How to RDP from CentOS 6 using Network Level Auth

by on October 1, 2013 at 3:22 pm

Connecting from CentOS 6 to Windows Server 2008 R2 used to be impossible if you had Network Level Authentication required on your Windows Servers. However, the latest version of rdesktop (1.8 as of this writing) finally integrates NLA. Unfortunately, if you’re using CentOS 6 or Red Hat Enterprise Linux 6, the newest version is not currently available from the EPEL or base repos.   In this article I’m going to show you how to build and install the software so it works correctly.

Prerequisites:  both your CentOS/RHEL server and Windows Server must be part of an Active Directory Domain (or other Domain) so you can initialize a Kerberos ticket.

The latest source from rdesktop needs to be downloaded from here.

First, we need to install the build tools (make, gcc, etc) before we can compile the software.  The easiest way to do this is install the Development Tools package group:  yum groupinstall ‘Development Tools’

After the install of those packages complete, we also need to install libgssglue-devel package:  yum install libgssglue-devel

After you’ve download the source, untar it as follows: tar zxvf <filename>

After the archive has been unpacked, cd into the directory.

Run ./configure –disable-smartcard

If you require smartcard integration, you should remove that option and install the necessary packages.  I don’t cover that here, nor have I tested it.

Run make && make install

The software should now be install successfully in /usr/local/bin

Now, to actually use this software, the Linux machine will have to be part of the Active Directory Domain so you can request a Kerberos tgt ticket.

If you have not already done so, you should join the domain.  See this article for more information: Join CentOS 6 to Active Directory Domain

Request the Kerberos Ticket:  kinit mydomainadmin

Note:  kinit is provided by the krb5-workstation package if you do not have that installed already.

Connect to your Windows Server as follows:   /usr/local/bin/rdesktop -g 80% -u mydomainuser -p – remoteserver

I prefer to use the -g 80% option as it creates an RDP window that is approximately 80% the size of your Linux desktop.  The -p - option instructs rdesktop to prompt for a password.

in CentOS, How-To, Red Hat

, , , , , ,

You can skip to the end and leave a response. Pinging is currently not allowed.