Xrdp login failed
After this tried logging with RDP and getting the error. could you give a step by step guide or other alternative methods, please?
7 Answers 7
I managed to fix this problem by editing the /etc/xrdp/sesman.ini file and commenting out the requirement to group membership. Now you can access all accounts.
[Security] AllowRootLogin=1 MaxLoginRetry=4 #TerminalServerUsers=tsusers #TerminalServerAdmins=tsadmins
Evidently a user must be a member of tsusers which is supposed to be created by xrdp itself. This group was not created at xrdp installation in my case. I created the group and added users to the group. But this did not help. By commenting out the following lines, all users can rdp now.
Usually this error means that the password used is not the valid one (or credentials are not valid ones).
You should know that the XRDP login screen will use by default the English US keyboard layout. So, if you are using a different keyboard layout, you might be typing the wrong password in the xrdp login. Check that keyboard layout is correct. Just a guess 🙂
Your x11 sessions might be locked or orphaned.
If you encountered this error xrdp_mm_process_login_response: login failed when you use the remote desktop connection to connection to a vnc session.
Even if you restart xrdp , the error still remains, the issue could be due to locked X11 session that was created by xrdp .
To solve the issue, go to /tmp/.X11-unix/ and find your X session and delete the session.
Look at the sessions owned by you which you wished to delete
. . srwxrwxrwx 1 root root 0 Jul 9 2012 X0 srwxrwxrwx 1 user1 users 0 Jan 25 09:13 X1 srwxrwxrwx 1 user2 users 0 Jul 10 2012 X10 srwxrwxrwx 1 user3 users 0 Feb 19 13:31 X11 srwxrwxrwx 1 user4 users 0 Nov 20 15:10 X12 srwxrwxrwx 1 user5 users 0 Jul 10 2012 X13 .
Delete the session.
If xrdp still fails, it seems that it is due to orphaned X—. Once xrdp hits an orphaned X— which may or may not be from other users, the error will still remain.
To see the orphaned X11 session, you can run vncserver , which will return something like this
$ vncserver Warning: Head-Node:1 is taken because of /tmp/.X11-unix/X1 Remove this file if there is no X server Head-Node:1
Delete all the orphaned X—
Restart the xrdp service and try the remote connection.
XRDP отклоняет вход
Я на компьютере с Windows 7 пытаюсь получить доступ к системе RHEL7 через удаленный рабочий стол Windows. До сегодняшнего дня я (и другие в моем отделе) был в состоянии войти в систему RHEL, используя xrdp. Сегодня внезапно xrdp начал отклонять соединения. Я вижу зеленый фоновый экран входа в систему, но он отклоняет учетные данные (и это нормально). Я могу пропинговать сервер, подключиться через putty и использовать filezilla, но подключение к удаленному рабочему столу отклоняет вход в сеанс. Я также попытался подключиться через удаленный рабочий стол к другому компьютеру CENTOS, и он работает нормально. Есть идеи? РЕДАКТИРОВАТЬ: ~/.xsession-errors :
gnome-session-is-accelerated: llvmpipe detected.
