Make FreeRDP prompt user for username and password?
Solution 1
The trick is putting the password switch at the end of your command line so that you can leave it blank. This will trigger xfreerdp
to prompt your for the password instead of having to provide it via the command line.
Example
new cli interface (v1.1+)$ xfreerdp /v:farm.company.com /d:company.com /u:oshiro /g:rds.company.com /p
old cli interface (v1.0.2)
$ xfreerdp -u oshiro -d company.com farm.company.com -t 3389 -p
NOTE: The new CLI is available in the pre-releases, v1.1+, so pay special attention to which version you're using. Running the command xfreerdp --version
will show you which. Also take a look at the releases topic in the wiki for more information on each.
Sample connection
Here's an example of me connecting to a RDP server.
$ xfreerdp --ignore-certificate -u smingolelli -d mydom -t 5000 rdp.mydom.com -p
connected to rdp.mydom.com:5000
Password:
Prompting the user
This issue in the FreeRDP issue tracker titled: Prompt for Credentials - NLA #1512, had this snippet of how you could use zenity
to prompt the user for a username and password using GUI dialogs and then run xfreerdp
with the provided info afterwards.
$ xfreerdp /v:yourRDSfarmFQDN \
/u:$(zenity \
--entry \
--title="Domain Username" \
--text="Enter your Username") \
/p:$(zenity \
--entry \
--title="Domain Password" \
--text="Enter your _password:" \
--hide-text) \
/d:yourdomainname \
/f \
/cert-ignore
+clipboard
The above when executed would pop these dialogs up to the user. These will come up one at a time in turn.
References
Solution 2
I'd like to expand on slm's solution. I wanted a single window to enter all information in and allow me to specify a RemoteApp all in one go, so I built on what he suggested with zenity and created this.
XFreeRDP Prompt
Code:
#!/bin/bash
# XFreeRDP RemoteApp W/ Prompt Script
# Version 0.3
# Description:
# XFreeRDP Remote App Script utilizing Zentity to populate variables
# Written by Jarrett Higgins 12-2015
OUTPUT=$(zenity --forms --title="Connection Information" \
--text="Enter information about your Remote Connection" \
--separator="," \
--add-entry="Server" \
--add-entry="Port (Default: 3389)" \
--add-entry="Domain (Optional)" \
--add-entry="Username" \
--add-password="Password" \
--add-entry="Remote App Name (Optional)")
OUTPUT_RESULTS=$?
if ((OUTPUT_RESULTS != 0)); then
echo "something went wrong"
exit 1
fi
Blank=""
Server=$(awk -F, '{print $1}' <<<$OUTPUT)
Port=$(awk -F, '{print $2}' <<<$OUTPUT)
if ["$Port" = "$Blank"]
then
Port="3389"
else
Port="$Port"
fi
Domain=$(awk -F, '{print $3}' <<<$OUTPUT)
Username=$(awk -F, '{print $4}' <<<$OUTPUT)
Password=$(awk -F, '{print $5}' <<<$OUTPUT)
App=$(awk -F, '{print $6}' <<<$OUTPUT)
if ["$App" = "$Blank"]
then
App="$App"
Title="$Server"
else
AppName="$App"
Title="$AppName on $Server"
App="/app:||$App"
fi
#zenity --info --title="Information Return" --text="$Server $Port $Domain $Username $Password $App"
xfreerdp /t:"$Title" /v:$Server:$Port /d:$Domain /u:$Username /p:$Password $App /cert-ignore /workarea +clipboard
Password=""
Features:
- Defaults to port 3389 if not populated
- Defaults to no Remote App if not populated
Planned:
- Security Certificate Warning
- RDWeb Query to provide Resource List
I use this on my #!++ laptop with great success for connecting to my company and VM Remote Apps and client Servers. I'm not experienced with scripting, so if anyone has any suggestions or feedback, I would love to hear them.
Solution 3
If you specify tls security, the remote computer will prompt for password:
Xfreerdp --sec tls
The new parameter format:
/sec:tls
Solution 4
I also like yad, using the following shell script.
#!/bin/sh
frmdata=$(yad --title "Connect to remote computer" --form --field="Remote computer" --field="Username" --field="Password:H" --field="Domain" --field="Gateway")
frmcomputer=$(echo $frmdata | awk 'BEGIN {FS="|" } { print $1 }')
frmusername=$(echo $frmdata | awk 'BEGIN {FS="|" } { print $2 }')
frmpassword=$(echo $frmdata | awk 'BEGIN {FS="|" } { print $3 }')
frmdomain=$(echo $frmdata | awk 'BEGIN {FS="|" } { print $4 }')
frmgateway=$(echo $frmdata | awk 'BEGIN {FS="|" } { print $5 }')
xfreerdp /v:$frmcomputer /f /d:$frmdomain /u:$frmusername /g:$frmgateway /p:$frmpassword /cert-ignore
It provides a good interface, and hides the password.
Solution 5
You need to supply an empty parameter (without password value). Try this:
sudo xfreerdp /v:farm.company.com /d:company.com /u:oshiro /g:rds.company.com /p
If that does not work, then you could accomplish this with simple bash script.
Save this as rdp.sh
:
#!/bin/bash
# Read Password
echo -n Password:
read -s password
echo
# Run Command
sudo xfreerdp /v:farm.company.com /d:company.com /u:oshiro /g:rds.company.com /p:$password
Then make file executable:
chmod +x rdp.sh
Launch it:
./rdp.sh
This has been asked and discussed more thoroughly on xfreerdp's github issue: https://github.com/FreeRDP/FreeRDP/issues/1358
The bash script idea is taken from: https://stackoverflow.com/questions/3980668/how-to-get-a-password-from-a-shell-script-without-echoing
Related videos on Youtube
oshirowanen
Updated on September 18, 2022Comments
-
oshirowanen almost 2 years
At the moment, I'm using the following command to start an FreeRDP session:
$ sudo xfreerdp /v:farm.company.com /d:company.com \ /u:oshiro /p:oshiro_password /g:rds.company.com
Works fine. However, I don't want the password to be in the command line like that. So I tried it without the password:
$ sudo xfreerdp /v:farm.company.com /d:company.com /u:oshiro /g:rds.company.com
And I got a connection failure message instead of some sort of dialog box or prompt asking me to enter in a password.
Is it possible to get this to prompt the user for a password?
UPDATE: Omitting the
/p
switchWithout the
/p
switch, I get the following:oshiro@ubuntu:~$ xfreerdp /v:farm.company.com /d:company.com -u:oshiro /g:rds.company.com connected to rds.company.com:443 connected to rds.company.com:443 Could not open SAM file! Could not open SAM file! Could not open SAM file! Could not open SAM file! rts_connect error! Status Code: 401 HTTP/1.1 401 Unauthorized Content-Type: text/plain Server: Microsoft-IIS/7.5 WWW-Authenticate: Negotiate WWW-Authenticate: NTLM WWW-Authenticate: Basic realm="rds.company.com" X-Powered-By: ASP.NET Date: Sun, 23 Mar 2014 10:40:30 GMT +12 Content-Length: 13 rts_connect error! rpc_connect failed! Error: protocol security negotiation or connection failure
-
oshirowanen over 10 yearsThanks for this. However, when I try
xfreerdp /v:farm.company.com /d:company.com /u:oshiro /g:rds.company.com /p
, it just gives me the documentation and all the commands I could use. Then as soon as I put the password after thep
it starts working. -
slm over 10 years@oshirowanen - if you omit the
/p
switch all together? -
oshirowanen over 10 yearsThe error was too long to post as a comment, so I have updated the original question with the error message.
-
slm over 10 years@oshirowanen - that looks like it might be a bug: github.com/FreeRDP/FreeRDP/issues/1584. Shows the same output as yours. I would open an issue with FreeRDP, if you're not sure how to do this I can assist further LMK.
-
user829755 about 9 yearsinstead of
zenity --entry --text="Enter your _password:" --hide-text
you can simply sayzenity --password
-
slm about 9 years@user829755 - the use of
--password
has been problematic, not working on specific versions of zenity, hence why I showed this method here. -
reinierpost over 5 yearsThis exposes the password to users doing
ps -ef
. -
sjngm almost 4 yearsThis answer still works in 2020 and doesn't need an additional tool/command. This should probably be the accepted answer.
-
Benjamin Peter almost 3 yearsFor the
zenith
version: I think it is worth noting that the password in the command line is hidden after start (byxfreerdp
I suppose) and is not visible after that. But there should be a short amount of time where it could be observed by other users of the machine. -
Admin almost 2 yearsYes, this is an invitation to the login screen. It helped me, thank you!