Default English Deutsch

Remote Desktop Access

You can access the BlackBox Workplace via xrdp and the Remote Desktop Protocols (RDP).

You just need a RDP client. Those are available for all usuall operating systems. You can find a list down below.

The client needs to be late enough to support certificate based authentification and modern cypher suites. (ciphers AES+aRSA:AES+aECDH:AES+aECDSA)

Because of this a ssh tunel is not further needed.

Access Server

You can access the informatic workplace, as it is accessible in the RechnerHallen, via

lxhalle.in.tum.de

To access the mathematics workplace, as it is available on the BlackBox systems, is accessible via

ssh.ma.tum.de

Fingerprints

Depending on your client a visible certificate check is possible.

Zugangsserver	Fingerprint
lxhalle.in.tum.de	4c:ee:c1:05:58:96:8f:8c:66:e6:42:5e:1a:b7:95:d2:c1:88:63:98
ssh.ma.tum.de	80:79:07:56:2f:c6:0b:67:a0:62:a6:f5:93:a8:5f:ac:09:3e:2a:93

Session

After verification of the server you have to provide your username and password to establish a session with you account.

This can either happen after connecting or your client ask for before that.

Session restore

A session can be hold alive even if you aren't connected.

To achieve this use the xrdp-dis command or just close the window, please do not try to log out through menu Apllication → logout (Sometimes it's just closing it).

When you reconnect to your session it will be revived. This can happen from a completly different computer and also the resolution of the connection window will be adjusted.

Executing applications multiple times

You can execute software multiple times, like in different rdp session or if you are logged into your account directly and have a rdp session open. Be aware that not all applications support this. If you receive a notification that your application is already open you need to close it in the other user session so you can reopen it in the wanted session.

Know problematic software

• Firefox
• Thunderbird
• Chromium
• Vivaldi
• LibreOffice

Those - and other - applications warn you if you want to open them multiple times as the same user. This warnings can be correct(if you have multiple sessions open) but can also be the result of a incomplete shutdown of the program. Some software also offers to clean up the program folders so the program can be started again.

Care: This can result to severe loss of data if the application is actually running!!

For Firefox and Thunderbird you can execute the scripts repair_firefox.sh and repair_thunderbrid.sh. Those clean up the locks that prohibit these to run multiple times.

Troubleshooting

thinclinet_drives

Occasionally the Filemanager can show an error message when you try to find the home directory: Failed to open directory … thinclient_drives: <>Transport endpoint is not connected<>

This could happen when you have connected and disconnted the xrdp Server too often and does not release the directory thinclient_drives correctly. This Error could be fixed by giving the following command in the terminal:

$ fusermount -u ~/thinclient_drives

The directory thinclient_drives will be used as File- and clipboardshare with the local computer (which is supported by the rdp client).

The directory thinclient_drives also need to be acceseable for everyone, which means execution right has to be given in order to unmount this. Please note this, when the home directory is protected. This could be the reason that the error message first occurred.

immediately Log out from the application

If your application terminate immediately in spite of the correct password, you can log in to the remote desktop Server via ssh and the Sesion with killall Xorg manual terminate.

$ ssh <Remote Desktop Server>

---

<remote Desktop Server>$ killall Xorg

Safety measures

The RDP server authentificates itself by certificate to the client.

Care:

Notifications about an errand certificate should never be ignored. Check the fingerprint (look above)!

For access only TLSv1.1 and TLSv1.2 with following ciphers are allowed:

openssl ciphers AES+aRSA:AES+aECDH:AES+aECDSA

Be sure the version of your RDP client support those.

RDP Clients

macOS

• Microsoft Remote Desktop
  • Version 10 doesn't show fonts in the login window. Not further problematic since it does need your account data in the config. The login window just gets shown if your data is wrong. You can also use the login without fonts. No other problems known.

Linux

• KRDC
• Vinagre
• Remmina (Installed on the BlackBox)
  • For best performance configure RemoteFX (32 bpp) as Color depth.

Windows

The RDP client is preinstalled on Windows. Just search for Remotedesktop connection or Remotedesktopverbindung