I am wondering which is the best/easiest way to set up a remote access solution for an Endeavour OS to Endeavour OS session?
I’ve tried installing/enabling the krdp module to get the server on the PC (my media server) I want to remote into and that’s a complete disaster -which is probably my own fault.
I tried to put GUFW on 1 of the PC’s running EndeavourOS (my desktop).
I have since removed it.
However, the built in kde firewall is not acting like a normal firewall in that i might take me 4 times or more to get the thing enabled.
Also, and maybe I do not understand the way it works but, if I add a port - let says 3189 just for fun
it is allow in/out or reject in/out…If I want to say allow in and but reject out it does not allow that, as soon as I select allow or reject on one direction the other one switches to that action also.
SO, if I add a port and the default is reject, I change the in to allow and the out automatically chanegs to allow also, I cannot have one say allow and the other reject.
IS this normal for this firewall?
I always used gufw in the past because it just worked all the time and was easy to manage.
Does it matter if I use the built in firewall or GUFW?
OK-since you reacted in this way–I deleted all the rules I created using the kde system settings tool, and click reset to defaults, but left the firewall enabled.
Then I search through the start menu, found a firewall app/not a kde settings module, and opened it where I saw different zones, apps to choose from, a place to add ports etc.
So, I checked RDP and added port 8096.
Nothing was accessible–I was getting page cannot be displayed error in browser when trying to load the Jellyfin home page and RDP is saying it cannot connect to the server.
I change my eth and IO to trusted and Jellyfin’s home page is now able to load but RDP still not working.
I setup the RDP via the KDE SYSTEMS settings also by installation the krdp package.
I am seeing all over the web where remote access does not work with the old tools because of Wayland so I haven’t even tried FreeRDP or xrdp or NX or any of the others.
I just uninstalled krdp since I found a site saying that krdc is the default KDE RDP app.
There is SO much old information out there on some websites that do not ahve a date on them…sigh…
After a bit of reading I got my connection set to home and have allowed port 8096 and that’s working. SO, I can get to my JellyFin servers home page now.
I uninstalled Krdp because I’ve been reading about lots of people having issues with it.
I am open to suggestions for a remote access server/client to get from EOS-PC#1 to EOS-PC#2
Sorry you’re having issues with krdp, it really is very nice and works well once you get the firewall set up to allow it to work properly. You will have to be logged in to a session already for rdp to be running as it starts with your session. To login remotely you will have to use a separate solution. The only help I can offer is to explain how I set mine up.
To separate the firewall issues from the RDP issues I would recommend first getting it all running with the firewall on the server turned off. Once you’ve got it running you can turn the firewall back on and and as @dalto said make sure the rdp service is checked on the server.
To set it up from the server:
log into your user session and temporarily disable the firewall sudo systemctl stop firewalld
from System Settings > Remote Desktop add an RDP user and set a password. Note the user does not have to the same as the session user, this user is only used to authenticate the RDP session
Enable the server and make sure autostart at login is checked.
From the Client:
start KRDC and from the connect to box, making sure rdp is set at the protocol connect to @
enter your password when prompted
The first time you run this a dialog will pop up on the server asking you to select the wayland screen you are sharing, select the appropriate one and you should then see your remote session on the client.
If this all works you can now re-enable firewalld on the server and make sure that the rdp service is checked. If this doesn’t work make sure your zones are correct.
To log into the server you will have to use some type of VNC server as sddm does not support remote login out of the box. If you sddm is using xorg something like tigerVNC should work, but i would recommend ssh tunneling as by itself vnc is not secure. If you want to use wayland with sddm you will have to get creative. I use sway for my compositor and use wayvnc via an ssh tunnel.
So my workflow is:
connect to the server via wayvnc to log into my session. Logging in kills the vnc connection
next use the KDE RDPserver session to remote control my desktop.
Convoluted, but at the moment KDE does not support remote login only remote desktop session. Gnome currently allows you to use RDP for both remote login and remote desktop session.
Rustdesk also works very well, however it does not support remote login with a wayland session, and it’s likely best to set up your own remote ID and Relay server rather than using the limited public ones. (again only sharing what I’ve done). Other solutions I’ve used are Nomachine, but lately it’s had issues with KDE wayland so I no longer recommend that for KDE, but work great to connect to windows, as does Rustdesk.
Feel free to ping me if you need any help. The only thing I’ve left out of the above is that I also use tailscale to get around the firewall issues completely as I put tailscale into my trusted zone. If you’re going to be doing this with more than a couple of machines especially if they are outside your local lan tailscale is great!
I have just 2 linux boxes, in the same home office, as well as 2016WinSrv.
I just want to access these 2 PC’s (Linux media server/Windows file/backup server) from my home desktop (Linux).
I have accomplished that due to your disable the firewall suggestion.
I am unsure if I want to re-enable the firewall.
I am already protected by the hardware firewall that serves as my router/gateway/firewall (PF sense) and a bunch of DNS blocking and malicious URL block-list using pfblockerng.
I feel like a firewall on every home network PC is a bit much. I leave the Windows ones enable because they are by default and they rarely cause any interruptions they have so many ports open by default. The Linux firewall is a different beast since they went with the dynamic firewalld. I am used to using UFW (GUFW) which is pretty simple but it actually OPENS the ports, it doesn’t just allow something through whenever it is needed and then close the port again. This is alien to me and I am still trying to rap my head around how it works. IS it using port knocking or something? Does it detect and react to protocols and majically open a port if it is the correct protocol-I have no clue and haven’t had the time to do any in-depth reading.
Either-way, I wanted to thank you very much as I have it all working.
I might try to enable both firewalls on the Linux PC’s but not right now for sure. I need to read some and then experiment when I have 5 days off or something. I got 5 days off in October so that’s when I am planning on getting it all working with the firewall enabled.
Remote login with RustDesk works just fine if you have session active and locked. That’s how I’ve set up my PC, on boot my user is automatically logged in and lockscreen is activated once it boots up. I can login remotely using which ever device.