[20171031-13:55:53] [DEBUG] TLSv1.2 enabled [20171031-13:55:53] [DEBUG] TLSv1.1 enabled [20171031-13:55:53] [DEBUG] TLSv1 enabled [20171031-13:55:53] [DEBUG] Security layer: requested 3, selected 1 [20171031-13:55:53] [INFO ] connected client computer name: SPENATE7 [20171031-13:55:53] [INFO ] TLS connection established from 192.168.197.176 port 51321: TLSv1.2 with cipher AES256-GCM-SHA384 [20171031-13:55:53] [DEBUG] xrdp_00007c0e_wm_login_mode_event_00000001 [20171031-13:55:53] [INFO ] Loading keymap file /etc/xrdp/km-0000040a.ini [20171031-13:55:53] [WARN ] local keymap file for 0x0000040a found and doesn't match built in keymap, using local keymap file [20171031-13:55:58] [DEBUG] xrdp_wm_log_msg: connecting to sesman ip 127.0.0.1 port 3350 [20171031-13:55:59] [INFO ] xrdp_wm_log_msg: sesman connect ok [20171031-13:55:59] [DEBUG] xrdp_wm_log_msg: sending login info to session manager, please wait. [20171031-13:55:59] [DEBUG] return value from xrdp_mm_connect 0 [20171031-13:56:05] [INFO ] xrdp_wm_log_msg: login failed for display 0 [20171031-13:56:05] [DEBUG] xrdp_mm_module_cleanup [20171031-13:56:05] [DEBUG] Closed socket 18 (AF_INET 127.0.0.1:46890)
[20171031-12:58:20] [ERROR] X server -- no display in range is available [20171031-12:58:20] [DEBUG] Closed socket 8 (AF_INET 127.0.0.1:3350) [20171031-13:01:28] [INFO ] shutting down sesman 1 [20171031-13:01:28] [DEBUG] Closed socket 7 (AF_INET 127.0.0.1:3350) [20171031-13:01:29] [CORE ] shutting down log subsystem. [20171031-13:01:29] [DEBUG] libscp initialized [20171031-13:01:29] [INFO ] starting xrdp-sesman with pid 14292 [20171031-13:01:29] [INFO ] listening to port 3350 on 127.0.0.1 [20171031-13:01:41] [INFO ] A connection received from 127.0.0.1 port 35854 [20171031-13:01:41] [INFO ] ++ created session (access granted): username sanpen, ip 192.168.197.176:60904 - socket: 12 [20171031-13:01:41] [INFO ] starting Xvnc session. [20171031-13:01:41] [DEBUG] Closed socket 9 (AF_INET 0.0.0.0:5910) [20171031-13:01:41] [DEBUG] Closed socket 9 (AF_INET 0.0.0.0:6010) [20171031-13:01:42] [DEBUG] Closed socket 9 (AF_INET 0.0.0.0:6210) [20171031-13:01:42] [DEBUG] Closed socket 9 (AF_INET 0.0.0.0:5911) [20171031-13:01:42] [DEBUG] Closed socket 9 (AF_INET 0.0.0.0:6011) [20171031-13:01:42] [DEBUG] Closed socket 9 (AF_INET 0.0.0.0:6211)
Как настраивать xrdp?
Так это выглядит
https://cdn1.savepice.ru/uploads/2019/11/23/d00af38ec0e167cbc5ec800289d3d65e-full.png
В гугле растиражирован сомнительный мануал, где нужно дополнительно тянуть и настраивать tigervnc, в нескольких вариациях.
Xrdp это только аутенфикалка и хранитель сессий. К нему нужен ещё кусок софта (реализующий x server) который собственно будет отрисовывать графику и транспортировать клиенту.
Есть как минимум 3 опции: xvnc (на клиенте должен быть vnc клиент), x11rdp — устаревшее решение и xorgxrdp. Для последних двух на клиенте должен быть rdp клиент, например remima или вендовый «удаленный рабочий стол».
Я считаю что лучшее решение xorgxrdp. Установки его и скорее всего больше ничего настраивать не надо будет.
Там про убунту, но и к дебиану много что можно применить.
Да ладно, раньше эта фигня из коробки работала. xrdp тянет за собой vnc сервер к которому обращается локально. xfce4 стоит. Чего еще надо?
Уверен, я не первый кто с такой ошибкой столкнулся.
ну так у всех оно из коробки и работает.
для понимания что не хватает есть 2 лог файла и 2 файла настройки.
логи /var/log/xrdp.log /var/log/seseman.log ну еще лог x server-а, не знаю куда xvnc пишет
два конфига в /etc/xrdp — xrdp.ini sesman.ini
Вам нужно возпроизвести проблему и выложить соответствующие записи из лог-ов. так же что-то может и в общесистемный лог попасть — в разных линуксах он по разному называется, но обычно /var/log/messages
Похоже не стартует xorg. Лог выложил в соседней теме.
Ну так блин, как он стартанет то, если нет нужного драйвера, который отрисует картинку в буфере, сожмет и отправит клиенту.
Установки нужный модуль(драйвер) xorgxrdp .
sudo apt install xorgxrdp
Или если хочешь использовать vnc то установи пакет xvnc (x11vnc?)
xorgxrdp тянется за xrdp автоматом. У меня он есть.
