If you’d like to access your Linux desktop over the network from anywhere in the world, or just want to share your computer’s resources on the LAN by giving all users accounts on your computer, you can set up a remote desktop server. It is quite easy to do so, and the best part is that it is compatible with the remote desktop client on Windows too, thanks to the software called XRDP which talks Remote Desktop Protocol (RDP).

Are you surprised that a blog that usually used to talk about Gentoo, is now posting about Ubuntu? Well, I made switch on my personal machine to Linux Mint Cinnamon because I was bored with Gentoo. I have nothing against Gentoo, and I still love it. It’s the perfect distribution if you want to customize your OS to the core.

If you are going with Linux Mint, I’d highly recommend the MATE desktop. MATE is basically a fork of the original GNOME 2 project. GNOME 3 / Cinnamon / Unity won’t work with XRDP because they rely on 3D graphics which is not possible (yet) on X11RDP or Xvnc (correct me if I’m wrong). You could also go with the other desktop environments like XFCE or LXDE if you prefer. Even KDE works fine in the remote desktop environment because it does not solely rely on 3D graphics.

We’ll be building the latest XRDP version from source as the package in Ubuntu repositories is old, and plus, we need X11rdp which is not available there. In XRDP, there are two ways to get the display – one using X11rdp and other using Xvnc, TightVNC or X11VNC. Although it is very easy to run XRDP with *VNC, I use X11rdp for performance reasons, and for XKB (X Keyboard Extension) which is not supported by the VNC displays – and this sometimes tends to break the numpad functionality on the keyboard, especially with browsers like Firefox and Chrome.

How XRDP works

I don’t know the internal details of protocol or the software, but I know the flow. The flow is:

  • User connects to XRDP Server using an RDP client
  • XRDP presents a authentication dialog box which also contains a dropdown for selecting session module
  • User enters the details
  • XRDP sends this information to Session Manager which authenticates the user against PAM
  • If authentication is successful, a new X11rdp instance is spawned according to the display information provided by the client and /etc/xrdp/startwm.sh is run which starts the desktop environment.

In the traditional desktop case, we typically have one X11 server which is started by the login manager like GDM or similar and from there we login. In case of XRDP, the X11 server here is X11rdp (or Xvnc, if you use that mode) and then the session manager of the desktop environment connects to it.

Preparing the environment

The XRDP source code seems to have moved to GitHub from it’s original location at xrdp.org. Download the latest release from there. We need to install some stuff that is required to build xrdp. Firstly, check that you have the source repositories enabled for aptitude in /etc/sources.list or /etc/sources.list.d. Install the required stuff:

Extract the XRDP archive you downloaded, or if you cloned the git repository, get into it and run:

Next, in the same directory, you will find a subdirectory named xorg. Inside that there is a folder X11R7.6 (the version number might change in future). cd into it and as root (or sudo), ./buildx.sh /opt/X11rdp. This will build the X11rdp binary and install it in /opt/X11rdp. Once that is installed, create a symlink to X11rdp: ln -s /opt/X11rdp/bin/X11rdp /usr/bin/X11rdp so that XRDP can find the X11rdp binary.

Generate the RSA keys for XRDP

Configuration tweaks in /etc/xrdp

XRDP will install it’s default configuration in /etc/xrdp. We need to edit two files, the file named xrdp.ini and sesman.ini. In xrdp.ini, change max_bpp to 24 (the default value is 32) and set new_cursors=no. It seems X11rdp does not support 32 bit color, so I set the maximum bits per pixel to 24. New cursors cause ugly-looking cursors so they need to be disabled. In sesman.ini, scroll down to the section which says X11rdp]. At the end of the section, add a line: param6=-once. The final section should be like this:

We added -once to the parameter list so that X11rdp will terminate once the desktop session ends. Otherwise X11rdp keeps running and consuming resources displaying your desktop wallpaper :P.

That’s it, now if you run /etc/xrdp/xrdp.sh start, you should be able to login to the remote desktop server and see your desktop. If you don’t check the logs.
If you have multiple desktop environments installed, edit /etc/xrdp/startwm.sh and export the variable STARTUP before wm_start function to call the session manager of your desktop environment, such as mate-session, xfce4-session, startkde, etc.

