banner
xingli

xingli

猫娘爱好者
HomeArchivesLinux

RustDesk Setup Tutorial

109
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
RustDesk is a free and open-source remote desktop software that supports MacOS, Windows, and Android. Users can control their data and security by using official or self-hosted servers. The software can be deployed using Docker and DockerCompose, and clients can connect by providing the correct public key. The software can be configured for remote access and control, with options for manual or automatic setup. Ports used for different components are specified for communication.

Introduction#

RustDesk is an out-of-the-box open-source and free remote desktop software for all platforms, including MacOS, Windows, and Android clients. It can replace remote desktop services such as "Sunflower Remote Desktop" and "ToDesk", allowing you to have full control over your data without worrying about security issues. You can choose to use the official registration/relay server or set up your own server, or even develop your own version based on the official code.

Deploying the Service#

Environment Preparation#

  1. The server needs to have Docker and DockerCompose installed.

  2. Create persistent directories and compose description files.

image

# Create folders
mkdir -p /home/rustdesk-server
cd /home/rustdesk-server
mkdir hbbr
mkdir hbbs 
# Create description file and paste the contents of step 3
vim docker-compose.yml

version: '3'

networks:
  rustdesk-net:
    external: false

services:
  hbbs:
    container_name: rustdesk-hbbs
    ports:
      - 21115:21115
      - 21116:21116
      - 21116:21116/udp
      - 21118:21118
    image: rustdesk/rustdesk-server:latest
    # Please change www.xxxaaa.cn:21117 to your own domain name
    # If you want to prevent users without a key from establishing unencrypted connections, add -k _ when running hbbs and hbbr
    command: hbbs -r www.xxxaaa.cn:21117 -k _
    volumes:
      - ./hbbs:/root
    networks:
      - rustdesk-net
    depends_on:
      - hbbr
    restart: unless-stopped

  hbbr:
    container_name: rustdesk-hbbr
    ports:
      - 21117:21117
      - 21119:21119
    image: rustdesk/rustdesk-server:latest
    command: hbbr
    volumes:
      - ./hbbr:/root
    networks:
      - rustdesk-net
    restart: unless-stopped

Running the Containers#

Common docker-compose commands:

# Run the containers
docker-compose up -d
# Stop the containers
docker-compose stop
# Start the containers
docker-compose start
# Restart the containers
docker-compose restart
# Take down (delete) the containers. Deleting the containers will not cause data loss, as your database is saved in the data folder in the current directory. Please keep this directory safe.
docker-compose down

Viewing the Server Public Key#

In the above docker-compose file, it has been declared that forced key encryption authentication is enabled, and all devices that need to connect to the server must provide the correct public key to connect successfully.

Here is the directory structure of the folder where the docker-compose file is located:

.
├── docker-compose.yml
├── hbbr
│   ├── id_ed25519
│   └── id_ed25519.pub
└── hbbs
    ├── db_v2.sqlite3
    ├── db_v2.sqlite3-shm
    ├── db_v2.sqlite3-wal
    ├── id_ed25519
    └── id_ed25519.pub

After the container is started, the public and private keys will be automatically generated. We need to copy the string inside the id_ed25519.pub file in the hbbs directory. This is the credential we need to connect to the server.

If you need to change the key and public key, simply delete the id_ed25519.pub and id_ed25519 files in the hbbs folder and restart the container to automatically regenerate them.

Configuring the Client#

General Configuration#

Note: The controlled end only needs to fill in the server IP address, while the controlling end needs to fill in the key to initiate the connection.

In the settings interface of the client, we can enter the server IP address and the key file. After saving, the client will prompt that it is ready.

image

image

Automatic Configuration#

Key verification is only required when initiating a connection from the controlling end.

This way, we can send the controlled end to anyone without worrying about key leakage or unauthorized users initiating connections.

After setting up, we can send the controlled end to the person we want to remotely assist, and they don't need to do any configuration. They just need to open the software and send us the software's ID and password, and we can remotely access their device.

If you need unattended access, that is, automatically running the remote software on startup to facilitate remote connections, you can directly open the controlled end software, click install, and the software and configuration will be installed on the device together.

If you want the client to run without manually entering the relay address and key, you can achieve this by modifying the filename of the client.

We rename the client:
Controlled end
host=ServerIP,key=IncorrectKeyContent.exe
For example: host=129.129.33.8,key=111.exe

Controlling end
host=ServerIP,key=CorrectKeyContent.exe
For example: host=129.129.33.8,key=4uZtPIYe4y344NP3IVc5SxRzKeiNn2lfen4tEY=.exe

Note#

Port Description#

ComponentFunctionUsed Ports
hbbsRustDesk ID Registration Server21115(tcp): Used for NAT type testing
21116(udp): Used for ID registration and heartbeat service
21116(tcp): Used for TCP hole punching and connection service
hbbrRustDesk Relay Server21117(tcp): Used for relay service
Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.