1WESTON-RDP(7) Miscellaneous Information Manual WESTON-RDP(7)
2
3
4
6 weston-rdp - the RDP backend for Weston
7
9 weston --backend=rdp
10
12 The RDP backend allows to run a weston environment without the need of
13 specific graphic hardware, or input devices. Users can interact with
14 weston only by connecting using the RDP protocol.
15
16 The RDP backend uses FreeRDP to implement the RDP part, it acts as a
17 RDP server listening for incoming connections. It supports different
18 codecs for encoding the graphical content. Depending on what is sup‐
19 ported by the RDP client, the backend will encode images using remoteFx
20 codec, NS codec or will fallback to raw bitmapUpdate.
21
22 On the security part, the backend supports RDP security or TLS, keys
23 and certificates must be provided to the backend depending on which
24 kind of security is requested. The RDP backend will announce security
25 options based on which files have been given.
26
27 The RDP backend is multi-seat aware, so if two clients connect on the
28 backend, they will get their own seat.
29
30
32 The RDP backend uses the following entries from weston.ini.
33
34 Section rdp
35 refresh-rate=rate
36 Specifies the desktop redraw rate in Hz. If unspecified, the de‐
37 fault is 60Hz. Changing this may be useful if you have a faster
38 than 60Hz display, or if you want to reduce updates to reduce
39 network traffic.
40
41
42
44 When the RDP backend is loaded, weston will understand the following
45 additional command line options.
46
47 --address=address
48 The IP address on which the RDP backend will listen for RDP con‐
49 nections. By default it listens on 0.0.0.0.
50
51 --port=port
52 The TCP port to listen on for connections, it defaults to 3389.
53
54 --no-clients-resize
55 By default when a client connects on the RDP backend, it will
56 instruct weston to resize to the dimensions of the client's an‐
57 nounced resolution. When this option is set, weston will force
58 the client to resize to its own resolution.
59
60 --no-remotefx-codec
61 The RemoteFX compression codec is enabled by default, but it may
62 be necessary to disable it to work around incompatabilities be‐
63 tween implementations. This option may be removed in the future
64 when all known issues are resolved.
65
66 --rdp4-key=file
67 The file containing the RSA key for doing RDP security. As RDP
68 security is known to be insecure, this option should be avoided
69 in production.
70
71 --rdp-tls-key=file
72 The file containing the key for doing TLS security. To have TLS
73 security you also need to ship a file containing a certificate.
74
75 --rdp-tls-cert=file
76 The file containing the certificate for doing TLS security. To
77 have TLS security you also need to ship a key file.
78
79 --external-listener-fd=fd
80 Specifies a file descriptor inherited from the process that
81 launched weston to be listened on for client connections. Only
82 local (such as AF_VSOCK) sockets should be used, as this will be
83 considered to be a local connection by the RDP backend, and TLS
84 and RDP security will be bypassed.
85
86
87
89 To generate a key file to use for RDP security, you need the winpr-
90 makecert utility shipped with FreeRDP:
91
92 $ winpr-makecert -rdp -silent -n rdp-security
93
94 This will create a rdp-security.key file.
95
96
97 You can generate a key and certificate file to use with TLS security
98 using a typical openssl invocations:
99
100 $ openssl genrsa -out tls.key 2048
101 Generating RSA private key, 2048 bit long modulus
102 [...]
103 $ openssl req -new -key tls.key -out tls.csr
104 [...]
105 $ openssl x509 -req -days 365 -signkey tls.key -in tls.csr -out tls.crt
106 [...]
107
108 You will get the tls.key and tls.crt files to use with the RDP backend.
109
111 weston(1)
112
113
114
115Weston 12.0.2 2017-12-14 WESTON-RDP(7)