Find the answer to your Linux question:
Results 1 to 8 of 8
I'm thinking of enabling remote desktop access to my server. How secure would this end up being really? And is there a way to use the public/private key combo to ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Oct 2009
    Posts
    59

    How secure is rdesktop?


    I'm thinking of enabling remote desktop access to my server. How secure would this end up being really? And is there a way to use the public/private key combo to up the security and only allow access by using asymmetric cryptography?

    And another thing, which solution should I use ? I know Gnome has an option to enable remote desktop access, but there are probably other options too.

    Is there an remote desktop application that listens on a port, and when I want to connect it launches gdm an Gnome (or kdm and Kde) ? It's a waste of resources if the gui is running when I don't need it as I usually work through SSH but a gui would sometimes help (unless using it will have a hit on security).

  2. #2
    Linux Engineer Kloschüssel's Avatar
    Join Date
    Oct 2005
    Location
    Italy
    Posts
    773
    as far as I know, the rdp protocol has no encryption built-in that I would rely on (man in the middle attacks are feasible). thus, encryption should be provided by the transport layer (i.e. ssh tunnel). further rdesktop is discontinued, thus I would not recommend to actually rely on that software in a serious business. the light at the end of the tunnel is FreeRDP, which is a fork of rdesktop. but that project was not promoted to become a GSOC project and I do not know how much effort those guys plan to invest on that project.

    for these and more reasons, i would recommend a solid ssh terminal as I cannot think of any usecase where I would need a desktop environment - except the case where I need to open a shell to do the shell hacking.

    JMTC

  3. #3
    Just Joined!
    Join Date
    Jan 2011
    Posts
    10
    I just setup remote desktop on my windows 7 machine , I am pretty shure it is vunerable to brute force attacks , I havent found the setting yet but somewhere there is a setting to disable logons if someone put's in the wrong password like if you fail 3 times you wont be able to logon for set time
    Last edited by sml156; 03-29-2011 at 09:42 AM. Reason: Because I can

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Oct 2009
    Posts
    59
    Thanks for the replies. I wanted to try it as the knowledge may come in handy. Rdesktoping to a server is a no go then, although I found a terminal command that can enable/disable remote desktop so I can simply enable, do stuff, disable.

    That also means that using rdesktop on other pc's in the network is a bad idea, thou it would come in handy when there is some kind of silly issue and you can just take hold of the computer (were talking mostly gui problems) and do the fix in a flash. It's also a good marketing tactic as people are usually amazed when their mouse is moving on their own

  6. #5
    Linux Engineer Kloschüssel's Avatar
    Join Date
    Oct 2005
    Location
    Italy
    Posts
    773
    I just setup remote desktop on my windows 7 machine , I am pretty shure it is vunerable to brute force attacks , I havent found the setting yet but somewhere there is a setting to disable logons if someone put's in the wrong password like if you fail 3 times you wont be able to logon for set time
    Carols computer is being brute-force attacked with DDOS across several pc's and she wants Bob to rdesktop into the server and take a look at things really REALLY soon. Bob therefore picks his ducati and drives home at lightspeed. He is such in a hurry that he fails 3 times to type the 20 characters password in a correct way and is blocked out. What is he going to say to carol? If Carol is a paying customer he surely's not going to say something like: "I could not prevent your server from being hijacked because I was blocked by your silly rdesktop server.."

  7. #6
    Linux Engineer Kloschüssel's Avatar
    Join Date
    Oct 2005
    Location
    Italy
    Posts
    773
    Rdesktoping to a server is a no go then, although I found a terminal command that can enable/disable remote desktop so I can simply enable, do stuff, disable.
    Carols computer wasn't hijacked so far because rdesktop was turned off. Unfortunatly during the last maintanance Bob forgot to turn off rdesktop..

    (yes, these things happen)

    That also means that using rdesktop on other pc's in the network is a bad idea, thou it would come in handy when there is some kind of silly issue and you can just take hold of the computer (were talking mostly gui problems) and do the fix in a flash. It's also a good marketing tactic as people are usually amazed when their mouse is moving on their own
    If you're going to help guys that sit behind a firewall, which is most times the case, you're simply unable to help them unless you told them how to configure the firewall properly. Take a shot a this:

    Teamviewer

    That is somewhat lightyears ahead to rdesktop.

  8. #7
    Just Joined!
    Join Date
    Jan 2011
    Posts
    10
    I like remote desktop
    and as far as Carols goes I guess bob wouldent have to fire him because bob would forget he ever worked for Carols
    teamviewer wouldent help bob either

  9. #8
    Linux Engineer Kloschüssel's Avatar
    Join Date
    Oct 2005
    Location
    Italy
    Posts
    773
    I like remote desktop
    No offense meant: this thread is about whether rdesktop (the software, see "man rdesktop") is safe to use, not if one likes remote desktops or not.

    as far as Carols goes I guess bob wouldent have to fire him because bob would forget he ever worked for Carols
    teamviewer wouldent help bob either
    Carol can start the remoting software when she needs it and it's also her responsibility to turn it off. Thus the responsibility can be shifted to carol (or her administrator). Does this help Bob? I strongly believe so.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •