2

Environment:

  • Remote OS: Ubuntu 22.04.02 GNOME
  • Client OS: Windows 10

Ubuntu /var/log/syslog as follows:

Connecting from RDP client of MobaXterm, log:

May 20 16:54:38 bc gnome-remote-desktop-daemon[952]: [16:54:38:934] [952:18610] [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_CONTINUE_NEEDED [0x00090312]
May 20 16:54:38 bc gnome-remote-desktop-daemon[952]: [16:54:38:942] [952:18610] [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_COMPLETE_NEEDED [0x00090313]
May 20 16:54:39 bc gnome-remote-de[952]: [RDP.RDPGFX] CapsAdvertise: Accepting capability set with version RDPGFX_CAPVERSION_106, Client cap flags: H264 (AVC444): true, H264 (AVC420): true
May 20 16:54:39 bc gnome-remote-desktop-daemon[952]: [16:54:39:318] [952:18614] [ERROR][com.freerdp.channels.rdpgfx.server] - WTSVirtualChannelRead failed!
May 20 16:54:39 bc gnome-remote-desktop-daemon[952]: [16:54:39:318] [952:18614] [ERROR][com.freerdp.channels.rdpgfx.server] - rdpgfx_server_handle_messages failed with error 1359
May 20 16:54:39 bc gnome-remote-desktop-daemon[952]: [16:54:39:319] [952:18610] [ERROR][com.freerdp.core.transport] - BIO_read returned a system error 104: Connection reset by peer
May 20 16:54:39 bc gnome-remote-desktop-daemon[952]: [16:54:39:319] [952:18610] [ERROR][com.freerdp.core] - transport_read_layer:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D]
May 20 16:54:39 bc gnome-remote-de[952]: Unable to check file descriptor, closing connection
May 20 16:54:39 bc systemd[1]: run-user-1000-gnome\x2dremote\x2ddesktop-cliprdr\x2dYu7GBZ.mount: Deactivated successfully.
May 20 16:54:39 bc gnome-remote-desktop-daemon[952]: [16:54:39:331] [952:952] [ERROR][com.freerdp.core.transport] - BIO_should_retry returned a system error 32: Broken pipe

Connecting from RDP client of mstsc.exe, log1:

May 20 17:04:07 bc gnome-remote-desktop-daemon[952]: [17:04:07:594] [952:18667] [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_CONTINUE_NEEDED [0x00090312]
May 20 17:04:07 bc gnome-remote-desktop-daemon[952]: [17:04:07:603] [952:18667] [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_COMPLETE_NEEDED [0x00090313]
May 20 17:04:07 bc gnome-remote-desktop-daemon[952]: [17:04:07:609] [952:18667] [ERROR][com.freerdp.core.transport] - BIO_read returned a system error 104: Connection reset by peer
May 20 17:04:07 bc gnome-remote-desktop-daemon[952]: [17:04:07:609] [952:18667] [ERROR][com.freerdp.core] - transport_read_layer:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D]
May 20 17:04:07 bc gnome-remote-desktop-daemon[952]: [17:04:07:609] [952:18667] [ERROR][com.freerdp.core.nla] - [nla_recv] error: -1
May 20 17:04:07 bc gnome-remote-desktop-daemon[952]: [17:04:07:609] [952:18667] [ERROR][com.freerdp.core.transport] - client authentication failure
May 20 17:04:07 bc gnome-remote-desktop-daemon[952]: [17:04:07:609] [952:18667] [ERROR][com.freerdp.core.peer] - peer_recv_callback: CONNECTION_STATE_INITIAL - rdp_server_accept_nego() fail
May 20 17:04:07 bc gnome-remote-desktop-daemon[952]: [17:04:07:609] [952:18667] [ERROR][com.freerdp.core.transport] - transport_check_fds: transport->ReceiveCallback() - -1
May 20 17:04:07 bc gnome-remote-de[952]: Unable to check file descriptor, closing connection
May 20 17:04:07 bc gnome-remote-desktop-daemon[952]: [17:04:07:610] [952:952] [ERROR][com.freerdp.core.transport] - BIO_should_retry returned a system error 32: Broken pipe
May 20 17:04:07 bc gnome-remote-desktop-daemon[952]: [17:04:07:659] [952:18673] [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_CONTINUE_NEEDED [0x00090312]
May 20 17:04:07 bc gnome-remote-desktop-daemon[952]: [17:04:07:668] [952:18673] [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_COMPLETE_NEEDED [0x00090313]
May 20 17:04:08 bc gnome-remote-de[952]: [RDP.CLIPRDR] Client capabilities: long format names, stream file clip, file clip no file paths, can lock clip data, huge file support
May 20 17:04:08 bc gnome-remote-de[952]: [RDP.RDPGFX] CapsAdvertise: Accepting capability set with version RDPGFX_CAPVERSION_106, Client cap flags: H264 (AVC444): true, H264 (AVC420): true

