Azure Remote Desktop Services (RDS) is a VDI solution on Azure, which provides secure access to virtualized applications and desktops. RDS lets end users access their applications and desktops remotely on the cloud, via mobile and desktop devices. Remote Desktop Services (RDS) is an umbrella term for features of Microsoft Windows Server that allow users to remotely access graphical desktops and Windows applications.
-->Linux virtual machines (VMs) in Azure are usually managed from the command line using a secure shell (SSH) connection. When new to Linux, or for quick troubleshooting scenarios, the use of remote desktop may be easier. This article details how to install and configure a desktop environment (xfce) and remote desktop (xrdp) for your Linux VM running Ubuntu.
The article was writen and tested using an Ubuntu 18.04 VM.
Prerequisites
This article requires an existing Ubuntu 18.04 LTS VM in Azure. If you need to create a VM, use one of the following methods:
- The Azure CLI
- The Azure portal
Install a desktop environment on your Linux VM
Most Linux VMs in Azure do not have a desktop environment installed by default. Linux VMs are commonly managed using SSH connections rather than a desktop environment. There are various desktop environments in Linux that you can choose. Depending on your choice of desktop environment, it may consume one to 2 GB of disk space, and take 5 to 10 minutes to install and configure all the required packages.
The following example installs the lightweight xfce4 desktop environment on an Ubuntu 18.04 LTS VM. Commands for other distributions vary slightly (use yum to install on Red Hat Enterprise Linux and configure appropriate selinux rules, or use zypper to install on SUSE, for example).
First, SSH to your VM. The following example connects to the VM named myvm.westus.cloudapp.azure.com with the username of azureuser. Use your own values:
If you are using Windows and need more information on using SSH, see How to use SSH keys with Windows.
Next, install xfce using apt as follows:
Install and configure a remote desktop server
Now that you have a desktop environment installed, configure a remote desktop service to listen for incoming connections. xrdp is an open source Remote Desktop Protocol (RDP) server that is available on most Linux distributions, and works well with xfce. Install xrdp on your Ubuntu VM as follows:
Tell xrdp what desktop environment to use when you start your session. Configure xrdp to use xfce as your desktop environment as follows:
Restart the xrdp service for the changes to take effect as follows:
Set a local user account password
If you created a password for your user account when you created your VM, skip this step. If you only use SSH key authentication and do not have a local account password set, specify a password before you use xrdp to log in to your VM. xrdp cannot accept SSH keys for authentication. The following example specifies a password for the user account azureuser:
Note
Specifying a password does not update your SSHD configuration to permit password logins if it currently does not. From a security perspective, you may wish to connect to your VM with an SSH tunnel using key-based authentication and then connect to xrdp. If so, skip the following step on creating a network security group rule to allow remote desktop traffic.
Create a Network Security Group rule for Remote Desktop traffic
To allow Remote Desktop traffic to reach your Linux VM, a network security group rule needs to be created that allows TCP on port 3389 to reach your VM. For more information about network security group rules, see What is a network security group? You can also use the Azure portal to create a network security group rule.
The following example creates a network security group rule with az vm open-port on port 3389. From the Azure CLI, not the SSH session to your VM, open the following network security group rule:
Connect your Linux VM with a Remote Desktop client
Open your local remote desktop client and connect to the IP address or DNS name of your Linux VM.
Enter the username and password for the user account on your VM as follows:
After authenticating, the xfce desktop environment will load and look similar to the following example:
If your local RDP client uses network level authentication (NLA), you may need to disable that connection setting. XRDP does not currently support NLA. You can also look at alternative RDP solutions that do support NLA, such as FreeRDP.
Troubleshoot
Remote Desktop In Azure Training
If you cannot connect to your Linux VM using a Remote Desktop client, use netstat on your Linux VM to verify that your VM is listening for RDP connections as follows:
The following example shows the VM listening on TCP port 3389 as expected:
If the xrdp-sesman service is not listening, on an Ubuntu VM restart the service as follows:
Review logs in /var/log on your Ubuntu VM for indications as to why the service may not be responding. You can also monitor the syslog during a remote desktop connection attempt to view any errors:
Other Linux distributions such as Red Hat Enterprise Linux and SUSE may have different ways to restart services and alternate log file locations to review.
If you do not receive any response in your remote desktop client and do not see any events in the system log, this behavior indicates that remote desktop traffic cannot reach the VM. Review your network security group rules to ensure that you have a rule to permit TCP on port 3389. For more information, see Troubleshoot application connectivity issues.
Next steps
For more information about creating and using SSH keys with Linux VMs, see Create SSH keys for Linux VMs in Azure.
For information on using SSH from Windows, see How to use SSH keys with Windows.
-->Applies to: Windows 10, Windows 8.1, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2
You can control a remote PC by using a Microsoft Remote Desktop client. The client can run on almost any device, including on your mobile smartphone. The client gives you the same powers you would have if you could reach the PC's keyboard. Through the client, you can:
- Operate the apps that are installed on the PC.
- Access the files and network resources of the PC.
- Leave the apps open when you end the client.
Before you start, see the supported configuration article. The article discusses the PC configurations that the Remote Desktop clients can connect to. Also see the client FAQ article.
The following client apps are available:
| Client | Get the app | Documentation | Latest version |
|---|---|---|---|
| Windows Desktop | Windows Desktop client | Get started, What's new | 1.2.1844 |
| Microsoft Store | Windows 10 client in the Microsoft Store | Get started, What's new | 1.2.1810 |
| Android | Android client in Google Play | Get started, What's new | 10.0.10 |
| iOS | iOS client in the App Store | Get started, What's new | 10.2.5 |
| macOS | macOS client in the App Store | Get started, What's new | 10.6.1 |
Configuring the remote PC
To configure your remote PC before accessing it remotely, see Allow access to your PC.
Remote Desktop client URI scheme
Remote Desktop In Azure Certification
You can integrate features of Remote Desktop clients across platforms by enabling a Uniform Resource Identifier (URI) scheme. Learn about the supported URI attributes that you can use with the iOS, Mac, and Android clients.