[20191127-15:01:37] [DEBUG] Closed socket 11 (AF_INET6 :: port 3389) [20191127-15:01:37] [INFO ] Using default X.509 certificate: /etc/xrdp/cert.pem [20191127-15:01:37] [INFO ] Using default X.509 key file: /etc/xrdp/key.pem [20191127-15:01:37] [ERROR] Cannot read private key file /etc/xrdp/key.pem: Permission denied [20191127-15:01:37] [DEBUG] TLSv1.3 enabled [20191127-15:01:37] [DEBUG] TLSv1.2 enabled [20191127-15:01:37] [DEBUG] Security layer: requested 3, selected 0 [20191127-15:01:37] [DEBUG] Closed socket 12 (AF_INET6 ::ffff:server_ip port 3389)
ls -la /etc/xrdp/ total 312 drwxr-xr-x 3 root root 4096 Nov 23 17:00 . drwxr-xr-x 86 root root 4096 Nov 25 13:12 .. lrwxrwxrwx 1 root root 36 Nov 23 14:27 cert.pem -> /etc/ssl/certs/ssl-cert-snakeoil.pem lrwxrwxrwx 1 root root 38 Nov 23 14:27 key.pem -> /etc/ssl/private/ssl-cert-snakeoil.key
ls -la /etc/ssl/private/ total 12 drwx--x--- 2 root ssl-cert 4096 Nov 23 14:27 . drwxr-xr-x 4 root root 4096 Nov 23 14:18 .. -rw-r--r-- 1 root ssl-cert 1708 Nov 23 14:27 ssl-cert-snakeoil.key
Вот что не так с правами на key.pem и «Security layer»? Зайти по xrdp пытался как с пользовательскими правами, так и из под рута.
Login error with Remote Desktop to Ubuntu server
I use Ubuntu Cloud Guest account and install xrdp ( sudo apt-get install xrdp ) then I use Remote Desktop Connection of Windows to remote it. But on login step I always get this error after I enter username and password even though I did enter them very carefully.
connecting to sesman ip 127.0.0.1 port 3350 sesman connect ok sending login info to sesman xrdp_mm_process_login_response: login failed
4 Answers 4
I had similar problem, there are several problems with xrdp on ubuntu it seems. I found this page useful for solving some of the others, especially the keyboard problem with non-us keyboard.
As regards the login issue, there needs to be a group setup on the ubuntu machine called «tsusers», i added this group via the gui, but i believe there is a command line tool to do the same. You username that you want to login to xrdp will also need to be a member of this group. so user «john» (you) will need to have a group made «tsusers». Also for inexperienced users (such as myself!), when you login, login as «john», not «John», i believe linux usernames are actually all lowercase not first letter capitalised as it is for the gui login to ubuntu.
Introduction xrdp is a Remote Desktop Protocol (RDP) Server, allowing RDP clients to be presented an X windows desktop to the user.
Setup First install xrdp:
sudo apt-get -y install xrdp
Next, change the encryption level to high from the default low:
sudo nano /etc/xrdp/xrdp.ini encrypt_level=high
Next, allow just RDP through the local firewall:
But one thing more
sudo vim /etc/ssh/sshd_config
. Change Password Authentication to yes from no , then save and exit.
Note After making this change, press SHIFT+ : [colon] to open a new command entry box in the vim editor. Type wq, and then press Enter to save changes and exit vim. Restart the SSH daemon to make this change take effect.
Temporarily gain root privileges and change the password for the ubuntu user to a complex password to enhance security. Press the Enter key after typing the command passwd ubuntu , and you will be prompted to enter the new password twice.
Finally, restart xrdp and you should be able to connect:
sudo /etc/init.d/xrdp restart
The issue is that the configuration has to be adapted.
Either add the user you want to use to the standard tsusers group (which you might have to create first), as defined in /etc/xrdp/sesman.ini , or uncomment the lines in sesman.ini where the group requirements are defined.
Also take care about the keymap/keyset: it has a fallback to the US keymap so special characters are entered in another way.
It might not have been preloaded (or auto-detected) and so has to be generated from the console ( km-xxxx.ini in /etc/xrdp )
A new keymap can be created with xrdp-genkeymap , though you might be out of luck if you have for example a Swiss German keymap; then you might have to copy a working km-xxxx.ini file to the /etc/xrdp directory, eg: ch-DE -> km-0807.ini
You might also want to take a look at the logos if you want to adapt the login experience which are located in /usr/share/xrdp or /usr/local/share/xrdp