Configuring remote desktop access with gnome-remote-desktop

I’m new to Nix and can’t figure out how I am supposed to configure remote logins, sessions… through RDP for Gnome (already used this in Arch before). I assumed I would just be able to add this to my existing config:

  services.xserver = {
    enable = true;
    displayManager.gdm.enable = true;
    desktopManager.gnome.enable = true;
  };
  environment.systemPackages = with pkgs; [
     pkgs.gnome.gnome-remote-desktop
  ];
  services.gnome.gnome-remote-desktop.enable = true;

This gives me an error saying I need NLA authentication and client says I cant support it?

Using:

services.xrdp.enable = true;
services.xrdp.defaultWindowManager = " gnome-remote-desktop";
services.xrdp.openFirewall = true; 
networking.firewall.allowedTCPPorts = [ 3389 ];
networking.firewall.allowedUDPPorts = [ 3389 ];
Doesn't work.

Using gnome-remote-desktop.enable and xrdp.enable at the same time causes a conflict.

I tried various other sugggestions settings like:

  security.polkit.enable = true;
  security.polkit.extraConfig = ''
    polkit.addRule(function(action, subject) {
      if (
        subject.isInGroup("users")
          && (
            action.id == "org.freedesktop.login1.reboot" ||
            action.id == "org.freedesktop.login1.reboot-multiple-sessions" ||
            action.id == "org.freedesktop.login1.power-off" ||
            action.id == "org.freedesktop.login1.power-off-multiple-sessions"
          )
        )
      {
        return polkit.Result.YES;
      }
    })
  '';

What’s the correct way of setting this up. I just want to use gnome-remote-desktop to log in remotely with a username and password on a LAN for now. That’s it. Nothing fancy.

This is already enabled by default on GNOME.

I believe enabling the service in GNOME Control Center or using grdctl and then opening the firewall ports should be sufficient:

networking.firewall.allowedTCPPorts = [ 3389 ];
networking.firewall.allowedUDPPorts = [ 3389 ];

But I have not really tested it. We have an issue about that Documentation/feature: How to configure GNOME Remote Desktop · Issue #266774 · NixOS/nixpkgs · GitHub

2 Likes

I have a spare machine with a broken screen and I could access it with the following configuration:

  # Remote desktop
  services.xrdp.enable = true;
  services.xrdp.defaultWindowManager = "${pkgs.gnome.gnome-session}/bin/gnome-session";
  services.xrdp.openFirewall = true;

  # Disable the GNOME3/GDM auto-suspend feature that cannot be disabled in GUI!
  # If no user is logged in, the machine will power down after 20 minutes.
  systemd.targets.sleep.enable = false;
  systemd.targets.suspend.enable = false;
  systemd.targets.hibernate.enable = false;
  systemd.targets.hybrid-sleep.enable = false;

Without the second part, the machine was auto-suspending even though I was remotely connected. I could be remembering wrong, though, as it`s been a while since I last used this.

1 Like

Thanks both for replying. Not sure if it changes things but I’m using the newest stable version of gnome with gdm and wayland + I do have a working screen but I also want to go remote some times. What finally ended up working for me was this (found a guide for Fedora on the same issue):

  environment.systemPackages = with pkgs; [
     pkgs.gnome.gnome-remote-desktop
  ];
services.gnome.gnome-remote-desktop.enable = true; #(would not want to work without this)

and this

sudo systemctl restart gnome-remote-desktop.service
sudo grdctl --system rdp enable

sudo rm -rf ~gnome-remote-desktop/rdp-tls*
sudo -u gnome-remote-desktop winpr-makecert     -silent -rdp -path ~gnome-remote-desktop rdp-tls

sudo grdctl --system rdp set-tls-key /var/lib/gnome-remote-desktop/rdp-tls.key
sudo grdctl --system rdp set-tls-cert /var/lib/gnome-remote-desktop/rdp-tls.crt

sudo systemctl daemon-reload
sudo systemctl enable --now gnome-remote-desktop.service
sudo grdctl --system rdp set-credentials "name" "password"

sudo systemctl restart gnome-remote-desktop.service
sudo systemctl status gnome-remote-desktop.service```
1 Like