为了验证xdrp的安全性设定,需要安装gnome桌面
- 安装gnome
yum groupinstall "GNOME Desktop" systemctl get-default init 5 #启动gnome桌面 systemctl stop firewalld useradd centos1 passwd centos1
- 安装xdrp
yum install epel-release -y yum -y install xrdp
xdrp的安全性设定
nano /etc/xrdp/xrdp.ini
修改如下:
certificate=/etc/xrdp/cert.pem key_file=/etc/xrdp/key.pem security_layer=tls
也可以重新生成自签名证书:
cd /etc/xrdp openssl req -x509 -newkey rsa:2048 -nodes -keyout key.pem -out cert.pem -days 3650 openssl req -new -newkey rsa:2048 -nodes -keyout key.pem -out xrdp.csr
重启服务
systemctl restart xrdp
- 测试
参考资料:
- https://github.com/neutrinolabs/xrdp/wiki/TLS-security-layer
- https://www.cnblogs.com/pipci/p/12731317.html
- https://www.shuzhiduo.com/A/kPzO9Wjo5x/