Remote Labs: RDP over SSH

RDP (Remote Desktop Protocol), invented by Microsoft, makes a workstation-style desktop available to a remote system. By default it is not secure, so we require that it be tunnelled over SSH.

You will need a remote desktop client on your computer. For Windows 10, you can use Remote Desktop Connection, which is included in Windows. On MacOS, get Microsoft Remote Desktop from the Apple store. For Linux or UNIX variants, you can use remmina (with colour depth GFX RFX) or rdesktop, as supplied by your distribution.

To start an RDP session, or connect to an existing one:

  1. Open a terminal (on MacOS or Linux) or cmd (on Windows 10 1809 or later), and type ssh -L3388:localhost:3389
    Myutorid is your Teaching Labs name, usually the same as your UTORid. works too; use that if rdp1 is overloaded or broken.
  2. When prompted, log in using your Teaching Labs password.
  3. Once logged in, leave the ssh session running; don’t exit. It maintains a tunnel for your RDP client; if ssh disconnects or exits, so will your RDP session. It’s OK to iconify the terminal window, just be sure to leave it running.
  4. Start your remote desktop client and connect to localhost:3388. Log in using your Teaching Labs username and password.

You should now have a desktop session that looks more or less like a workstation in the labs. When you’re finished, log out in your usual way and your RDP client will exit; you can then terminate the ssh session, or leave it running and use it again later. If RDP or ssh exits when you didn’t want that (perhaps a network problem, perhaps your own computer rebooted), don’t worry; just reconnect, restarting the ssh tunnel if necessary, and you will be reconnected to the same session, with everything as you left it.

If you have an older version of Windows that doesn’t include ssh, or if you want to for some other reason, you can use putty instead:

  • In putty‘s config screen, enter hostname
  • Before pressing Open, go to SSH > Auth > Tunnels (at the lower left) and put 3388 in the Source port field and localhost:3389 in Destination.