oh interesting, how do you now which is active? or are they both always active? oh it is as simple as using or not using
--system
!
What I want in the system variant because I want to start a session, and then have it remain active when I disconnect (and then resume when I reconnect)
Current status, which I think is what I want:
# user mode (not what I want, and correctly disabled)
❯ sudo grdctl status
[20:09:30:740] [38020:00009484] [ERROR][com.freerdp.crypto] - [x509_utils_from_pem]: BIO_new failed for certificate
RDP server certificate is invalid.
Failed to lookup legacy VNC password schema: Cannot autolaunch D-Bus without X11 $DISPLAY
Status: disabled
Port: 3389
TLS certificate:
TLS fingerprint: (null)
TLS key:
View-only: yes
Negotiate port: yes
Failed to read credentials: Cannot autolaunch D-Bus without X11 $DISPLAY.
and then system, which is enabled, has the cert, etc.
❯ sudo grdctl --system status
Init TPM credentials failed because No TPM device found, using GKeyFile as fallback.
Overall:
Unit status: active
Status: enabled
Port: 3389
TLS certificate: /var/lib/gnome-remote-desktop/rdp-tls.crt
TLS fingerprint: f1:db:60:79:75:40:97:84:63:ef:5f:bc:43:6b:b9:5d:81:f8:df:bc:24:d6:e9:92:6c:b1:8d:1b:25:91:fa:b4
TLS key: /var/lib/gnome-remote-desktop/rdp-tls.key
Username: (hidden)
Password: (hidden)
(however, I still cannot connect from an rdp client)
❯ systemctl --system status gnome-remote-desktop.service
Warning: The unit file, source configuration file or drop-ins of gnome-remote-desktop.service ch>
● gnome-remote-desktop.service - GNOME Remote Desktop
Loaded: loaded (/usr/lib/systemd/system/gnome-remote-desktop.service; enabled; preset: enab>
Active: active (running) since Sun 2024-11-10 20:08:15 EST; 4min 24s ago
Invocation: 267ea8b02fba430f8eece4b1275b1b84
Main PID: 37393 (gnome-remote-de)
Tasks: 4 (limit: 8634)
Memory: 3.1M (peak: 4M)
CPU: 29ms
CGroup: /system.slice/gnome-remote-desktop.service
└─37393 /usr/libexec/gnome-remote-desktop-daemon --system
Nov 10 20:08:15 Calypso systemd[1]: Starting gnome-remote-desktop.service - GNOME Remote Desktop>
Nov 10 20:08:15 Calypso gnome-remote-de[37393]: Init TPM credentials failed because No TPM devic>
Nov 10 20:08:15 Calypso systemd[1]: Started gnome-remote-desktop.service - GNOME Remote Desktop.
Nov 10 20:08:15 Calypso gnome-remote-de[37393]: RDP server started
Verify the following using the diagnostic commands given above:
ss and systemctl status should return the same PID.
grdctl and the client app should show the same fingerprint.
Also check the credentials like this:
sudo -u gnome-remote-desktop cat \
~gnome-remote-desktop/.local/share/\
gnome-remote-desktop/credentials.ini
If everything is correct, but the problem persists:
Start monitoring the server side log and try connecting the client:
journalctl -f -u gnome-remote-desktop.service
Capture the relevant traffic on the server:
sudo tcpdump -nni any tcp port 3389
Try using a different client app.
Start monitoring the server side log and try connecting the client:
Ah, these logs are good stuff.
They reveal that I do have a problem:
Nov 10 21:07:21 Calypso gnome-remote-desktop-daemon[37393]: [21:07:21:767] [37393:0000fdd5] [ERROR][com.winpr.sspi.NTLM] - [ntlm_read_AuthenticateMessage]: Message Integrity Check (MIC) verification failed!
Nov 10 21:07:21 Calypso gnome-remote-desktop-daemon[37393]: [21:07:21:767] [37393:0000fdd5] [WARN][com.winpr.sspi] - [winpr_AcceptSecurityContext]: AcceptSecurityContext status SEC_E_MESSAGE_ALTERED [0x8009030F]
Nov 10 21:07:21 Calypso gnome-remote-desktop-daemon[37393]: [21:07:21:767] [37393:0000fdd5] [ERROR][com.freerdp.core.auth] - [credssp_auth_authenticate]: AcceptSecurityContext failed with SEC_E_MESSAGE_ALTERED [0x8009030F]
Nov 10 21:07:21 Calypso gnome-remote-desktop-daemon[37393]: [21:07:21:767] [37393:0000fdd5] [ERROR][com.freerdp.core.transport] - [transport_accept_nla]: client authentication failure
Nov 10 21:07:21 Calypso gnome-remote-desktop-daemon[37393]: [21:07:21:767] [37393:0000fdd5] [ERROR][com.freerdp.core.peer] - [peer_recv_callback_internal]: CONNECTION_STATE_NEGO - rdp_server_accept_nego() fail
Nov 10 21:07:21 Calypso gnome-remote-desktop-daemon[37393]: [21:07:21:767] [37393:0000fdd5] [ERROR][com.freerdp.core.transport] - [transport_check_fds]: transport_check_fds: transport->ReceiveCallback() - STATE_RUN_FAILED [-1]
Nov 10 21:07:21 Calypso gnome-remote-de[37393]: [RDP] Network or intentional disconnect, stopping session
So, Message Integrity Check verification failed. That’s the first thing. 
I am able to use remmina, but I had an issue likely with openssl3 upgrade losing legacy ciphers #1079091 - gnome-remote-desktop: I cannot login to grd 46.4-1 RDP share desktop - Debian Bug report logs
It would be interesting to know if these legacy ciphers are only required when using remmina and no Gnome Connexion
Could be another issue alos because I don’t szee this initial line in your logs when connecting with remmina
août 20 03:46:59 hermes gnome-remote-desktop-daemon[483181]: [03:46:59:209] [483181:00075f6d] [ERROR][com.winpr.crypto.hash] - [winpr_Digest_Init_Internal]: Failed to initialize digest md4
I do not know if this could help you guys. I came to this post because i had “the same issue as you do”. I have found my answer to this problem.
I have your version of software:
When i have tried to setup this i was confused and i have enabled and configured the Desktop sharing option
After a few days without answer about how to make the problem work i have disabled the Desktop sharing because it was a loop of troubles (the same you have here)
My answer was enable the Remote Login option instead, i have configured a username and password and it works like a charm now.
Now my grdctl status shows the service as disabled:
Conclusion:
For those like me that were trying to use “Desktop Sharing” … STOP, just use “Remote Login” and it will be fine.