Connecting from RDP client of mstsc.exe, log 2:

May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:55:08:522] [952:18625] [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_CONTINUE_NEEDED [0x00090312]
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:55:08:530] [952:18625] [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_COMPLETE_NEEDED [0x00090313]
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:55:08:538] [952:18625] [ERROR][com.freerdp.core.transport] - BIO_read returned a system error 104: Connection reset by peer
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:55:08:538] [952:18625] [ERROR][com.freerdp.core] - transport_read_layer:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D]
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:55:08:538] [952:18625] [ERROR][com.freerdp.core.nla] - [nla_recv] error: -1
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:55:08:538] [952:18625] [ERROR][com.freerdp.core.transport] - client authentication failure
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:55:08:538] [952:18625] [ERROR][com.freerdp.core.peer] - peer_recv_callback: CONNECTION_STATE_INITIAL - rdp_server_accept_nego() fail
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:55:08:538] [952:18625] [ERROR][com.freerdp.core.transport] - transport_check_fds: transport->ReceiveCallback() - -1
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:55:08:538] [952:952] [ERROR][com.freerdp.core.transport] - BIO_should_retry returned a system error 32: Broken pipe
May 20 16:55:08 bc gnome-remote-de[952]: Unable to check file descriptor, closing connection
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: ] [952:17475] [INFO][com.freerdp.core.connection] - Accepted channels:
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:05:916] [952:17475] [INFO][com.freerdp.core.connection] -  rdpdr
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:05:916] [952:17475] [INFO][com.freerdp.core.connection] -  rdpsnd
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:05:916] [952:17475] [INFO][com.freerdp.core.connection] -  cliprdr
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:05:916] [952:17475] [INFO][com.freerdp.core.connection] -  drdynvc
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:05:916] [952:17475] [INFO][com.freerdp.core.gcc] - Active rdp encryption level: NONE
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:05:916] [952:17475] [INFO][com.freerdp.core.gcc] - Selected rdp encryption method: NONE
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:35:500] [952:17489] [INFO][com.freerdp.core.connection] - Client Security: NLA:1 TLS:1 RDP:0
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:35:500] [952:17489] [INFO][com.freerdp.core.connection] - Server Security: NLA:1 TLS:0 RDP:0
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:35:500] [952:17489] [INFO][com.freerdp.core.connection] - Negotiated Security: NLA:1 TLS:0 RDP:0
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:35:593] [952:17489] [INFO][com.freerdp.core.connection] - Accepted client: DESKTOP-GVM1HH4
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:35:593] [952:17489] [INFO][com.freerdp.core.connection] - Accepted channels:
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:35:593] [952:17489] [INFO][com.freerdp.core.connection] -  rdpdr
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:35:593] [952:17489] [INFO][com.freerdp.core.connection] -  rdpsnd
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:35:593] [952:17489] [INFO][com.freerdp.core.connection] -  cliprdr
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:35:593] [952:17489] [INFO][com.freerdp.core.connection] -  drdynvc
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:35:593] [952:17489] [INFO][com.freerdp.core.gcc] - Active rdp encryption level: NONE
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [09:15:35:593] [952:17489] [INFO][com.freerdp.core.gcc] - Selected rdp encryption method: NONE
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:51:08:352] [952:18263] [INFO][com.freerdp.core.connection] - Client Security: NLA:1 TLS:1 RDP:0
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:51:08:352] [952:18263] [INFO][com.freerdp.core.connection] - Server Security: NLA:1 TLS:0 RDP:0
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:51:08:352] [952:18263] [INFO][com.freerdp.core.connection] - Negotiated Security: NLA:1 TLS:0 RDP:0
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:51:14:653] [952:18269] [INFO][com.freerdp.core.connection] - Client Security: NLA:1 TLS:1 RDP:0
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:51:14:653] [952:18269] [INFO][com.freerdp.core.connection] - Server Security: NLA:1 TLS:0 RDP:0
