I was doing a packet capture for another purpose and noticed my rdp session was using sslv2. This was all happening behind a firewall so my moment of terror quickly passed. I poked around with my xrdp configuration and found where I could force TLS. I did that immediately and promptly broke RDP
( changed security_layer=negotiate to security_layer=tls in xrdp.ini) .
This caused an error message on attempt to connect
"The connection cannot proceed because authentication is not enabled and the remote computer requires that authentication be enabled to connect"
I resolved this by hacking my windows registry... Long story
My question is any idea on how to configure xrdp to use reasonable encryption without having to touch the registry of every windows machine I touch? I did try out using a ssh tunnel which did secure the traffic but again its an extra step. Feels like there is another answer to this but just can't find it. Any ideas?
( changed security_layer=negotiate to security_layer=tls in xrdp.ini) .
This caused an error message on attempt to connect
"The connection cannot proceed because authentication is not enabled and the remote computer requires that authentication be enabled to connect"
I resolved this by hacking my windows registry... Long story
My question is any idea on how to configure xrdp to use reasonable encryption without having to touch the registry of every windows machine I touch? I did try out using a ssh tunnel which did secure the traffic but again its an extra step. Feels like there is another answer to this but just can't find it. Any ideas?