Last active
November 15, 2025 14:44
-
-
Save greyltc/7085bff8f2e728b60077b81329019828 to your computer and use it in GitHub Desktop.
configures then activates gnome-remote-desktop from the command line
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # run this on the remote terminal machine, as auser with sudo powers, probably through a remote ssh shell | |
| # this will overwrite all the settings it touches | |
| # the name of the user to run these commands as | |
| TARGET_USER=jane | |
| # we need an inlocked desktop session. we can either start a new autologin one or unlock an existing one | |
| echo -e "[daemon]\nAutomaticLogin=${TARGET_USER}\nAutomaticLoginEnable=true\n" | sudo tee /run/gdm/custom.conf | |
| sudo systemctl restart gdm | |
| #sudo loginctl unlock-sessions # unlocks all existing sessions | |
| # print the session type | |
| busctl get-property org.freedesktop.Accounts /org/freedesktop/Accounts/User$(id -u) org.freedesktop.Accounts.User Session | |
| # the password for that target user (needed to unlock their keyring) | |
| TUP="target user password" | |
| # password to use for VNC server | |
| VNC_PASS="welcome to narnia" | |
| # TODO: unlock the keyring (probably by first killing it and then re-launching it like PAM would) | |
| #killall gnome-keyring-daemon | |
| #echo -n ${TUP} | gnome-keyring-daemon --daemonize --login | |
| # write vnc password to the keychain | |
| sudo -i -u ${TARGET_USER} VNC_PASS="${VNC_PASS}" DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(id -u ${TARGET_USER})/bus" bash -c 'echo -n ${VNC_PASS} | secret-tool store --label "GRD VNC pass" xdg:schema org.gnome.RemoteDesktop.VncPassword' | |
| # or if you want you can print the existing password with | |
| # secret-tool lookup xdg:schema org.gnome.RemoteDesktop.VncPassword | |
| # allow screen control | |
| sudo -i -u ${TARGET_USER} DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(id -u ${TARGET_USER})/bus" bash -c 'gsettings set org.gnome.desktop.remote-desktop.vnc view-only false' | |
| # use password authentication | |
| sudo -i -u ${TARGET_USER} DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(id -u ${TARGET_USER})/bus" bash -c 'gsettings set org.gnome.desktop.remote-desktop.vnc auth-method password' | |
| # let's also setup RDP creds just for fun | |
| RDP_USER="john" | |
| RDP_PASS="welcome to narnia" | |
| RDP_CREDS="{\"password\": \"${RDP_PASS}\", \"username\": \"${RDP_USER}\"}" | |
| TLS_STORE=/var/tmp/rdptls | |
| mkdir -p ${TLS_STORE} | |
| # generate the TLS things for the RDP server | |
| winpr-makecert -rdp -path ${TLS_STORE} > /dev/null | |
| # write RDP credentials to the keychain | |
| sudo -i -u ${TARGET_USER} RDP_CREDS="${RDP_CREDS}" DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(id -u ${TARGET_USER})/bus" bash -c 'echo -n ${RDP_CREDS} | secret-tool store --label "GRD RDP creds" xdg:schema org.gnome.RemoteDesktop.RdpCredentials' | |
| # set RDP tls certificate path | |
| sudo -i -u ${TARGET_USER} TLS_CRT="${TLS_STORE}/$(hostname --fqdn).crt" DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(id -u ${TARGET_USER})/bus" bash -c 'gsettings set org.gnome.desktop.remote-desktop.rdp tls-cert "${TLS_CRT}"' | |
| # set RDP tls private key path | |
| sudo -i -u ${TARGET_USER} TLS_KEY="${TLS_STORE}/$(hostname --fqdn).key" DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(id -u ${TARGET_USER})/bus" bash -c 'gsettings set org.gnome.desktop.remote-desktop.rdp tls-key "${TLS_KEY}"' | |
| # allow RDP remote control | |
| sudo -i -u ${TARGET_USER} DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(id -u ${TARGET_USER})/bus" bash -c 'gsettings set org.gnome.desktop.remote-desktop.rdp view-only false' | |
| # now launch the server (needs to be run as the ${TARGET_USER}, haven't figured out how to fool pipewire yet) | |
| /usr/lib/gnome-remote-desktop-daemon | |
VNC setup not working on Ubuntu24.04, only RDP yes
In order to use the script above we need to enable the Desktop Sharing from the GUI first I think in Ubuntu 24.04
It is not working if not enable the Desktop sharing.
But I am facing some issue on another Ubuntu 24.04, I am getting the error below:
(secret-tool:3538): GLib-GIO-CRITICAL **: 15:15:30.324: g_task_return_error: assertion 'error != NULL' failed
(secret-tool:3538): GLib-GIO-CRITICAL **: 15:15:30.324: GTask secret_service_real_prompt_async (source object: 0x5de4c2f20ba0, source tag: 0x7b25d58adc40) finalized without ever returning (using g_task_return_*()). This potentially indicates a bug in the program.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What are the security implications of auto-login/unlocking like this?