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:51:14:653] [952:18269] [INFO][com.freerdp.core.connection] - Negotiated Security: NLA:1 TLS:0 RDP:0
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:51:14:701] [952:18269] [INFO][com.freerdp.core.connection] - Accepted client: DESKTOP-GVM1HH4
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:51:14:701] [952:18269] [INFO][com.freerdp.core.connection] - Accepted channels:
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:51:14:701] [952:18269] [INFO][com.freerdp.core.connection] -  rdpdr
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:51:14:701] [952:18269] [INFO][com.freerdp.core.connection] -  rdpsnd
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:51:14:701] [952:18269] [INFO][com.freerdp.core.connection] -  cliprdr
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:51:14:701] [952:18269] [INFO][com.freerdp.core.connection] -  drdynvc
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:51:14:701] [952:18269] [INFO][com.freerdp.core.gcc] - Active rdp encryption level: NONE
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:51:14:701] [952:18269] [INFO][com.freerdp.core.gcc] - Selected rdp encryption method: NONE
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:54:38:142] [952:18610] [INFO][com.freerdp.core.connection] - Client Security: NLA:1 TLS:1 RDP:0
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:54:38:142] [952:18610] [INFO][com.freerdp.core.connection] - Server Security: NLA:1 TLS:0 RDP:0
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:54:38:142] [952:18610] [INFO][com.freerdp.core.connection] - Negotiated Security: NLA:1 TLS:0 RDP:0
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:54:38:951] [952:18610] [INFO][com.freerdp.core.connection] - Accepted client: DESKTOP-GVM1HH4
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:54:38:951] [952:18610] [INFO][com.freerdp.core.connection] - Accepted channels:
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:54:38:951] [952:18610] [INFO][com.freerdp.core.connection] -  rdpdr
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:54:38:951] [952:18610] [INFO][com.freerdp.core.connection] -  rdpsnd
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:54:38:951] [952:18610] [INFO][com.freerdp.core.connection] -  cliprdr
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:54:38:951] [952:18610] [INFO][com.freerdp.core.connection] -  drdynvc
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:54:38:951] [952:18610] [INFO][com.freerdp.core.gcc] - Active rdp encryption level: NONE
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:54:38:951] [952:18610] [INFO][com.freerdp.core.gcc] - Selected rdp encryption method: NONE
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:55:03:031] [952:18625] [INFO][com.freerdp.core.connection] - Client Security: NLA:1 TLS:1 RDP:0
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:55:03:031] [952:18625] [INFO][com.freerdp.core.connection] - Server Security: NLA:1 TLS:0 RDP:0
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:55:03:031] [952:18625] [INFO][com.freerdp.core.connection] - Negotiated Security: NLA:1 TLS:0 RDP:0
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:55:08:572] [952:18631] [INFO][com.f[16:55:08:602] [952:18631] [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_CONTINUE_NEEDED [0x00090312]
May 20 16:55:08 bc gnome-remote-desktop-daemon[952]: [16:55:08:610] [952:18631] [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_COMPLETE_NEEDED [0x00090313]
May 20 16:55:09 bc gnome-remote-de[952]: [RDP.CLIPRDR] Client capabilities: long format names, stream file clip, file clip no file paths, can lock clip data, huge file support
May 20 16:55:09 bc gnome-remote-de[952]: [RDP.RDPGFX] CapsAdvertise: Accepting capability set with version RDPGFX_CAPVERSION_106, Client cap flags: H264 (AVC444): true, H264 (AVC420): true
May 20 16:55:10 bc gnome-remote-desktop-daemon[952]: [16:55:10:382] [952:18631] [ERROR][com.freerdp.core.peer] - peer_recv_callback: CONNECTION_STATE_ACTIVE - peer_recv_pdu() fail
May 20 16:55:10 bc gnome-remote-desktop-daemon[952]: [16:55:10:382] [952:18631] [ERROR][com.freerdp.core.transport] - transport_check_fds: transport->ReceiveCallback() - -1
May 20 16:55:10 bc gnome-remote-de[952]: Unable to check file descriptor, closing connection
May 20 16:55:10 bc gnome-remote-desktop-daemon[952]: [16:55:10:392] [952:952] [ERROR][com.freerdp.core.transport] - BIO_should_retry returned a system error 104: Connection reset by peer
May 20 16:55:10 bc gnome-remote-desktop-daemon[952]: [16:55:10:392] [952:952] [ERROR][com.freerdp.core] - transport_write:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D]
May 20 16:55:10 bc systemd[1]: run-user-1000-gnome\x2dremote\x2ddesktop-cliprdr\x2dAsMCcw.mount: Deactivated successfully.
Honghe.Wu
  • 397

