-
Notifications
You must be signed in to change notification settings - Fork 14.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
how to use freerdp-server? it seems that some file is missing #1060
Comments
after i copied server.cert/server.key from xfreerdp source tree to ~/.freerdp/server, some other errors occurs: We've got a client 10.190.50.53 any ideas? |
@macarthor yes... it means we've really got to document this, and unfortunately the steps can hardly be automated. Use the winpr-hash tool to generate a password hash and save it as /etc/winpr/SAM |
@awakecoding what's the password? rdp login user's password? |
@awakecoding aha, it's quite easy! for those who wanna use freerdp server, follow the following steps: linux xfreerdp-server (I've tested successfully):
windows wfreerdp-server.exe (i've not tested):
|
@awakecoding i've connected through win7 sp1 rdp 8 client to ubuntu 12.04 xfreerdp-server GIT 20130305. the ubuntu desktop shows, but it seems the screen does not respond to both mouse or keyboard... |
wfreerdp.exe GIT 20130305 has no luck either as the client... |
I am using Windows. Since the the winpr-hash tool only outputs a string, I am geussing I have to paste this into a file. Do I just have to paste it into a file with the filetype .SAM? Does the name have to be the username? then move the file to C:? I have no idea how the Security accounts manager works and I have been having this same issue. |
I created the SAM file and added the keys although I am having an issue generating my own Certificate and key to use. Here is the format I am using: winpr-makecert -r -pe -n "CN=server" -b 03/08/2013 -e 01/01/2036 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localMachine -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 and the tool is just outputing each argument. Could you give me some help generating them? |
@jpippy i'm using the server.crt/.key files in freerdp source tree, not created by typing winpr-makecert. it works. yes, winpr-hash.exe just posts a string, paste it to file "SAM". Note, "SAM" is the exact file name, but not the suffix. would u plz paste a description about the arguments of winpr-makecert? i've no idea about this tool. many thanks! |
@jpippy see my reply on issue #1063 winpr-makecert is just a stub, if you want makecert you need to get the original tool. Also take a look at the FreeRDP Configuration Manual for certificate generation: https://github.com/awakecoding/FreeRDP-Manuals |
@awakecoding I am facing the same problem as @macarthor : |
@macarthor I am on Linux. Where do I get wfreerdp-hash.exe from? |
@Oshirowanen I don't know about wfreerdp-hash (not sure this actually exists) but you can find winpr-hash.exe in FreeRDP/winpr/tools/hash |
@bmiklautz That's confusing. According to this post: #1060 (comment), @macarthor says to run the following wfreerdp-hash.exe -d xxx -u xxx -p xxx to create a SAM file. I have clearly misunderstood something. |
I also do not know the existence of wfreerdp-hash.exe or its use. However, if you wish to generate the hash to copy in the SAM file then this works: All these are credentials of the server on which your freerdp-server is running. On 02-Jul-2014, at 7:19 AM, "Oshirowanen" notifications@github.com wrote:
|
@Arkantos7 I don't have a freerdp server, only the freerdp client. Is it possible to get a SAM file from a Microsoft RDP server and copy it down to the client machine? |
@Arkantos7 I'm fairly sure wfreerdp-hash.exe was a typo and it's winpr-hash. @macarthor hints? |
@Arkantos7 If it was a type, that's fair enough. In that case, if I don't have a freerdp server, and only a microsoft rdp server, how do a generate a SAM file to use on a client machine? |
All the steps and discussions mentioned above were to get xfreerdp-server setup and running. Why do you need the hash from a Microsoft RDP server? When you say Microsoft RDP, im assuming you mean the default Microsoft RDP service- mstsc. On 02-Jul-2014, at 7:32 AM, "Oshirowanen" notifications@github.com wrote:
|
@Arkantos7 When I try to connect to a microsoft rdp tsg server, using a linux client computer with freerdp, I get a message saying that the sam file is missing. This only happens if I am outside the LAN. If I am inside the LAN, it works fine. However, using a windows 7 computer inside or outside the lan, I can connect to the microsoft rdp tsg server without any issues. I only get a sam issue when the client is Linux + outside the lan. A linux client using freerdp which is running within the lan connects without any issue to the microsoft rdp tsg server. Which is why I thought that I may need to generate a SAM file and copy it to the client machine. I was clearly wrong. |
Okay. That issue is unrelated to the one mentioned in this thread. This thread is about freerdp-server. Anyways, let me check on that and get back to you. On 02-Jul-2014, at 7:39 AM, "Oshirowanen" notifications@github.com wrote:
|
@Arkantos7 I didn't realize this issue is unrelated. Thanks for pointing that out. As it's unrelated, would it make more sense to post a reply here #1936 if you figure out why I am getting that issue? |
@macarthor Hi. I followed all the steps you have mentioned for setting up xfreerdp-server in linux. However at last I am unable to start the server by using the command xfreerdp-server . I am getting command not found. can you figure out what i am missing? |
@believeyourself what's the full path of you xfreerdp-server binary? is it marked with executable? it seems you are a newbie of linux :) try:
|
is there any way to authenticate using standard linux users, not via external SAM file? |
With the 2.0 release, assuming freeRDP provides a RDP server for Linux for Xorg and/or Wayland, it would be really nice to document this. There's a "freerdp-server" 2.0.0 package available in Fedora, and it provides no binary nor systemd service/unit, and I couldn't find any documentation on how to make that work. I tried xrdp/xorgxrdp also (which I understand is a separate project, but I'm just mentioning it here) and had zero luck there too. I'm hoping in the future I can use FreeRDP for my "remote desktop into a Fedora or Centos Linux workstation with something that isn't VNC or X2go" needs. I don't know what the status of readiness of the code/implementation is for freerdp-server, but if it's already supposed to work, the lack of documentation (looked at every wiki, README, and websites I could find) is very confusing to say the least :) |
@nekohayo the binaries in freerdp are mostly samples (shadow and proxy are complete) |
Oh, and your problem is you need to create a certificate for the server ;) |
Hi there i am using Slackware64 14.2 i had download the files from https://slackbuilds.org/repository/14.2/network/freerdp/?search=freerdp i had edit the freerdp.slackbuild file the follow section : #ORIGINAL :
#Edited by myself :
Notes : 2 - I don't use : Avahi, PulseAudio neither SystemD because i just don't like because come very Slowpoke my system. 3 - A lot of sites says things like :
And well i had a dunnos, at the point 3 B) how the user can make own and valid key file and certified file for use the server ? C) why that lot of copy relative path with server.{crt,key} can't don't exist in the source code of git, the Slackbuild Source ? i really need generate that file because when i try to connect for my own freerdp-server i notice in the terminal the follow :
|
Well i try the follow :
After i try to connect from another machine from Remmina i got the follow message : "Error connecting to RDP server «IP». TLS connection failed. Check that client and server support a common TLS version." On the terminal output the follow i notice
Well i suppose i need another way from make the configuration with TLS the server/client needs for make the connection works fine. By the moment i don't have ideas for solve it. |
Someday the browsers can edit on this site (really i don't know why never works try to edit) Well my last try was :
and the terminal output :
Well this looks like is most near the server expect, but i don't understand why "TLS" and i don't idea how make keys + cert with rsa & tls using (open)ssl3 |
@inukaze what are you trying to do? the sample server expects these files in the current work directory (the one you start from) but it will just show you a window with a fancy mouse cursor. |
@akallabeth : i just trying to start a freerdp server, but does not exist any sample configuration file or the key file the server expect, because of that i try to generate one compatible with the freerdp server to start it. |
@inukaze you know what a ssl key and certificate is? |
@akallabeth : yes i know, well the openssl looks like compatible, but if i try to connect, i just got and error says TLS is not compatible. |
@inukaze ok, rereading the thread, I think I get we´re talking about different things.
|
@akallabeth : Thank you very much for the information and specifications |
Hi,
I've been testing xfreerdp-server recently. it ever fail to connect. the detailed information is as follows:
root@ubtvm:~# /home/freerdp/usr/bin/xfreerdp-server
Listening on 0.0.0.0 port 3389.
bind: Address already in use
We've got a client 10.190.50.53
Client Security: NLA:1 TLS:1 RDP:0
Server Security: NLA:1 TLS:1 RDP:1
Negotiated Security: NLA:1 TLS:0 RDP:0
private key file: /root/.freerdp/server/server.key
SSL_CTX_use_RSAPrivateKey_file failed
Failed to check freerdp file descriptor
Client 10.190.50.53 disconnected.
I traced the code, error is at libfreerdp\crypto\tls.c:
printf("private key file: %s\n", privatekey_file);
if (SSL_CTX_use_RSAPrivateKey_file(tls->ctx, privatekey_file, SSL_FILETYPE_PEM) <= 0)
{
printf("SSL_CTX_use_RSAPrivateKey_file failed\n");
return FALSE;
}
the argument "privatekey_file" is /root/.freerdp/server/server.key, but this file does not exist.
i wonder if i should use some command to generate this file before starting xfreerdp-server?
The text was updated successfully, but these errors were encountered: