xrdp needs to be in ssl-cert group to read server private key
Bug #1908795 reported by
John Paul Morrison
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
xrdp (Ubuntu) |
Opinion
|
Undecided
|
Unassigned |
Bug Description
xrdp installs links system certificate/private key but user xrdp can't read the key
TLS should be enabled by default xrdp but the server will still run and allow insecure connections
/etc/xrdp/key.pem -> /etc/ssl/
-rw-r----- 1 root ssl-cert 1708 Dec 11 14:52 /etc/ssl/
works if user xrdp belongs to group ssl-cert
grep xrdp /etc/group
ssl-cert:x:121:xrdp
xrdp:x:122:
xrd.ini should have the cert/key configured
certificate=
key_file=
summary: |
- xrdp needs to be in ssl-cert group to read server priate key + xrdp needs to be in ssl-cert group to read server private key |
information type: | Private Security → Public |
Changed in xrdp (Ubuntu): | |
status: | New → Opinion |
To post a comment you must log in.
https:/ /bugs.debian. org/cgi- bin/bugreport. cgi?bug= 860890