2 Answers2

3

gnome-remote-desktop works with a variety of clients, not just mstsc, but also xfreerdp, Remmina, or the Thincast client (See also https://help.ubuntu.com/stable/ubuntu-help/sharing-desktop.html).

Regarding your logs:

Your second log with mstsc just looks fine, you got a session established.

In your first log with mstsc, either the credentials were wrong, or you hit an issue in FreeRDP (the authentication handling for gnome-remote-desktop happens in FreeRDP), where a wrong password hash is generated and thus, despite wrong credentials, the authentication fails.
That bug was fixed in https://github.com/FreeRDP/FreeRDP/commit/a23a24fe068c37d20c254fe393d4fe5d4c6ab31d, and that commit is part of the FreeRDP 2.10.0 release.
Unfortunately, the Ubuntu Desktop Team refuses to ship that security and maintenance update in Ubuntu 22.04.
However, it is included in Ubuntu 23.04.

Edit: Didn't look at the timestamp of the failed authentication in your first mstsc log.
That connection attempt with the failed authentication was mstsc sending other credentials first, before it asks you to type your password. So, nothing wrong there, however, if you would receive an authentication error on your typed credentials, then the above mentioned situation still applies.

Now, to your MobaXterm log:
The authentication succeeded. This is clear, since the graphics pipeline was established (visible due to the [RDP.RDPGFX] messages).
However, it looks like the client here sends a malformed message to the server side.
This is visible in the WTSVirtualChannelRead failed! and the following rdpgfx_server_handle_messages failed with error 1359 message.
FreeRDP handles the protocol PDU parsing of all virtual channels in RDP (this includes here the graphics pipeline) and gnome-remote-desktop handles the actual messages.
When WTSVirtualChannelRead fails, then a malformed message was received by the client.
rdpgfx_server_handle_messages automatically fails too, when WTSVirtualChannelRead already failed.
There is nothing that can be done here, except reporting a bug to MobaXterm.

Pascal Nowack
  • 211
  • 2
  • 6
1

After gnome-remote-desktop upgraded to 42.9-0ubuntu0.22.04.1, this problem is gone.

Honghe.Wu
  • 397