In this article, we'll show you how to access your Linux computer (running Centos 7) via Windows Remote Desktop Connection.
Condensed procedure
To get a sense of what's to come (and for the power users out there), the following provides a condensed version of the detailed procedure given below.
- SSH into Linux as root.
ssh root@IPv4address
- As necessary, create a non-root user with sudo privileges.
adduser username
passwd username
usermod -aG wheel username
su - username
- Install xrdp (an RDP server).
sudo yum -y update
sudo yum -y install epel-release
sudo yum -y install xrdp
sudo systemctl enable xrdp
sudo systemctl start xrdp
- Install Xfce (a desktop environment) and reboot.
sudo yum -y groupinstall "Xfce"
echo "xfce4-session" > ~/.Xclients
chmod a+x ~/.Xclients
su - root
echo "xfce4-session" > ~/.Xclients
chmod a+x ~/.Xclients
reboot
- Access Linux using Windows Remote Desktop Connection as the root or non-root user (non-root is always preferred).
- If you can't connect using Windows Remote Desktop Connection, open port 3389 at the Linux command-line and try again.
sudo firewall-cmd --add-port=3389/tcp --permanent
sudo firewall-cmd --reload
Detailed procedure
The cross-platform SSH (Secure SHell) protocol is used to access one computer (the host) from another (the client) using a command-line interface (CLI). The SSH protocol uses a client/server model. The SSH client software requests a secure connection while the SSH server software listens for incoming connection requests (typically on TCP port 22). After the client successfully authenticates, the server provides the client access to the host system (running the SSH server software). The client access is governed by the associated user account permissions of the host system. In our case, the Windows computer is the client and the Linux computer is the server/host. In the following procedure, we'll use the (cross-platform) ssh command to access the Linux CLI from the Windows CLI.
- Obtain the IP address as well as the administrator login and password for the Linux computer. For example, you may have received an email with this information or you may be able to look up these values through your hosting company.
If you have access to the Linux CLI, you can type ifconfig and then press the Enter key to obtain the inet IPv4 IP address. If the output appears confusing, the following command should return the required IP address.
ifconfig | grep inet | head -1 | awk '{print $2}'
- On your Windows computer, in the taskbar search box, type cmd and then press Enter. This opens the Windows CLI.
- Using your Linux computer IP address, type ssh root@xxx.xxx.xxx.xxx replacing the x's with your actual IP address, and then press Enter (for example, ssh root@105.168.164.211).
You may receive a "Are you sure you want to continue connecting (yes/no/[fingerprint])?" warning. If so, type yes and press Enter. If you receive a "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!" message, find the known_hosts file and delete the entry associated with the Linux IP address. To find the known_hosts file, use Windows File Explorer or run dir \know_hosts /s /b at the Windows CLI.
Next, type your Linux password and press Enter. You should now see the root (#) Linux CLI (i.e., the root bash shell).
- From the Linux CLI, create a non-root user account (if needed), as follows. Be sure to replace username with something appropriate.
useradd username
- Add a password for username, as follows. Be sure to replace username with whatever you used in the previous step (you will be prompted for the password twice).
passwd username
- To allow the new user to perform tasks requiring administrator/root privileges, we grant the user access to the sudo command as follows (replace username as above).
usermod -aG wheel username
- Use the su command (substitute user) to switch to the new user account, as follows (replace username as above).
su - username
You should see the root user command prompt symbol (#) change to the normal user command prompt symbol ($). It's best to use a normal user account in conjunction with the sudo command to perform actions requiring root access. This ensures that you can enjoy the benefits of having the root user's privileges without the risks associated with using the root account all of the time.
- As shown above, the SSH protocol allows access from one computer to another using a command-line interface (CLI). Similarly, the RDP protocol allows access from one computer to another using a graphical user interface (GUI). Like SSH, the RDP protocol uses a client/server model. Windows Remote Desktop Connection is the RDP client software whereas xrdp is the Linux RDP server software. We can install xrdp as follows.
sudo yum -y update
sudo yum -y install epel-release
sudo yum -y install xrdp
sudo systemctl enable xrdp
sudo systemctl start xrdp
- RDP stands for remote desktop protocol. That is, RDP assumes that both computers have desktop environments. Windows obviously comes stock with a desktop environment but Centos 7 does not. We can install Xfce, a lightweight/fast desktop environment, as follows.
sudo yum -y groupinstall "Xfce"
echo "xfce4-session" > ~/.Xclients
chmod a+x ~/.Xclients
su - root
echo "xfce4-session" > ~/.Xclients
chmod a+x ~/.Xclients
reboot
Wait a minute or two for the Linux computer to reboot.
Note. If other Linux users want to use Windows Remote Desktop Connection, you must copy the .Xclients file to each user's home directory (i.e., /home/username/.Xclient), as was done for the root user above.
- With the RDP server software running and the desktop environment enabled, we can access the Linux computer from Windows Remote Desktop Connection as follows. Replace xxx.xxx.xxx.xxx with the IP address of the Linux computer and username with either a root or non-rooter user (a non-root user is always preferred for security reasons).
Lastly, select the Connect button.
- If you can't connect using Windows Remote Desktop Connection (perhaps because you're using FirewallD), open port 3389 via the Linux CLI and try again.
sudo firewall-cmd --add-port=3389/tcp --permanent
sudo firewall-cmd --reload
- Optionally, to install Google Chrome, RDP into the Linux computer (as a non-rooter user), open a terminal window and run the following commands.
wget https://dl.google.com/linux/direct/google-chrome-stable_current_x86_64.rpm
sudo yum -y install ./google-chrome-stable_current_x86_64.rpm
whereis google-chrome
From the Xfce desktop, select Applications, Web Browser, and then select Other... from the dropdown menu. Type in the path from the previous command (usually /usr/bin/google-chrome), and then select OK twice to start Google Chrome.
You can now quickly and easily access your Linux computer from anywhere in the world (with internet connectivity, that is) using Windows Remote Desktop Connection.