You just need a RDP client. Those are available for all usuall operating systems. You can find a list down below.The client needs to be late enough to support certificate based authentification and modern cypher suites. (
ciphers AES+aRSA:AES+aECDH:AES+aECDSA) Because of this a ssh tunel is not further needed.
lxhalle.in.tum.deTo access the mathematics workplace, as it is available on the BlackBox systems, is accessible via
Depending on your client a visible certificats check is possible.
After verification of the server you have to provide your username and password to establish a session with you account.This can either happen after connecting or your client ask for before that.
A session can be hold alive even if you aren't connected.To achieve this use the xrdp-dis command or just close the window, please do not try to log out through menu Apllication → logout (Sometimes it's just closing it). When you reconnect to your session it will be revived. This can happen from a completly different computer and also the resolution of the connection window will be adjusted.
Care: This can result to severe loss of data if the application is actually running!!For Firefox and Thunderbird you can execute the scripts repair_firefox.sh and repair_thunderbrid.sh. Those clean up the locks that prohibit these to run multiple times.
Occasionally the Filemanager can show an error message when you try to find the home directory: Failed to open directory … thinclient_drives: <>Transport endpoint is not connected<>
This could happen when you have connected and disconnted the xrdp Server too often and does not release the directory thinclient_drives correctly. This Error could be fixed by giving the following command in the terminal:
$ fusermount -u ~/thinclient_drives
The directory thinclient_drives will be used as File- and clipboardshare with the local computer (which is supported by the rdp client).
The directory thinclient_drives also need to be acceseable for everyone, which means execution right has to be given in order to unmount this. Please note this, when the home directory is protected. This could be the reason that the error message first occurred.
If your application terminate immediately in spite of the correct password, you can log in to the remote desktop Server via ssh and the Sesion with killall Xorg manual terminate.
$ ssh <Remote Desktop Server> --- <remote Desktop Server>$ killall Xorg
The RDP server authentificates itself by certificate to the client.Care: Notifications about an errand certificate should never be ignored. Check the fingerprint (look above)!
For access only TLSv1.1 and TLSv1.2 with following ciphers are allowed:
openssl ciphers AES+aRSA:AES+aECDH:AES+aECDSA
Be sure the version of your RDP client support those.
Version 10 doesn't show fonts in the login window. Not further problematic since it does need you account data in the config. The login window just gets shown if your data is wrong. You can also use the login without fonts. No other problems known.