Provided by: weston_14.0.1-3_amd64 
NAME
weston-rdp - the RDP backend for Weston
SYNOPSIS
weston --backend=rdp
DESCRIPTION
The RDP backend allows to run a weston environment without the need of specific graphic hardware, or
input devices. Users can interact with weston only by connecting using the RDP protocol.
The RDP backend uses FreeRDP to implement the RDP part, it acts as a RDP server listening for incoming
connections. It supports different codecs for encoding the graphical content. Depending on what is
supported by the RDP client, the backend will encode images using remoteFx codec, NS codec or will
fallback to raw bitmapUpdate.
On the security part, the backend supports RDP security or TLS, keys and certificates must be provided to
the backend depending on which kind of security is requested. The RDP backend will announce security
options based on which files have been given.
The RDP backend is multi-seat aware, so if two clients connect on the backend, they will get their own
seat.
CONFIGURATION
The RDP backend uses the following entries from weston.ini.
Section rdp
refresh-rate=rate
Specifies the desktop redraw rate in Hz. If unspecified, the default is 60Hz. Changing this may be
useful if you have a faster than 60Hz display, or if you want to reduce updates to reduce network
traffic.
tls-key=file
The file containing the key for doing TLS security. To have TLS security you also need to ship a
file containing a certificate.
tls-cert=file
The file containing the certificate for doing TLS security. To have TLS security you also need to
ship a key file.
OPTIONS
When the RDP backend is loaded, weston will understand the following additional command line options.
--address=address
The IP address on which the RDP backend will listen for RDP connections. By default it listens on
0.0.0.0.
--port=port
The TCP port to listen on for connections, it defaults to 3389.
--no-clients-resize
By default when a client connects on the RDP backend, it will instruct weston to resize to the
dimensions of the client's announced resolution. When this option is set, weston will force the
client to resize to its own resolution.
--no-remotefx-codec
The RemoteFX compression codec is enabled by default, but it may be necessary to disable it to
work around incompatibilities between implementations. This option may be removed in the future
when all known issues are resolved.
--rdp4-key=file
The file containing the RSA key for doing RDP security. As RDP security is known to be insecure,
this option should be avoided in production.
--rdp-tls-key=file
The file containing the key for doing TLS security. To have TLS security you also need to ship a
file containing a certificate.
--rdp-tls-cert=file
The file containing the certificate for doing TLS security. To have TLS security you also need to
ship a key file.
--external-listener-fd=fd
Specifies a file descriptor inherited from the process that launched weston to be listened on for
client connections. Only local (such as AF_VSOCK) sockets should be used, as this will be
considered to be a local connection by the RDP backend, and TLS and RDP security will be bypassed.
Generating cryptographic material for the RDP backend
To generate a key file to use for RDP security, you need the winpr-makecert utility shipped with FreeRDP:
$ winpr-makecert -rdp -silent -n rdp-security
This will create a rdp-security.key file.
You can generate a key and certificate file to use with TLS security using a typical openssl invocations:
$ openssl genrsa -out tls.key 2048
Generating RSA private key, 2048 bit long modulus
[...]
$ openssl req -new -key tls.key -out tls.csr
[...]
$ openssl x509 -req -days 365 -signkey tls.key -in tls.csr -out tls.crt
[...]
You will get the tls.key and tls.crt files to use with the RDP backend.
SEE ALSO
weston(1)
Weston 14.0.1 2017-12-14 WESTON-RDP(7)