP in addition to VNC. It has some quirks related to the password, which I found out about on this post: 22.04 - Remote Desktop Sharing authentication password changes every reboot

I am hoping to have remote desktop available on boot, without logging in, or if it uses auto-login it keeps the password, so that I can run the system headless and RDP/VNC into it. It looks like gnome-remote-desktop runs as a user service, not a system service, so it's not active unless the user logs in. And it starts before the keyring is unlocked, so it creates a new password every time it starts. It seems like there are many ways to get around these issue, but I'm not sure what's the best route or even if any/all of these are possible:

  1. Continue using auto-login so that remote desktop can run as a user service but somehow fix it so that it keeps the same password (ideally without disabling keyring completely).

  2. Disable the built-in remote desktop feature and install some other RDP/VNC server and manually configure it, but would that conflict with the built-in one? Not sure.

  3. Is it possible to convert the gnome-remote-desktop user service to a system service? And if so, where would it store the password if not in the user keyring? Is this even an option at all?

  4. Something else?!

Would love any suggestions. Thanks.

Hrishikesh Kadam
  • 359
  • 5
  • 14
goodkarma
  • 351

4 Answers4

32

I have tried this solution in a VM

Update for Ubuntu 24.04

Ubuntu 24.04 has a new Remote Login feature under Settings > System > Remote Access, along with the old Desktop Sharing.

Remote Login allows remotely logging into the Ubuntu 24.04 using RDP protocol if no one is logged in locally. For example, if the computer is restarted and automatic login is disabled, you can use this feature to login remotely.

Unfortunately if you get disconnected or close the RDP session, the remote session will be lost, in my limited testing. When you try to connect again you will get the login screen and login to a new session, rather than the existing remote session you disconnected from.

Original Answer for Ubuntu 22.04

  1. Disable the built-in remote desktop feature and install some other RDP/VNC server and manually configure it, but would that conflict with the built-in one? Not sure.

The solution I propose here is to not to use the native desktop sharing and use xrdp server instead.

Install xrdp

The setting above did not work in my fresh install of Ubuntu 22.04 until I installed xrdp. You have to either physically access the headless computer or use ssh for this step.

Open a terminal by Ctrl+Alt+T and enter:

sudo apt install xrdp

You will be prompted to enter your password. As you enter your password the cursor will not move. This is normal.

If you have ufw (Uncomplicated Firewall) enabled you will have to open the port 3389 with this command:

sudo ufw allow 3389.

Verify that the xrdp server is up and running with this command:

sudo systemctl status xrdp

Remember to logout

Logging out (locally) is the most important part. If you login by physically going to the computer and connecting keyboard, mouse, monitor etc. then xrdp won't work until you logout.

A Note about xrdp local and remote login

Do not use Automatic login to the desktop when the computer starts!

Unlike RDP in Windows xrdp only works if you are not logged in to the remote computer locally. This means you physically go to the remote computer and login to it, and then leave the computer without logging out, xrdp will not work.

Similarly, while remotely logged in via xrdp you may disconnect without logging out and the session will continue. However, in this case, you won't be able to login locally until you log out remotely.

This is not a problem for a headless computer as you never login locally.

Two points for the XRDP/RDP Client

1. Session, User and Password

When you try to access the remote computer using (X)/RDP, you may see this dialog box on your RDP/XRDP client:

enter image description here

  1. Set Session to XOrg, the default.
  2. Use your remote Ubuntu Computer's username
  3. Use the remote Ubuntu computer user's login password. Do not use the randomly generated password when you set up the (x)RDP client.

You won't see this dialog if you use Remmina and choose to store your username and password with the connection configuration.

2. Desktop may look different

When I used Remmina to xrdp into the Ubuntu22.04 in the VM, I didn't get the default Ubuntu desktop. Instead I got the Gnome 42 desktop that looks like this:

enter image description here

There may be some way to change it back to the Ubuntu desktop, but I didn't explore that.

To change the appearance of the desktop from the default gnome to Ubuntu, create the hidden file /home/$USER/.xsessionrc with the following content:

export GNOME_SHELL_SESSION_MODE=ubuntu
export XDG_CURRENT_DESKTOP=ubuntu:GNOME
export XDG_CONFIG_DIRS=/etc/xdg/xdg-ubuntu:/etc/xdg

Source: How to login to the Ubuntu (not GNOME) session on a remote server using xRDP?

Thanks to Torres and AgentRev for bringing this solution to my notice.

hope this helps

user68186
  • 37,461
4

I found your post while looking for an answer to why Remmina works fine with the monitor or TV on but gives a black screen when the monitor/TV is off. I’m thinking it might have something to do with the handshake communications between the viewing device and Ubuntu. (Getting the same issue with 20.04 to a TV and 22.04 to a monitor.)

Anyway, for Auto Login I’ve done the following. (Instructions are based on 22.04; similar for 20.04.)

Auto Login:

  1. Settings > Users > (unlock at upper right) > Automatic Login → turn on (white dot to right)
  2. Settings > Sharing →

    1. Switch at header: turn on.

    2. Remote Desktop → to on ==> the sub-menu:

      1. Remote Desktop: on
      2. ☑ Enable legacy VNC protocol
        1. Submenu: tic ‘Require a password’
      3. Remote Control on
      4. Authentication Section:
        1. User Name: barry
        2. Password
          • Used by Remmina to access system – 8 characters max.
          • This password is also reset by .config/autostart/password_fix.desktop (below)

    3. Media Sharing on, plus appropriate for the sub-menu

    4. Remote Login on, plus sub-menu allowing ssh

Create file: .config/autostart/password_fix.desktop

[Desktop Entry]
Type=Application
Name=Password Fix  
Comment=Corrects password in Settings > Users for use by Remmina
Exec=/usr/bin/python3 -c "import keyring;keyring.set_password('login','user','Remmina_Password');"

The Exec= is all one line. The 'user' is your user name; the 'Remmina_Password' is whatever it is being used by Remmina to log in. The legacy VNC protocol limits passwords to eight characters.

DBolton
  • 151
Barry Martin
  • 133
0

Quoting my answer from another question, this will ensure that only the VNC/RDP password is unencrypted, everything else works with the default login keyring

I found an insecure solution to the problem. The typical solution proposed on the internet for this is to set a blank password for the login keyring using the "Passwords and keys" app. This, however, is highly inscure as all the passwords on the device would be stored in plaintext.

What I decided to do instead was to create a new keyring in the "Passwords and keys" app with no password and set it as the default keyring. Then I proceeded to delete the VNC password from the login keyring. Then I rebooted the computer to ensure that the new keyring is the default one. After the reboot, I reentered the VNC password in the screen sharing settings. This would store the VNC password in the new insecure keyring. Then back to "Passwords and keys" app and set the login keyring to default again. Rebooted again and now the VNC password stayed saved and the default keyring was also back to the login keyring, ensuring all foture passwords saved on the device will be encrypted.

So in essence, I just reduced the insecurity of saving all the passwords in plaintext to storing just the VNC password in plaintext.

Gaurav Suman
  • 381
-2

Headless Chrome Remote Desktop is amazing, smooth video! Faster than RDP on windows. https://cloud.google.com/architecture/chrome-desktop-remote-on-compute-engine

5tring
  • 11