Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1040395: gnome-remote-desktop: Built-in RDP server fails incoming connections with "...(MIC) verification failed!"
729 views
Skip to first unread message
Nathaniel Roach
Jul 5, 2023, 7:30:04 AM7/5/23
to
Package: gnome-remote-desktop
Version: 43.3-1
Severity: important
Dear Maintainer,
g-r-d's built in RDP server does not work. I have simply just enabled it in gnome-settings,
and then attempted to connect. Connecting from either Remmina or Windows 10's MSTSC.exe fails.
The following messages are seen in the logs when launching freshly installed remmina and
attemping connection to "localhost". The errors are the same from a different machine,
this method was chosen to condense the logs.
Jul 05 19:01:22 hostname systemd[1506]: Started app-gnome-org.remmina.Remmina-3920.scope - Application launched by gnome-shell.
Jul 05 19:01:22 hostname remmina[3925]: Remmina does not log all output statements. Turn on more verbose output by using "G_MESSAGES_DEBUG=all" as an environment variable.
More info available on the Remmina wiki at:
https://gitlab.com/Remmina/Remmina/-/wikis/Usage/Remmina-debugging
Jul 05 19:01:22 hostname org.remmina.Remmina.desktop[3925]: Load modules from /usr/lib/x86_64-linux-gnu/remmina/plugins
Jul 05 19:01:22 hostname org.remmina.Remmina.desktop[3925]: Remmina plugin glibsecret (type=Secret) has been registered, but is not yet initialized/activated. The initialization order is 2000.
Jul 05 19:01:22 hostname org.remmina.Remmina.desktop[3925]: The glibsecret secret plugin has been initialized and it will be your default secret plugin
Jul 05 19:01:22 hostname remmina[3575]: gtk_menu_attach_to_widget(): menu already attached to GtkMenuItem
Jul 05 19:01:28 hostname org.gnome.Software.desktop[3575]: [19:01:28:082] [3575:3929] [WARN][com.freerdp.crypto] - Certificate verification failure 'self-signed certificate (18)' at stack position 0
Jul 05 19:01:28 hostname org.gnome.Software.desktop[3575]: [19:01:28:082] [3575:3929] [WARN][com.freerdp.crypto] - CN = GNOME, C = US
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:469] [1708:3943] [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_CONTINUE_NEEDED [0x00090312]
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:570] [1708:3943] [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_COMPLETE_NEEDED [0x00090313]
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:570] [1708:3943] [ERROR][com.winpr.sspi.NTLM] - Message Integrity Check (MIC) verification failed!
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:570] [1708:3943] [WARN][com.winpr.sspi] - CompleteAuthToken status SEC_E_MESSAGE_ALTERED [0x8009030F]
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:570] [1708:3943] [WARN][com.freerdp.core.nla] - CompleteAuthToken status SEC_E_MESSAGE_ALTERED [0x8009030F]
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:570] [1708:3943] [ERROR][com.freerdp.core.transport] - client authentication failure
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:570] [1708:3943] [ERROR][com.freerdp.core.peer] - peer_recv_callback: CONNECTION_STATE_INITIAL - rdp_server_accept_nego() fail
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:570] [1708:3943] [ERROR][com.freerdp.core.transport] - transport_check_fds: transport->ReceiveCallback() - -1
Jul 05 19:01:33 hostname gnome-remote-de[1708]: Unable to check file descriptor, closing connection
Jul 05 19:01:42 hostname org.gnome.Software.desktop[3575]: [19:01:42:481] [3575:3929] [ERROR][com.freerdp.core.connection] - Timeout waiting for activation
This appears to be the same issue as https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/86
however those changes do appear to have made it into debian's libfreerdp-server.
-- System Information:
Debian Release: 12.0
APT prefers stable-security
APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.3.8-nr44-x13al-r1686793823 (SMP w/12 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN, TAINT_UNSIGNED_MODULE
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages gnome-remote-desktop depends on:
ii dconf-gsettings-backend [gsettings-backend] 0.40.0-4
ii fuse3 3.14.0-4
ii init-system-helpers 1.65.2
ii libc6 2.36-9
ii libcairo2 1.16.0-7
ii libepoxy0 1.5.10-1
ii libfreerdp-server2-2 2.10.0+dfsg1-1
ii libfreerdp2-2 2.10.0+dfsg1-1
ii libfuse3-3 3.14.0-4
ii libglib2.0-0 2.74.6-2
ii libmutter-11-0 43.4-2
ii libnotify4 0.8.1-1
ii libpipewire-0.3-0 0.3.65-3
ii libsecret-1-0 0.20.5-3
ii libtss2-esys-3.0.2-0 3.2.1-3
ii libtss2-mu0 3.2.1-3
ii libtss2-rc0 3.2.1-3
ii libtss2-tctildr0 3.2.1-3
ii libwinpr2-2 2.10.0+dfsg1-1
ii libxkbcommon0 1.5.0-1
ii pipewire 0.3.65-3
ii wireplumber 0.4.13-1
gnome-remote-desktop recommends no packages.
gnome-remote-desktop suggests no packages.
-- no debconf information
Version: 43.3-1
Severity: important
Dear Maintainer,
g-r-d's built in RDP server does not work. I have simply just enabled it in gnome-settings,
and then attempted to connect. Connecting from either Remmina or Windows 10's MSTSC.exe fails.
