Bug 2127469

Summary: Fedora remote desktop cannot be reached by rdesktop or any android based client
Product: [Fedora] Fedora Reporter: Roman Hodain <rhodain>
Component: gnome-remote-desktopAssignee: Jonas Ådahl <jadahl>
Status: CLOSED EOL QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 36CC: garrett.mitchener, gnome-sig, jadahl
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-05-25 16:51:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Screenshot of the UI for remote access none

Description Roman Hodain 2022-09-16 13:30:46 UTC 
User-Agent:       Mozilla/5.0 (X11; Linux x86_64; rv:104.0) Gecko/20100101 Firefox/104.0
Build Identifier: 

 cannot use the rdesktop for connecting to the fedora36 system. In this case rdesktop-1.9.0-8.fc36.x86_64. I also cannot connect from any android rdesktop client including the Microsoft one. I can use freerdp-2.8.0-1.fc36.x86_64

Reproducible: Always

Steps to Reproduce:
1. Enable remote desktop and remote control from the UI
2. Use rdesktop for the connection
Actual Results:  
$ rdesktop 10.44.130.45 -v -u rhodain -p 123456
Autoselecting keyboard map 'en-us' from locale
is_wm_active(): WM name: GNOM
Connecting to server using NLA...
Core(warning): Certificate received from server is NOT trusted by this system, an exception has been added by the user to trust this specific certificate.
TLS  Session info: (TLS1.3)-(ECDHE-X25519)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM)

Failed to initialize NLA, do you have correct Kerberos TGT initialized ?
Failed to connect using NLA, trying with SSL
Failed to connect, CredSSP required by server (check if server has disabled old TLS versions, if yes use -V option).

journal from the server:
Sep 16 15:24:16 rhodain-work-virt systemd[1442]: Starting gnome-remote-desktop.service - GNOME Remote Desktop...
Sep 16 15:24:16 rhodain-work-virt systemd[1442]: Started gnome-remote-desktop.service - GNOME Remote Desktop.
Sep 16 15:24:17 rhodain-work-virt gnome-remote-de[5727]: RDP server started
Sep 16 15:24:17 rhodain-work-virt gnome-remote-de[5727]: VNC server started
Sep 16 15:25:14 rhodain-work-virt gnome-remote-desktop-daemon[5727]: [15:25:14:367] [5727:5747] [ERROR][com.freerdp.core.transport] - BIO_read returned a system error 0: Success
Sep 16 15:25:14 rhodain-work-virt gnome-remote-desktop-daemon[5727]: [15:25:14:368] [5727:5747] [ERROR][com.freerdp.core] - transport_read_layer:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D]
Sep 16 15:25:14 rhodain-work-virt gnome-remote-desktop-daemon[5727]: [15:25:14:368] [5727:5747] [ERROR][com.freerdp.core.nla] - [nla_recv] error: -1
Sep 16 15:25:14 rhodain-work-virt gnome-remote-desktop-daemon[5727]: [15:25:14:368] [5727:5747] [ERROR][com.freerdp.core.transport] - client authentication failure
Sep 16 15:25:14 rhodain-work-virt gnome-remote-desktop-daemon[5727]: [15:25:14:368] [5727:5747] [WARN][com.freerdp.core.nla] - DeleteSecurityContext status SEC_E_SECPKG_NOT_FOUND [0x80090305]
Sep 16 15:25:14 rhodain-work-virt gnome-remote-desktop-daemon[5727]: [15:25:14:368] [5727:5747] [ERROR][com.freerdp.core.peer] - peer_recv_callback: CONNECTION_STATE_INITIAL - rdp_server_accept_nego() fail
Sep 16 15:25:14 rhodain-work-virt gnome-remote-desktop-daemon[5727]: [15:25:14:368] [5727:5747] [ERROR][com.freerdp.core.transport] - transport_check_fds: transport->ReceiveCallback() - -1
Sep 16 15:25:14 rhodain-work-virt gnome-remote-de[5727]: Unable to check file descriptor, closing connection
Sep 16 15:25:14 rhodain-work-virt gnome-remote-desktop-daemon[5727]: [15:25:14:378] [5727:5753] [WARN][com.freerdp.core.connection] - server supports only NLA Security
Sep 16 15:25:14 rhodain-work-virt gnome-remote-desktop-daemon[5727]: [15:25:14:378] [5727:5753] [ERROR][com.freerdp.core.connection] - Protocol security negotiation failure
Sep 16 15:25:14 rhodain-work-virt gnome-remote-desktop-daemon[5727]: [15:25:14:378] [5727:5727] [ERROR][com.freerdp.core.transport] - BIO_should_retry returned a system error 104: Connection reset by peer
Sep 16 15:25:14 rhodain-work-virt gnome-remote-desktop-daemon[5727]: [15:25:14:381] [5727:5753] [ERROR][com.freerdp.core.peer] - peer_recv_callback: CONNECTION_STATE_INITIAL - rdp_server_accept_nego() fail
Sep 16 15:25:14 rhodain-work-virt gnome-remote-desktop-daemon[5727]: [15:25:14:381] [5727:5753] [ERROR][com.freerdp.core.transport] - transport_check_fds: transport->ReceiveCallback() - -1
Sep 16 15:25:14 rhodain-work-virt gnome-remote-de[5727]: Unable to check file descriptor, closing connection
Comment 1 Roman Hodain 2022-09-16 13:31:35 UTC 
Created attachment 1912336 [details]
Screenshot of the UI for remote access
Comment 2 Jonas Ådahl 2022-09-16 17:44:07 UTC 
rdesktop doesn't support NLA (Network Level Authentication), which gnome-remote-desktop relies on for logging in. It also seems like there was a feature request on rdesktop to add support, but it appears rdesktop doesn't have any active maintainers anymore.

rdesktop RFE: https://github.com/rdesktop/rdesktop/issues/279
Comment 3 Ben Cotton 2023-04-25 17:56:40 UTC 
This message is a reminder that Fedora Linux 36 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 36 on 2023-05-16.
It is Fedora's policy to close all bug reports from releases that are no longer
maintained. At that time this bug will be closed as EOL if it remains open with a
'version' of '36'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, change the 'version' 
to a later Fedora Linux version. Note that the version field may be hidden.
Click the "Show advanced fields" button if you do not see it.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora Linux 36 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora Linux, you are encouraged to change the 'version' to a later version
prior to this bug being closed.
Comment 4 Ludek Smid 2023-05-25 16:51:30 UTC 
Fedora Linux 36 entered end-of-life (EOL) status on 2023-05-16.

Fedora Linux 36 is no longer maintained, which means that it
will not receive any further security or bug fix updates. As a result we
are closing this bug.

If you can reproduce this bug against a currently maintained version of Fedora Linux
please feel free to reopen this bug against that version. Note that the version
field may be hidden. Click the "Show advanced fields" button if you do not see
the version field.

If you are unable to reopen this bug, please file a new report against an
active release.

Thank you for reporting this bug and we are sorry it could not be fixed.
Comment 5 Garrett Mitchener 2023-12-05 13:50:30 UTC 
Possibly related https://bugzilla.redhat.com/show_bug.cgi?id=2189376