LINUX, FOSS AND LIBRARY TECHNOLOGY ENTHUSIAST

Thursday, December 29, 2022

RustDesk: A self-hosted AnyDesk/TeamViewer Alternative

0 comments

RustDesk is an open source, remote desktop system that gives you control of your own server, and client software. If you've ever used TeamViewer, AnyDesk, Remotely, and a whole host of other options, then you'll understand exactly what RustDesk is.  It's remote access / remote support software.  The beauty of RustDesk is that it's just been re-written, and the server and client are now fully open source, and free to use.

Server requirements
  • A linux server (CentOS/Ubuntu/Debian)
  • 1 CPU 
  • 1 GB RAM
  • 10 GB disk

How to Install the server

Deploy a server from any VPS providers & connect to your server and point your IP to your domain, here I created one sub-domain from domain ie, rustdusk and maped the IP from my DNS settings

ssh root@youripaddress

Update Debian using apt

apt update && apt upgrade -y

Install few required packages not available with Debian by default. 
 
apt install -y software-properties-common dirmngr file-roller unzip wget gnupg git curl vim tmux ufw sudo

Create a user and make it a sudo user

adduser rustdesk
adduser rustdesk sudo

Please setup your firewall on your server prior to running the script.

Configure the firewall

ufw allow 22/tcp
ufw allow 21115:21119/tcp
ufw allow 8000/tcp
ufw allow 21116/udp
ufw enable
systemctl start ufw

Copy ssh key from root to the new user directory

mkdir -p /home/rustdesk/.ssh

cp ./.ssh/* /home/rustdesk/.ssh/

Change the ownership

chown -R rustdesk:rustdesk /home/rustdesk/.ssh/

Reboot the server and reconnect as the new user

ssh rustdesk@youripaddress

Run the following commands:

wget -O install-docker.sh  https://gitlab.com/bmcgonag/docker_installs/-/raw/main/install_docker_nproxyman.sh

chmod +x install-docker.sh

./install-docker.sh

Create rustdesk directory under docker directory

cd docker && mkdir rustdesk && cd rustdesk

Create a file called "docker-compose.yml" and copy paste the following lines

nano docker-compose.yml

version: '3'

networks:
  rustdesk-net:
    external: false

services:
  hbbs:
    container_name: hbbs
    ports:
      - 21115:21115
      - 21116:21116
      - 21116:21116/udp
      - 21118:21118
    image: rustdesk/rustdesk-server:latest
    command: hbbs -r rustdesk.opensio.co.in:21117
    volumes:
      - ./hbbs:/root
    networks:
      - rustdesk-net
    depends_on:
      - hbbr
    restart: unless-stopped

  hbbr:
    container_name: hbbr
    ports:
      - 21117:21117
      - 21119:21119
    image: rustdesk/rustdesk-server:latest
    command: hbbr
    volumes:
      - ./hbbr:/root
    networks:
      - rustdesk-net
    restart: unless-stopped

Starting the Server

Presuming that you've done all of the necessary setup steps above, you can now run the server with the command:

docker-compose up -d

NOTE: you have to be in the rustdesk folder / directory when you run the above command.
Once you get a "done" message in the terminal, you can check the run logs with

docker-compose logs -f

Now you need to get the RustDesk client downloaded and installed on your desire client machines.

Go to RustDesk.com and click the Download button.

Once downloaded, if you need to run the installer, run it per your Distros requirements.  Windows is a zipped file, with an executable inside, so extract the file, then run the .exe to install.

Once you run the client it will connect to the RustDesk default servers.  You'll see an ID number and passcode (hidden by default).  Next to the ID you'll see a 3-dot icon. Click it, and select "ID/Relay Server".


In the pop-up window, will in the domain / sub-domain of your server, with the port in the first blank marked ID Server:


Finally, when you click 'Ok', you should see the message at the bottom of the main RustDesk client window go to "Ready" as shown below.

Security

The RustDesk documentation covers a few key security topics. You will be running unencrypted if you continue to use RustDesk in the manner shown so far. This is probably good for a private network (local-only network), but if you want to use RustDesk online, you should follow the additional instructions in their documentation to make sure your connection is secured.

First, on your server, go to the folder inside the rustdesk folder called "hbbs"

cd ~/docker/rustdesk/hbbs

Next, look at the contents of the file called "id_ed25519.pub" with

nano id_ed25519.pub

Copy the key that is inside this file, and then make sure to enter this key in the 'Key' field on all of your RustDesk clients.  Now, when you connect two clients together that both have the same server URL, and the same key value, they will communicate via an encrypted connection.

How can I prevent other people from accessing my RustDesk server?

cd..
nano docker-compose.yml

Append your secret key to the yml file


Restart your docker containers with your new changes by simply running:

docker-compose up -d

again, and then test your system.  If you try to connect to your server from a client without the key setup on the client as well, it should no longer connect.

This does 2 things.
  • It makes certain that your clients are connecting using the key and encryption.
  • No one without your key can connect through your server.

Reference:

No comments:

Post a Comment