우분투 버전 Ubuntu 22.04.1 LTS (GNU/Linux 5.15.0-52-generic x86_64)
기본적으로 X Window 가 설치되어 있는 상태에서 시작
주의
상용 서비스를 운영중인 또는 운영 예정인 서버에 GUI 환경을 설치하는 것은 매우 신중하시기 바랍니다.
미니멀 설치 외에 추가로 설치되는 많은 패키지들로 인한 보안 문제가 발생할 수 있으며, 그로 인한 잦은 업데이트 권고 및 업데이트 후 예상치 못한 상황으로 전개 될 수 있습니다.
0. 사용자를 root 로 전환 (sudo 명령을 사용하기 귀찮아서...)
myuser@myserver:~$ su -
Password:
root@myserver:~# id
uid=0(root) gid=0(root) groups=0(root)
root@myserver:~#
1. xrdp 설치
root@myserver:~# apt-get install xrdp
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages were automatically installed and are no longer required:
python3-cliapp python3-markdown python3-pygments python3-ttystatus
Use 'apt autoremove' to remove them.
The following additional packages will be installed:
libfuse2 xorg xorgxrdp
Suggested packages:
xorg-docs xfonts-100dpi xfonts-75dpi x11-xfs-utils guacamole
The following NEW packages will be installed:
libfuse2 xorg xorgxrdp xrdp
0 upgraded, 4 newly installed, 0 to remove and 64 not upgraded.
Need to get 675 kB of archives.
After this operation, 3,764 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libfuse2 amd64 2.9.9-5ubuntu3 [90.3 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy/universe amd64 xrdp amd64 0.9.17-2ubuntu2 [517 kB]
Get:3 http://archive.ubuntu.com/ubuntu jammy/main amd64 xorg amd64 1:7.7+23ubuntu2 [2,890 B]
Get:4 http://archive.ubuntu.com/ubuntu jammy/universe amd64 xorgxrdp amd64 1:0.2.17-1build1 [65.3 kB]
Fetched 675 kB in 3s (265 kB/s)
Selecting previously unselected package libfuse2:amd64.
(Reading database ... 297274 files and directories currently installed.)
Preparing to unpack .../libfuse2_2.9.9-5ubuntu3_amd64.deb ...
Unpacking libfuse2:amd64 (2.9.9-5ubuntu3) ...
Selecting previously unselected package xrdp.
Preparing to unpack .../xrdp_0.9.17-2ubuntu2_amd64.deb ...
Unpacking xrdp (0.9.17-2ubuntu2) ...
Selecting previously unselected package xorg.
Preparing to unpack .../xorg_1%3a7.7+23ubuntu2_amd64.deb ...
Unpacking xorg (1:7.7+23ubuntu2) ...
Selecting previously unselected package xorgxrdp.
Preparing to unpack .../xorgxrdp_1%3a0.2.17-1build1_amd64.deb ...
Unpacking xorgxrdp (1:0.2.17-1build1) ...
Setting up libfuse2:amd64 (2.9.9-5ubuntu3) ...
Setting up xorg (1:7.7+23ubuntu2) ...
Setting up xorgxrdp (1:0.2.17-1build1) ...
Setting up xrdp (0.9.17-2ubuntu2) ...
Generating 2048 bit rsa key...
ssl_gen_key_xrdp1 ok
saving to /etc/xrdp/rsakeys.ini
Created symlink /etc/systemd/system/multi-user.target.wants/xrdp-sesman.service → /lib/systemd/system/xrdp-sesman.service.
Created symlink /etc/systemd/system/multi-user.target.wants/xrdp.service → /lib/systemd/system/xrdp.service.
Processing triggers for man-db (2.10.2-1) ...
Processing triggers for libc-bin (2.35-0ubuntu3.1) ...
Scanning processes...
Scanning candidates...
Scanning processor microcode...
Scanning linux images...
The processor microcode seems to be up-to-date.
Restarting services...
systemctl restart avahi-daemon.service colord.service packagekit.service polkit.service
Service restarts being deferred:
/etc/needrestart/restart.d/dbus.service
systemctl restart gdm3.service
systemctl restart networkd-dispatcher.service
systemctl restart unattended-upgrades.service
systemctl restart user@1000.service
No containers need to be restarted.
No user sessions are running outdated binaries.
No VM guests are running outdated hypervisor (qemu) binaries on this host.
root@myserver:~정상 실행 확인
root@mserver:~$ systemctl status xrdp
● xrdp.service - xrdp daemon
Loaded: loaded (/lib/systemd/system/xrdp.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2022-11-29 10:43:05 KST; 12min ago
Docs: man:xrdp(8)
man:xrdp.ini(5)
Process: 3608275 ExecStartPre=/bin/sh /usr/share/xrdp/socksetup (code=exited, status=0/SUCCESS)
Process: 3608283 ExecStart=/usr/sbin/xrdp $XRDP_OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 3608284 (xrdp)
Tasks: 2 (limit: 76917)
Memory: 20.7M
CPU: 4.682s
CGroup: /system.slice/xrdp.service
├─3608284 /usr/sbin/xrdp
└─3608350 /usr/sbin/xrdp이상태에서 윈도우 원격데스크탑연결로 연결시 인증화면까지 진행되고 id / pw 입력 하면 윈도우가 종료된다.
구글링 구글링...
2. xrdp 유저, ssl-cert 그룹에 추가
root@myserver:~# cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
... 생략...
xrdp:x:134:140::/run/xrdp:/usr/sbin/nologin
root@myserver:~#
root@myserver:~# adduser xrdp ssl-cert
Adding user `xrdp' to group `ssl-cert' ...