CPU / IO hogging bug in mate-settings-daemon
Note: Skip this section if you are running Linux Mint 17.2 or non MATE desktop environment

If you are using MATE desktop, there is a bug in mate-settings-daemon which causes excessive CPU and IO usage when you use the numpad and it kills your machine. To avoid this, you need to apply a patch to the source code and install mate-settings-daemon-pulse package. The patch can be found in my comment on a GitHub issue.

Note that the above procedure is valid only for version 1.8.2 which is the current stable version that is there in Linux Mint 17.1. Before building the source of mate-settings-daemon, check the status of the issue, the current version that you are using and apply the patch if required.

/run/user/0 permission denied bug in pam_systemd

SystemD has a bug which does not create the /run/user/* directories with proper permissions which causes errors when starting up the desktop environment or it does not start at all. So until that is fixed, we have to fix this using an ugly hack. Add these 3 lines in the pre_start function of /etc/xrdp/startwm.sh at the end before the return 0:

Happy RDPing!


  1. HenryTheTech November 19, 2015 at 10:11 PM - Reply

    Why did you make this article about MATE when you switched to Cinnamon? Is there any possibility to establish an RDP or VNC session on Mint Cinnamon before the local user has logged to desktop? Thanks

    • nilesh November 19, 2015 at 10:16 PM

      RDP doesn’t support 3D graphics that’s required by cinnamon or gnome 3. That’s why MATE.

      What do you mean be establish session before login?

    • Sons Of Thunder November 21, 2015 at 2:45 AM

      [This is me, HenryTheTech, only I logged with G+ now]

      What I mean with “before session login” is that I can use VNC to connect to Cinnamon and KDE, but only have a local user has logged on. I presume it has something to do with X server.

      If I switch to MATE will I be able to get remote desktop access even if the remote computer just came on and no desktop environment has been loaded? (say after a power failure)

      Thanks for your help!

    • nilesh November 21, 2015 at 6:34 AM

      XRDP works more like the Windows remote desktop service where a user is logged in the first time he connects. You can login locally on Windows and then get that remote desktop elsewhere. But this screen transfer is probably not possible with XRDP because in XRDP we use different X server (X11RDP) which runs over network.

      Also I had tried KDE on XRDP, it worked without all those 3D effects. I could login as a user remotely.

      The XRDP server starts at boot so yes you can login as a user remotely after a power failure.

      The local login part, I haven’t used it much but GNOME and KDE support starting a VNC server for connecting from outside whenever a user logs in locally. That server is called vino in gnome I think.

  2. vrv November 3, 2015 at 11:08 AM - Reply

    Can you please say what lines I should add for aptitude in /etc/sources.list or /etc/sources.list.d. ???

    • nilesh November 5, 2015 at 5:08 PM

      I used whatever was there by default after installing the OS, didn’t change anything.

  3. Martin Pardiñas October 16, 2015 at 3:59 AM - Reply

    good job!
    But I have a big problem. When tried to open LibreOffice
    Writer it break de conection rdp. When I trie again I only see a black
    screen. I must to reboot de computer in order to view the desktop again.
    tried do rm .config/libreoffice, chmod 777 .config/libreoffice, but I
    dont able to work with it. I can open Writer, but when I write in it,
    the conections is blocked.

    Distribution Ubuntu Mate 14.04.2
    Client remmina 1.2
    Libreoffice 5.2 (but with 4.5 gives de same error)

    Can you help me, please?

    • VS October 20, 2015 at 2:13 PM

      Have the same problem. Compiled with http://scarygliders.net/x11rdp-o-matic-information/, branch devel, master and 0.8.1 crashes the session with LIbreOffice. Can start writer, but after some time, Session hangs (like freezing), reconnect doesnt work anymore too. Beeing on Debian Jessie. Without LibreOffice everything works great

    • nilesh October 20, 2015 at 2:42 PM

      I’m not sure what issue you guys are facing, I’m running v0.8 https://github.com/neutrinolabs/xrdp/tree/v0.8 with built-in X11RDP on Linux Mint 17.2 MATE.

      Libreoffice screenshot

    • VS October 20, 2015 at 2:46 PM

      As I said, I can start LibroOffice too, but after some time session crashes and reconnect is impossible. This happens not on all servers. Hav e 2 others, where it does not happen. But there must be some constellation, where this happens. I am in urgent need for a solution, but havnt found anything till now.