The following messages are seen in the logs when launching freshly installed remmina and
attemping connection to "localhost". The errors are the same from a different machine,
this method was chosen to condense the logs.
Jul 05 19:01:22 hostname systemd[1506]: Started app-gnome-org.remmina.Remmina-3920.scope - Application launched by gnome-shell.
Jul 05 19:01:22 hostname remmina[3925]: Remmina does not log all output statements. Turn on more verbose output by using "G_MESSAGES_DEBUG=all" as an environment variable.
More info available on the Remmina wiki at:
https://gitlab.com/Remmina/Remmina/-/wikis/Usage/Remmina-debugging
Jul 05 19:01:22 hostname org.remmina.Remmina.desktop[3925]: Load modules from /usr/lib/x86_64-linux-gnu/remmina/plugins
Jul 05 19:01:22 hostname org.remmina.Remmina.desktop[3925]: Remmina plugin glibsecret (type=Secret) has been registered, but is not yet initialized/activated. The initialization order is 2000.
Jul 05 19:01:22 hostname org.remmina.Remmina.desktop[3925]: The glibsecret secret plugin has been initialized and it will be your default secret plugin
Jul 05 19:01:22 hostname remmina[3575]: gtk_menu_attach_to_widget(): menu already attached to GtkMenuItem
Jul 05 19:01:28 hostname org.gnome.Software.desktop[3575]: [19:01:28:082] [3575:3929] [WARN][com.freerdp.crypto] - Certificate verification failure 'self-signed certificate (18)' at stack position 0
Jul 05 19:01:28 hostname org.gnome.Software.desktop[3575]: [19:01:28:082] [3575:3929] [WARN][com.freerdp.crypto] - CN = GNOME, C = US
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:469] [1708:3943] [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_CONTINUE_NEEDED [0x00090312]
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:570] [1708:3943] [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_COMPLETE_NEEDED [0x00090313]
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:570] [1708:3943] [ERROR][com.winpr.sspi.NTLM] - Message Integrity Check (MIC) verification failed!
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:570] [1708:3943] [WARN][com.winpr.sspi] - CompleteAuthToken status SEC_E_MESSAGE_ALTERED [0x8009030F]
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:570] [1708:3943] [WARN][com.freerdp.core.nla] - CompleteAuthToken status SEC_E_MESSAGE_ALTERED [0x8009030F]
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:570] [1708:3943] [ERROR][com.freerdp.core.transport] - client authentication failure
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:570] [1708:3943] [ERROR][com.freerdp.core.peer] - peer_recv_callback: CONNECTION_STATE_INITIAL - rdp_server_accept_nego() fail
Jul 05 19:01:33 hostname gnome-remote-desktop-daemon[1708]: [19:01:33:570] [1708:3943] [ERROR][com.freerdp.core.transport] - transport_check_fds: transport->ReceiveCallback() - -1
Jul 05 19:01:33 hostname gnome-remote-de[1708]: Unable to check file descriptor, closing connection
Jul 05 19:01:42 hostname org.gnome.Software.desktop[3575]: [19:01:42:481] [3575:3929] [ERROR][com.freerdp.core.connection] - Timeout waiting for activation
This appears to be the same issue as https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/86
however those changes do appear to have made it into debian's libfreerdp-server.
-- System Information:
Debian Release: 12.0
APT prefers stable-security
APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.3.8-nr44-x13al-r1686793823 (SMP w/12 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN, TAINT_UNSIGNED_MODULE
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages gnome-remote-desktop depends on:
ii dconf-gsettings-backend [gsettings-backend] 0.40.0-4
ii fuse3 3.14.0-4
ii init-system-helpers 1.65.2
ii libc6 2.36-9
ii libcairo2 1.16.0-7
ii libepoxy0 1.5.10-1
ii libfreerdp-server2-2 2.10.0+dfsg1-1
ii libfreerdp2-2 2.10.0+dfsg1-1
ii libfuse3-3 3.14.0-4
ii libglib2.0-0 2.74.6-2
ii libmutter-11-0 43.4-2
ii libnotify4 0.8.1-1
ii libpipewire-0.3-0 0.3.65-3
ii libsecret-1-0 0.20.5-3
ii libtss2-esys-3.0.2-0 3.2.1-3
ii libtss2-mu0 3.2.1-3
ii libtss2-rc0 3.2.1-3
ii libtss2-tctildr0 3.2.1-3
ii libwinpr2-2 2.10.0+dfsg1-1
ii libxkbcommon0 1.5.0-1
ii pipewire 0.3.65-3
ii wireplumber 0.4.13-1
gnome-remote-desktop recommends no packages.
gnome-remote-desktop suggests no packages.
-- no debconf information
Timo Lindfors
Oct 4, 2023, 8:30:05 AM10/4/23
to
Hi,
> g-r-d's built in RDP server does not work
I got the same error message when I used the wrong password by accident.
When I started using the correct password I was able to use RDP again.
This is with vanilla Debian 12 and gnome.
I would try with an alphanumeric password and verify that it matches the
output of
secret-tool lookup xdg:schema org.gnome.RemoteDesktop.RdpCredentials
-Timo
> g-r-d's built in RDP server does not work
When I started using the correct password I was able to use RDP again.
This is with vanilla Debian 12 and gnome.
I would try with an alphanumeric password and verify that it matches the
output of
secret-tool lookup xdg:schema org.gnome.RemoteDesktop.RdpCredentials
-Timo
0 new messages