Google Remote Desktop
Holli Slye
IT departments are responsible for managing and controlling access to an ever-growing inventory of on-site and off-site servers, computers and devices. Yet relying on multiple remote connection tools and password managers is inefficient, frustrating and unsecure. Instead of being treated to streamlined clarity, IT pros, sysadmins and help desk technicians struggle with ongoing chaos. The solution is to centralize remote connection technologies, remote machine data, password management, and access control on a platform that is secure, scalable, and refreshingly simple to use.
"I manage over 120 servers on 10 locations. I've tried other remote desktop tools and Devolutions is by far the best I've tried. Very easy to set up and organize. Lots off tools other than remote desktop are built into the app. Things like services, ping, port scan etc. Remote desktops open in tabs which makes it very easy to switch from server to server. Also the ability to store multiple passwords and assign them as needed is a real plus."
"This is a product that I strongly believe in. Rarely does a tool come along that becomes your entire toolbox. In the course of doing my daily work, I have to make hundreds of connections to remote servers, manage those servers, databases, web sites, application servers and developers. RDM gives me a centralized, single pane of glass from which to do all of it. I can store passwords using my favorite password manager, Keepass, write and assign scripts, manage services, and build custom connections to every device, server and workstation I manage."
Remote Desktop Services (RDS) is the platform of choice for building virtualization solutions for every end customer need, including delivering individual virtualized applications, providing secure mobile and remote desktop access, and providing end users the ability to run their applications and desktops from the cloud.
For environments where cost-effectiveness is crucial and you want to extend the benefits of deploying full desktops in a session-based virtualization environment, you can use MultiPoint Services to deliver the best value.
With Microsoft Remote Desktop clients, you can connect to Remote Desktop Services from Windows Server and remote PCs, and use and control desktops and apps that your admin has made available to you. There are clients available for many different types of devices on different platforms and form factors, such as desktops and laptops, tablets, smartphones, and through a web browser. Using your web browser on desktops and laptops, you can connect without having to download and install any software.
Some features are only available with certain clients, so it's important to check Compare the features of the Remote Desktop clients to understand the differences when connecting to Remote Desktop Services or remote PCs.
You can also use most versions of the Remote Desktop client to also connect to Azure Virtual Desktop, as well as to Remote Desktop Services in Windows Server or to a remote PC. If you want information on Azure Virtual Desktop instead, see Remote Desktop clients for Azure Virtual Desktop.
Here's a list of the Remote Desktop client apps and our documentation for connecting to Remote Desktop Services or remote PCs, where you can find download links, what's new, and learn how to install and use each client.
Yes we went through that article, entered all the information through serial console. Even to the point of removing the remote desktop services feature, but then for some reason you can no longer RDP to it when you do that.
The Microsoft Remote Desktop Protocol (RDP) provides remote display and input capabilities over network connections for Windows-based applications running on a server. RDP is designed to support different types of network topologies and multiple LAN protocols.
A user can manually disconnect from a remote desktop session without logging off. The user is automatically reconnected to their disconnected session when he or she logs back onto the system, either from the same device or a different device. When a user's session is unexpectedly terminated by a network or client failure, the user is disconnected but not logged off.
By using RDP virtual channel architecture, existing applications can be augmented and new applications can be developed to add features that require communications between the client device and an application running in a remote desktop session.
Computer support staff can view and control a remote desktop session. Sharing input and display graphics between two remote desktop sessions gives a support person the ability to diagnose and resolve problems remotely.
I had a strange issue that ArcMap (if you are still using it :)) cannot open when I log in remotely on the machine. ArcCatalog worked without any issues. ArcMap also worked when login in directly on the laptop.
Another less elegant workaround is to open software using Chrome remote desktop and then go back to working in Windows RD afterwards. Chrome RD works differently and isn't recognised by windows as a remote session in the same way.
When I try to connect to a remote desktop, a message appears which says something like "Make sure you trust this PC, connecting to untrusted computer might harm your PC". Why would it harm my PC? I can understand that if I am sharing local resources or something like that, but if I am just connecting to a remote desktop how would that harm my computer? isn't it like sandboxed? how will the remote desktop access my PC?
User activity tracking and keylogging: In essence, untrusted RDP server could log all your activity on the server, including websites you browse to, files you download, documents you accessed and were changing, passwords you entered to access remote services through the RDP server, basically keep track of your complete user session.
Infection of client through remote hosted files: Any files you download from the server hosting a RDP session could be tampered with, or infected with malware. You could falsely assume trust in any of these files, thinking since you put them there during your previous RDP session that they weren't tampered with or infected in the meantime, transfer them to your RDP client and open/execute/...
Man-in-the-middle: Similar to user activity tracking, only this time the attacker is active on the RDP server you connect to and is listening in on your RDP client to RDP server connection, RDP server to remote LAN / WAN connections, or possibly both. On top of being able to inspect contents of exchanged network packets, man-in-the-middle is also able to change their contents. The RDP session can be encrypted using TLS, effectively preventing eavesdropping on it, but that isn't necessarily the case with where else you connect to (remote LAN or WAN) using the RDP server.
Remote Desktop Connection (RDC, also called Remote Desktop, formerly known as Microsoft Terminal Services Client, or mstsc) is the client application for Remote Desktop Services. It allows a user to remotely log in to a networked computer running the terminal services server. RDC presents the desktop interface (or application GUI) of the remote system, as if it were accessed locally.
A basic RDP client will, by default, share the clipboard through the RDP session (because it is very convenient). This alone allows the remote server to obtain a copy of everything you select and "copy" on your client, be they text excerpts, files... which is a glaring security issue when the remote host is hostile. Similarly, an hostile server may inject hostile code in the copy&paste mechanism: if you do a copy&paste of a file from a directory on your desktop system to another directory on your desktop system, then the hostile server may intercept the copy and alter the file in transit, thus injecting a virus (if the file is executable in some way).
A remote desktop connection allows someone else to fully access a computer. From the other side, the accessed computer could try to send any kind of suspicious and/or malicious data packages using the established "trusted" remote desktop connection.
In malware analysis (for example), one would never connect to an untrusted and potentially infected system without taking the appropriate precautions like using a VM which can be deleted afterwards when it becomes apparent that the infected system you are analyzing is indeed infected and spreads it's nasty stuff using any available network connection. In your case, that would be the remote desktop connection you're about to "trust" when clicking that OK button.
Always keep in mind that a remote desktop connection is - in it's core - nothing else than a bi-directional network connection between two computers. Therefore, all network-related risks are relevant here.
You can't imagine how many non-benign packets I've seen transported over remote desktop connections while I analyzed systems. Those would have instantly infected your system and in most cases you probably wouldn't notice it before harm is done. Trust me, that's the last thing you want to happen...
In case you missed it: on June 11, 2013, Microsoft had to call out a particularly important patch (MS12-037) which addressed (among other things) a critical flaw in the remote desktop protocol of all Windows operating systems (RDP). If you want to be as secure as possible, make sure you've applied the latest updates and security patches to your system.
I just installed Ubuntu 22.04 LTS and was delighted to see that a remote desktop server is built in and supports MS RDP in addition to VNC. It has some quirks related to the password, which I found out about on this post:22.04 - Remote Desktop Sharing authentication password changes every reboot
I am hoping to have remote desktop available on boot, without logging in, or if it uses auto-login it keeps the password, so that I can run the system headless and RDP/VNC into it. It looks like gnome-remote-desktop runs as a user service, not a system service, so it's not active unless the user logs in. And it starts before the keyring is unlocked, so it creates a new password every time it starts. It seems like there are many ways to get around these issue, but I'm not sure what's the best route or even if any/all of these are possible:
760c119bf3