Article directory
foreword
XRDP is an open source tool that allows users to access Linux remote desktops through Windows RDP. In addition to Windows RDP, the xrdp tool also accepts connections from other RDP clients such as FreeRDP, rdesktop, and NeutrinoRDP. Compared with VNC, xrdp is more lightweight. The following simple steps implement the ubuntu XRDP+cpolar intranet penetration tool to realize windows remote desktop control Ubuntu.
1. Install XRDP on ubuntu
Update the APT package manager first
sudo apt update
Download and install XRDP
sudo apt install xrdp
Then start, if there is an error when starting, it may be a port conflict, restart the device and try again
sudo systemctl start xrdp
Check the status, active means success
systemctl status xrdp
Set boot
sudo systemctl enable xrdp
The remote desktop switch needs to be turned on
2. LAN test connection
LAN IP connection, first check the ip address, enter the following command to check:
ip address
In order to avoid connection problems, first add a 3389 port in the firewall
sudo ufw allow from any to any port 3389 proto tcp
Then remember to log out and log in, you must remember, otherwise you will not be able to connect, the purpose of this step is to keep Ubuntu in the lock screen interface
Then open the windows remote connection tool
Enter the ubuntu LAN ip address we checked above, and click connect
Then we saw the XRDP interface, we need to enter the Ubuntu username and password
You can connect successfully after entering
3. Ubuntu install cpolar intranet penetration
Then use cpolar to penetrate the ubuntu local XRDP service, so that the windwos remote desktop can be accessed remotely. cpolar supports http/https/tcp protocols, does not limit traffic, is easy to operate, and does not require a public network IP or router.
cpolar official website: https://www.cpolar.com/
Install cpolar intranet penetration (support one-click automatic installation script)
- cpolar installation (domestic use)
curl -L https://www.cpolar.com/static/downloads/install-release-cpolar.sh | sudo bash
- Or cpolar short link installation method: (for foreign use)
curl -sL https://git.io/cpolar | sudo bash
- View version number
cpolar version
- token authentication
Log in to the background of the cpolar official website, click the verification on the left to view your authentication token, and then paste the token in the command line
cpolar authtoken xxxxxxx
- Add a service to the system
sudo systemctl enable cpolar
- Start the cpolar service
sudo systemctl start cpolar
- View service status
sudo systemctl status cpolar
If it is normally displayed as active, it means that the service is in the normal online startup state
After installing cpolar intranet penetration locally in the ubuntu system, visit the local port 9200 on the ubuntu browser, or access port 9200 through the LAN ip address in the external browser, and open the cpolar web ui interface.
After logging in, click Tunnel Management on the left dashboard - Create Tunnel. Since XRDP is port 3389, we need to create a tcp tunnel pointing to port 3389:
- Tunnel name: customizable, be careful not to repeat
- protocol: tcp
- Local address: 3389
- Port type: random domain name
- Region: China VIP
click create
After the creation is successful, we open the online tunnel list to copy the created public network address
4. cpolar public network address test access
When connecting, ubuntu must be in the lock screen interface, otherwise the connection will not be successful
Open the windwos remote desktop, enter the tcp public network address created in cpolar,
Then enter the user name and password interface, enter the user name and password to connect successfully,
5. Fixed domain name public network address
In cpolar intranet penetration, the address created above is random and changes within 24 hours. For more stable access and connection, cpolar supports fixed public network addresses, and currently supports a 21-day money-back guarantee.
You need to upgrade to a professional package or above to support the configuration of a fixed domain name
Log in to the background of the cpolar official website , click on the dashboard on the left 预留, find 保留的TCP地址, and fix a domain name for the tcp tunnel.
- Region: Select the server region
- Description: Remarks, which can be customized
After the modification is complete, click保留
After the domain name address is successfully reserved, we copy the address, and then we need to bind its configuration to the tunnel.
Log in to the cpolar web ui management interface. 隧道管理Click —— on the left dashboard 隧道列表, find the tunnel to be configured, and click on the right编辑
Modify the tunnel information and configure the fixed domain name address into the tunnel:
- Port type:
固定TCP端口 - Reserved TCP address: fill in the address we just reserved and copied
After the modification is complete, click更新
After the tunnel is successfully updated, click on the left 在线隧道列表to see the public network address of the tunnel, which has been updated to reserve a fixed domain name for the official website
Then use the fixed TCP address in cpolar to connect
Enter username and password
remote success
