Install xrdp Remote Desktop to CentOS 6 / RHEL 6

xrdp is an Open Source Remote desktop Protocol server, which allows you to RDP to your Linux server from Windows machine; it is capable of accepting connections from rdesktop, freerdp, and remote desktop clients. This how to will help you to setup xrdp server on CentOS 6 / RHEL 6.
Prerequisites:

Install EPEL repository on CentOS 6.

32 Bit

# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

64 Bit

# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Installation:

Issue the following command to install xrdp

# yum -y install xrdp tigervnc-server

You will get the following output, make sure you are getting package from the newly created repository.

Installed:
  tigervnc-server.x86_64 0:1.1.0-8.el6_5      xrdp.x86_64 0:0.5.0-0.13.el6

Dependency Installed:
  libXmu.x86_64 0:1.1.1-2.el6
  xorg-x11-fonts-misc.noarch 0:7.2-9.1.el6
  xorg-x11-xauth.x86_64 1:1.0.2-7.1.el6

Once it is installed, lets start the xrdp service.

# service xrdp start

xrdp will listen on 3389, lets confirm this by issuing following command.

# netstat -antup | grep xrdp
tcp        0      0 127.0.0.1:3350              0.0.0.0:*                   LISTEN      11299/xrdp-sesman
tcp        0      0 0.0.0.0:3389                0.0.0.0:*                   LISTEN      11295/xrdp

By default, services wont auto start after system reboot.
Issue the following command to enable the service at system start up.

# chkconfig xrdp on
# chkconfig vncserver on

Test:

Now take rdp from any windows machine using Remote Desktop Connection, enter ip address of Linux server in computer field and click on connect.

You would be asked to enter the user name and password,
you can either use root or any user that you have it on system.
Make sure you use module “sesman-Xvnc”.

If you click ok, you will see the processing. In less than a half min, you will get a desktop.

If you are not able to get connected to the XRDP Login window check your iptables settings.
If you are using iptables you need to edit your rules and add the port 3389 to the INPUT list.
 You can use the below commands to accomplish this
 (note that the port number shows as the service name ms-wbt-server instead of 3389):

[root@server ~]# iptables -I INPUT -p tcp -m state –state NEW -m tcp –dport 3389 -j ACCEPT
[root@server ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
[root@server ~]# service iptables restart
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
iptables: Applying firewall rules:                         [  OK  ]
[root@server ~]#
[root@server ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  —  anywhere             anywhere            state NEW tcp dpt:ms-wbt-server
ACCEPT     all  —  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     icmp —  anywhere             anywhere
ACCEPT     all  —  anywhere             anywhere
ACCEPT     tcp  —  anywhere             anywhere            state NEW tcp dpt:ssh
REJECT     all  —  anywhere             anywhere            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
REJECT     all  —  anywhere             anywhere            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination