GO Remote Desktop Gateway
⭐ Star us on GitHub — it helps!
RDPGW is an implementation of the Remote Desktop Gateway protocol. This allows you to connect with the official Microsoft clients to remote desktops over HTTPS. These desktops could be, for example, XRDP desktops running in containers on Kubernetes.
AIM
RDPGW aims to provide a full open source replacement for MS Remote Desktop Gateway, including access policies.
How to build
cd rdpgw
go build -o rdpgw .Configuration
By default the configuration is read from rdpgw.yaml. Below is a
template.
# web server configuration.
server:
# TLS certificate files (required)
certFile: server.pem
keyFile: key.pem
# gateway address advertised in the rdp files
gatewayAddress: localhost
# port to listen on
port: 443
# list of acceptable desktop hosts to connect to
hosts:
- localhost:3389
- my-{{ preferred_username }}-host:3389
# Allow the user to connect to any host (insecure)
- any
# if true the server randomly selects a host to connect to
roundRobin: false
# Open ID Connect specific settings
openId:
providerUrl: http://keycloak/auth/realms/test
clientId: rdpgw
clientSecret: your-secret
# enabled / disabled capabilities
caps:
SmartCardAuth: false
tokenAuth: true
# connection timeout in minutes, 0 is limitless
idleTimeout: 10
EnablePrinter: true
EnablePort: true
EnablePnp: true
EnableDrive: true
EnableClipboard: trueUse
Point your browser to https://your-gateway/connect. After authentication
and RDP file will download to your desktop. This file can be opened by one
of the remote desktop clients and it will try to connect to the gateway and
desktop host behind it.
TODO
- Integrate Open Policy Agent
- Integrate GOKRB5
- Integrate uber-go/zap
- Integrate prometheus
- Research: TLS defragmentation