It is not necessary to install a Graphical User Interface (GUI) on a Linux based system because there is always the possibility to administrate and configure the system through SSH. However, undoubtedly, a GUI has its advantages. Especially for those who are experienced Windows users and who have never been using a terminal before, a GUI on Linux could be an alternative way to use a Linux-based server without paying extra money for a Windows license. Furthermore, a GUI can simplify work and make some complicated tasks more clear. This does not mean that the terminal is obsolete forever and ever but many tasks such as editing configuration files or managing the file structure within a file manager will be much easier.
The following tutorial will provide all information to allow everyone to install a GUI and XRDP on CentOS and Debian based systems using XFCE4 as desktop environment and it will show how to connect to the server afterwards. The tutorial is separated in three parts: Fulfilling the prerequisites, how to install and configurate the software and finally how to connect to the system.
Prerequisites
- An already installed instance running any Linux operating system
- A working internet connection to install additional packages on the remote server and to connect to the remote server from the local machine
- A VNC client or SSH client to connect to the server from your local device
- A user which is allowed to log in to the operating system
- A little bit work on the terminal either via SSH or VNC
It is not necessary to have a fresh installed server as it will always be possible to install the GUI and XRDP on an already installed and configured server at any time.
An internet connection is mandatory and should work in anyway on our servers. However, if this is – for some reason – not the case, you will have to establish an internet connection first.
To create the user and to install all the necessary software you will have to connect to the server either via VNC on a VPS or via SSH on a VPS or Dedicated Server. To do so, we already have great tutorials you can refer to:
VPS/VDS | Dedicated Servers | |
---|---|---|
SSH | More Information | More Information |
VNC | More Information | Not Supported |
A user is needed to log in to the system after the RDP session was established. This can not be the user root since it is disabled to login on the GUI for security reasons. Furthermore, we actually do not suggest to work as user root directly but working with a user which is able to extend its privileges by the ‘sudo’ command to perform tasks where root privileges are mandatory. You can learn more about root user and ‘sudo’ command here.
Kindly note, if you decide to use VNC you will have to log in to the system first using your root credentials. Using SSH this is not necessary because you will directly be logged in to the system as the appropriate user which is root in our case. Once logged in we will first create the user:
useradd -m -s /bin/bash USERNAME
passwd USERNAME
The first command creates a user with name USERNAME and its home directory in /home/USERNAME using bash as preferred shell. Please replace USERNAME with any name you like.
The second command creates a password for this user. You will be prompted to enter a password two times as you may already know from registration forms on the internet. After executing every command the output of your terminal should look similar to the screenshot to the left.
This are all prerequisites and we finished the first step now. Please do not close the connection to your server as we will also need it to complete the second part of this tutorial.
Installation and configuration of XRDP and the GUI
Although XRDP runs without a GUI a GUI is required to log in to the server. Therefore, we have to install both.
XRDP and the GUI can be installed via the package management. Depending on the system you are using the commands are different. Please see the commands for Ubuntu and CentOS in the following:
Ubuntu based systems | CentOS |
---|---|
apt update apt install xrdp vnc4server xubuntu-desktop | yum install -y epel-release yum groupinstall "Server with GUI" -y yum -y install xrdp tigervnc-server |
First update the package manager database and secondly install XRDP and the GUI. | First install the „Extra packages for enterprise Linux) which makes XRDP available. The following two commands install a GUI and XRDP in combination with a VNC server. |
If all commands finished without errors, XRDP is successfully installed.
Configure XRDP
Once done XRDP should work out of the box. However, we should at least enable TLS encryption to secure the communication between the client and the server. Although the installation of XRDP already includes a certificate, we will create our own by just performing a single command:
openssl req -x509 -newkey rsa:2048 -nodes -keyout xrdp.key.pem -out xrdp.crt.pem -days 3650
This will create two files, xrdp.key.pem and xrdp.cert.pem in the home directory of the current user you are logged in with. Then adjust the file permissions to prevent other to read the private key:
chown root:root xrdp*.pem
chmod 640 xrdp*.pem
Then move this files to /etc/xrdp:
mv xrdp*.pem /etc/xrdp
Now it is time to alter the XRDP configuration. Please open the file xrdp.ini file with your preferred text editor:
nano /etc/xrdp/xrdp.ini
and change the appropriate lines security_layer, certificate and key_file as shown on the screenshot below:
Now we will have to check if the system starts into the graphical target. To verify this, type in the command:
systemctl get-default
Now you should see the output:
graphical.target
on the terminal. If this is not the case, please type the following to activate the graphical target:
systemctl set-default graphical.target
and verify with the above command if it was successfully set. Finally enable the xrdp server by typing the command:
systemctl enable xrdp.service
Then set the appropriate desktop environment for the formerly created user:
echo „xfce4-session“ > /home/USERNAME/.xsession
chown USERNAME: /home/USERNAME/.xsession
Afterwards, reboot your server. After the server is rebooted you should be able to connect via RDP with the server.