    • nilesh October 20, 2015 at 2:49 PM

      Okay just realized that I’m using an older version of Libreoffice compared to what you guys are using. Can you try to debug libreoffice by launching libreoffice from a terminal inside remote desktop? See what messages it outputs on console.

    • VS October 20, 2015 at 3:25 PM

      Strange, I got an follow Up Email, but your comment is not visible here. Anyway, will try to test this in the late Afternoon here. But I think we will not see anything, because the session “freezes”. No Keyboard, no switching Windows, aso. So output will most likely not be visible. This one is really bad. ….. 🙁

    • nilesh October 20, 2015 at 3:30 PM

      I have aggressive caching via cloudflare that’s why it’s not visible. And it’s that way for a reason so that people can at least read the articles if my server or Internet is down 🙂

      You can redirect the output to a file and then inspect the file later. libreoffice –writer &> /tmp/libreoffice-log

  4. Tommy Chang July 7, 2015 at 9:38 PM - Reply

    Apparently adding “chmod 1777 /run/user” to /etc/rc.local prevents the XDG_RUNTIME_DIR variable from being set in the first place. Thus no need to change /etc/xrdp/startwm.sh at all. It will use ~/.cache/dconf/user instead.

    • nilesh July 7, 2015 at 10:15 PM

      Yes, I realized this problem after writing this post so I came up with this fix:

      export XDG_RUNTIME_DIR=$(mktemp -d /tmp/xrdp_xdg_${UID}_XXXXXX)
      chmod 700 $XDG_RUNTIME_DIR

      So no need to chmod 1777. Also if you use the chmod method then it breaks normal user login from TTY7.

  5. Spike June 27, 2015 at 7:08 PM - Reply

    Oh forgot to mention, I’m using Mint 17 XFCE. The connection between the client and the server has no problem.(I can ping the server from the client.) Any other details I can provide you with?

    • nilesh June 27, 2015 at 7:12 PM

      Are you able to get the remote login window on the client side when you try to connect to the server using something like rdesktop?

      If not you haven’t started the xrdp service.

    • Spike June 27, 2015 at 7:22 PM

      No I fail to get the login window. After I run “/etc/xrdp/xrdp.sh start”, I get this msg “Starting: xrdp and sesman . . .” And nothing more. ( I assume there’s something wrong?) Then I follow some advice found from google and I run this command:netstat -an | grep “LISTEN ” | grep “:3389” and I can’t get the expected response from the system. So err should I start all the steps over?

    • nilesh June 27, 2015 at 7:28 PM

      See the xrdp log file. It seems xrdp is unable to start.

    • Spike June 28, 2015 at 8:16 AM

      This is so weird! After I installed teamviewer as the backup plan, found out today that the problem of xrdp just got fixed somehow. O_o Dunno why but it works now. Thank you man!

    • nilesh June 29, 2015 at 6:03 AM

      Lol. Good that you managed to get it working.

  6. Spike June 27, 2015 at 7:02 PM - Reply

    Hi Nilesh, I followed every step of this guide but sadly it didn’t work. 🙁 Don’t know how I can fix it.

    • nilesh June 27, 2015 at 7:04 PM

      If you can provide me some more details about what didn’t work then I can try to help you.

  7. Chaitanya Parekh June 26, 2015 at 4:18 PM - Reply

    Good work Nilesh !!!

  8. Tamer Hassan May 27, 2015 at 4:48 PM - Reply

    Much easier method of installing and configuring, and actually builds .deb packages to ease uninstallation and/or upgrade later on.

    • nilesh May 27, 2015 at 5:01 PM

      I wrote this article in the first place because I wasn’t successful with that one. It’s one of the top results in Google.

  9. Tamer Hassan April 2, 2015 at 10:17 PM - Reply

    for some reason when trying to connect to the Active Session with windows built-in RDP client, it fails to control keyboard & mouse. TightVNC works in this regard.
    So in brief, Windows RDP client (mstsc) works fine for virtual sessions, but not the active login session.

    • nilesh April 7, 2015 at 7:21 AM

      Interesting, I never tried this. But my dad connects to my machine running xrdp (with x11rdp as described above) from his windows 7 laptop but he never had this issue.


This site uses Akismet to reduce spam. Learn how your comment data is processed.