收藏:
https://blog.csdn.net/wylfengyujiancheng/article/details/67643293
https://www.cnblogs.com/alusss/p/12292518.html
==================================================
前提:
1 CentOS安装桌面,如果无桌面,请执行
# yum -y groups install "GNOME Desktop"
# startx
2 配置源
# yum install epel* -y
以yum方式安装tigervnc-server(因为Xrdp最终会自动启用VNC,所以必须安装tigervnc-server,否则xrdp无法使用),命令为:
yum install tigervnc-server
为用户root设置vnc密码,命令为:vncpasswd root
查询SELinux状态,配置或关闭SELinux , 否则可能无法启动xrdp服务,或者启动出错;
查看SELinux状态命令:/usr/sbin/sestatus -v
临时关闭SELinux(设置SELinux 成为permissive模式)命令:setenforce 0
配置xrdp.ini文件
vim /etc/xrdp/xrdp.ini
把max_bpp=32,改为max_bpp=24
配置selinux
chcon -t bin_t /usr/sbin/xrdp
chcon -t bin_t /usr/sbin/xrdp-sesman
安装xrdp
# yum --enablerepo=epel -y install xrdp
启动xrdp并设置开机启动
# systemctl start xrdp
# systemctl enable xrdp
======================================================
===========================
# systemctl status xrdp.service
● xrdp.service - xrdp daemon
Loaded: loaded (/usr/lib/systemd/system/xrdp.service; enabled; vendor preset: disabled)
Active: active (running) since 五 2020-09-04 12:46:33 CST; 2 months 4 days ago
Docs: man:xrdp(8)
man:xrdp.ini(5)
Main PID: 1505 (xrdp)
CGroup: /system.slice/xrdp.service
└─1505 /usr/sbin/xrdp --nodaemon
11月 07 18:02:27 ibiomed xrdp[1505]: [20201107-18:02:27] [INFO ] Socket 12: AF_INET connection received from 202.200.119.201 port 54660
11月 07 18:02:27 ibiomed xrdp[1505]: [20201107-18:02:27] [DEBUG] Closed socket 11 (AF_INET 0.0.0.0:3389)
11月 07 18:02:27 ibiomed xrdp[1505]: [20201107-18:02:27] [INFO ] Using default X.509 certificate: /etc/xrdp/cert.pem
11月 07 18:02:27 ibiomed xrdp[1505]: [20201107-18:02:27] [INFO ] Using default X.509 key file: /etc/xrdp/key.pem
11月 07 18:02:27 ibiomed xrdp[1505]: [20201107-18:02:27] [WARN ] TLSv1.3 enabled by config, but not supported by system OpenSSL
11月 07 18:02:27 ibiomed xrdp[1505]: [20201107-18:02:27] [DEBUG] TLSv1.2 enabled
11月 07 18:02:27 ibiomed xrdp[1505]: libxrdp_force_read: error
11月 07 18:02:27 ibiomed xrdp[1505]: xrdp_process_main_loop: libxrdp_process_incoming failed
11月 07 18:02:27 ibiomed xrdp[1505]: [20201107-18:02:27] [DEBUG] Closed socket 12 (AF_INET 202.200.112.247:3389)
11月 07 18:02:27 ibiomed xrdp[1505]: xrdp_mcs_disconnect - socket closed
======================================================
===========================
查看xrdp服务是否正常启动
# systemctl status xrdp.service //如果看到Active则说明正常
# netstat -antup|grep xrdp //看xrdp和xrdp-sesman是否正常启动
关闭防火墙,或者打开防火墙3389端口
# systemctl stop firewalld.service
# systemctl disable firewalld.servie
或者打开3389端口
# firewall-cmd --permanent --zone=public --add-port=3389/tcp
# firewall-cmd --reload
==================================================================================
#!/bin/sh
yum grouplist
yum -y install epel-release && yum -y groupinstall Xfce
yum -y install xrdp
cd
echo "xfce4-session" > ~/.Xclients
chmod +x .Xclients
sed -i "s/ssl_protocols=/; ssl_protocols=/g" /etc/xrdp/xrdp.ini
sed -i "58i ssl_protocols=TLSv1, TLSv1.3, TLSv1.1, TLSv1.2, TLSv3" /etc/xrdp/xrdp.ini
systemctl start xrdp && systemctl enable xrdp
firewall-cmd --add-port=3389/tcp --zone=public --permanent
firewall-cmd --reload
curl ifconfig.me
reboot