Adding user xrdp to group ssl-cert
Done.
root@myserver:~#
3. 방화벽 허용 (내부방 172.30.*.* 에서 접속 가능하도록 방화벽 정책 추가)
root@myserver:~# ufw allow from 172.30.0.0/16 to any port 3389
Rules updated
root@myserver:~# ufw reload
Firewall not enabled (skipping reload)
root@myserver:~# ufw status
Status: inactive
root@myserver:~#우분투 방화벽은 활성화 되어 있지 않았음 (-.,-a)
사실 인증 화면까지 나왔다는 것은 방화벽 문제는 아니었음을...
4. xfce4 인스톨
구글링 결과 기본 xrdp 만으로는 버그로 인해 원격데스크톱연결이 잘 안되는 것 같다.
ubuntu-desktop과 xfce4 추가 인스톨
서두에서 언급한 보안 및 업데이트 문제로 상용 서비스에 사용하는 서버는 ubuntu-desktop 설치에 신중하시기 바랍니다.
root@myserver:~# apt install ubuntu-desktop
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
... 생략...
root@myserver:~# apt-get install xfce4 -y
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages were automatically installed and are no longer required:
python3-cliapp python3-markdown python3-pygments python3-ttystatus
Use 'apt autoremove' to remove them.
The following additional packages will be installed:
dbus-x11 desktop-base elementary-xfce-icon-theme exo-utils fonts-quicksand gir1.2-libxfce4util-1.0 gir1.2-xfconf-0 greybird-gtk-theme libexo-2-0 libexo-common libgarcon-1-0 libgarcon-common libgarcon-gtk3-1-0 libkeybinder-3.0-0 libthunarx-3-0 libtumbler-1-0 libxfce4panel-2.0-4 libxfce4ui-2-0 libxfce4ui-common
libxfce4ui-utils libxfce4util-bin libxfce4util-common libxfce4util7 libxfconf-0-3 libxpresent1 pavucontrol tango-icon-theme thunar thunar-data thunar-volman tumbler tumbler-common xfce4-appfinder xfce4-helpers xfce4-notifyd xfce4-panel xfce4-pulseaudio-plugin xfce4-screensaver xfce4-session xfce4-settings
xfconf xfdesktop4 xfdesktop4-data xfwm4 xiccd
Suggested packages:
devhelp gnome-icon-theme kdelibs-data thunar-archive-plugin thunar-media-tags-plugin tumbler-plugins-extra xfce4-goodies xfce4-power-manager fortunes-mod
The following NEW packages will be installed:
dbus-x11 desktop-base elementary-xfce-icon-theme exo-utils fonts-quicksand gir1.2-libxfce4util-1.0 gir1.2-xfconf-0 greybird-gtk-theme libexo-2-0 libexo-common libgarcon-1-0 libgarcon-common libgarcon-gtk3-1-0 libkeybinder-3.0-0 libthunarx-3-0 libtumbler-1-0 libxfce4panel-2.0-4 libxfce4ui-2-0 libxfce4ui-common
libxfce4ui-utils libxfce4util-bin libxfce4util-common libxfce4util7 libxfconf-0-3 libxpresent1 pavucontrol tango-icon-theme thunar thunar-data thunar-volman tumbler tumbler-common xfce4 xfce4-appfinder xfce4-helpers xfce4-notifyd xfce4-panel xfce4-pulseaudio-plugin xfce4-screensaver xfce4-session
xfce4-settings xfconf xfdesktop4 xfdesktop4-data xfwm4 xiccd
0 upgraded, 46 newly installed, 0 to remove and 64 not upgraded.
Need to get 18.3 MB of archives.
After this operation, 88.5 MB of additional disk space will be used.
... 생략 ...
root@myserver:~#설정 파일 수정
root@overtake:~# vi /etc/xrdp/startwm.sh
#!/bin/sh
# xrdp X session start script (c) 2015, 2017, 2021 mirabilos
# published under The MirOS Licence
# Rely on /etc/pam.d/xrdp-sesman using pam_env to load both
# /etc/environment and /etc/default/locale to initialise the
# locale and the user environment properly.
if test -r /etc/profile; then
. /etc/profile
fi
# 내용 추가
unset DBUS_SESSION_BUS_ADDRESS
unset XDG_RUNTIME_DIR
# 실행 명령 변경
#test -x /etc/X11/Xsession && exec /etc/X11/Xsession
#exec /bin/sh /etc/X11/Xsession
test -x /usr/bin/startxfce4 && exec /usr/bin/startxfce4
exec /bin/sh /usr/bin/startxfce4
~
~
~
~
~
~xrdp 재시작
root@myserver:~# systemctl restart xrdp
root@myserver:~#5. 원격데스크탑연결
끝.
'UNIX-Networking' 카테고리의 다른 글
| crontab 명령 중복 실행 방지 (0) | 2024.05.30 |
|---|---|
| Linux crone tab 으로 MySQL 일단위 정기 백업 (최근 1주일치만 유지 하기) (0) | 2019.12.23 |
| CentOS 7 에 Tomcat 7 자동 재시작 하도록 서비스 등록 (0) | 2018.11.15 |
| [CentOS 7 minimal 설치 #4] 방화벽(firewalld) 설정 하기 (0) | 2018.02.17 |
| [CentOS 7 minimal 설치 #3] MySQL 5.7 설치 (3) | 2018.02.15 |