How To Install RustDesk on AlmaLinux 10
Remote desktop solutions have become indispensable tools for system administrators, IT professionals, and organizations seeking secure, reliable connectivity. RustDesk emerges as a powerful open-source alternative to commercial remote desktop software, offering enterprise-grade features without licensing costs. This comprehensive guide demonstrates the complete installation and configuration process for RustDesk on AlmaLinux 10, ensuring optimal performance and security.
AlmaLinux 10 provides an ideal foundation for hosting RustDesk servers due to its enterprise stability, robust security features, and Red Hat Enterprise Linux compatibility. Unlike proprietary solutions such as TeamViewer or AnyDesk, RustDesk offers complete control over data privacy, customizable security policies, and freedom from subscription limitations.
The installation process covers multiple deployment methods, from Docker-based containerized solutions to traditional RPM package installations. Each approach addresses different organizational requirements, whether prioritizing easy deployment, system integration, or performance optimization. Additionally, this guide includes advanced configuration options, security hardening techniques, and comprehensive troubleshooting procedures to ensure successful implementation.
System Requirements and Prerequisites
AlmaLinux 10 Hardware Specifications
RustDesk server deployment requires adequate system resources to handle multiple concurrent connections effectively. The minimum hardware configuration includes 2GB RAM, though 4GB or more is recommended for production environments. CPU requirements vary based on expected user load, with dual-core processors sufficient for small deployments and quad-core or higher recommended for larger organizations.
Storage requirements depend on logging preferences and user session recordings. A minimum of 10GB free disk space ensures adequate room for system files, logs, and temporary data. Network connectivity plays a crucial role, requiring stable internet access with sufficient bandwidth to support simultaneous remote desktop sessions.
Essential System Prerequisites
Administrative access through either root privileges or sudo capabilities is mandatory for installing system packages and configuring services. A fresh AlmaLinux 10 installation provides the cleanest environment, minimizing potential conflicts with existing software configurations.
SSH access enables remote server management and troubleshooting. Configure SSH key-based authentication for enhanced security, especially when managing production servers. Domain name configuration and proper DNS resolution facilitate easier client connections and certificate management for SSL/TLS encryption.
Required Software Dependencies
Package management through DNF requires updated repositories and system packages. Execute comprehensive system updates before beginning RustDesk installation to ensure compatibility and security. Essential development tools and libraries support various installation methods and future maintenance tasks.
Docker and Docker Compose installation may be necessary depending on the chosen deployment method. Container-based deployments offer isolation, simplified management, and consistent environments across different systems. Network configuration tools help optimize connectivity and troubleshoot connection issues.
Understanding RustDesk Architecture
Server Component Overview
RustDesk utilizes a distributed architecture comprising two primary server components working in conjunction. The hbbs (RustDesk ID server) manages client identification, authentication, and initial connection coordination. This component maintains client registrations, handles ID generation, and facilitates peer discovery within the network.
The hbbr (RustDesk Relay server) provides data relay functionality when direct peer-to-peer connections cannot be established. Network address translation (NAT) environments, corporate firewalls, and complex network topologies often require relay services to enable successful remote desktop connections. Understanding this architecture helps optimize deployment strategies and troubleshoot connectivity issues.
Network Configuration Requirements
RustDesk servers require specific TCP and UDP port configurations for optimal functionality. TCP ports 21114 through 21119 handle various communication protocols, including client registration, relay coordination, and administrative functions. UDP port 21116 specifically supports NAT traversal mechanisms, enabling connections through restrictive network environments.
Firewall configuration must accommodate these port requirements while maintaining security standards. Cloud-based deployments require security group modifications to allow inbound traffic on designated ports. Internal network deployments may need firewall rule adjustments and router configuration changes to support external client connections.
Installation Method 1: Docker-Based Deployment
Docker Installation Process
Begin Docker installation by updating the AlmaLinux 10 package repository to ensure access to the latest software versions:
sudo dnf update -y
sudo dnf install -y dnf-plugins-core
Add the official Docker repository to enable installation of Docker Community Edition:
sudo dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
Install Docker CE and associated components:
sudo dnf install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
Enable and start the Docker service to ensure automatic startup after system reboots:
sudo systemctl enable docker
sudo systemctl start docker
Verify successful Docker installation by checking the service status and running a test container:
sudo systemctl status docker
sudo docker run hello-world
RustDesk Container Configuration
Create a dedicated directory structure for RustDesk server files and configuration:
sudo mkdir -p /opt/rustdesk
cd /opt/rustdesk
Generate a comprehensive Docker Compose configuration file to define RustDesk services:
version: '3'
networks:
rustdesk-net:
external: false
services:
hbbs:
container_name: hbbs
ports:
- 21114:21114
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21118:21118
image: rustdesk/rustdesk-server:latest
command: hbbs -r rustdesk.example.com:21117
volumes:
- ./data:/root
networks:
- rustdesk-net
depends_on:
- hbbr
restart: unless-stopped
hbbr:
container_name: hbbr
ports:
- 21117:21117
- 21119:21119
image: rustdesk/rustdesk-server:latest
command: hbbr
volumes:
- ./data:/root
networks:
- rustdesk-net
restart: unless-stopped
Replace rustdesk.example.com
with your actual domain name or server IP address. Create the data directory for persistent storage:
sudo mkdir -p data
Service Deployment and Management
Deploy RustDesk services using Docker Compose:
sudo docker-compose up -d
Monitor container startup and verify successful deployment:
sudo docker-compose ps
sudo docker-compose logs
The deployment generates encryption keys automatically on first startup. Retrieve the public key for client configuration:
sudo cat data/id_ed25519.pub
Installation Method 2: RPM Package Installation
Direct Package Installation
Download the latest RustDesk server RPM package from the official repository:
cd /tmp
wget https://github.com/rustdesk/rustdesk-server/releases/latest/download/rustdesk-server-linux-amd64.rpm
Install the package using DNF with automatic dependency resolution:
sudo dnf localinstall -y rustdesk-server-linux-amd64.rpm
Verify package installation and available executables:
rpm -ql rustdesk-server
which hbbs hbbr
Service Configuration and Management
Create systemd service files for automated service management. Configure the hbbs service:
sudo tee /etc/systemd/system/hbbs.service > /dev/null <<EOF
[Unit]
Description=RustDesk ID Server
After=network.target
[Service]
Type=simple
ExecStart=/usr/bin/hbbs -r your-domain.com:21117
WorkingDirectory=/var/lib/rustdesk
User=rustdesk
Group=rustdesk
Restart=always
RestartSec=3
[Install]
WantedBy=multi-user.target
EOF
Configure the hbbr service:
sudo tee /etc/systemd/system/hbbr.service > /dev/null <<EOF
[Unit]
Description=RustDesk Relay Server
After=network.target
[Service]
Type=simple
ExecStart=/usr/bin/hbbr
WorkingDirectory=/var/lib/rustdesk
User=rustdesk
Group=rustdesk
Restart=always
RestartSec=3
[Install]
WantedBy=multi-user.target
EOF
Create the rustdesk user and working directory:
sudo useradd -r -s /sbin/nologin rustdesk
sudo mkdir -p /var/lib/rustdesk
sudo chown rustdesk:rustdesk /var/lib/rustdesk
Enable and start the services:
sudo systemctl daemon-reload
sudo systemctl enable hbbs hbbr
sudo systemctl start hbbs hbbr
Client Installation and Configuration
Multi-Platform Client Setup
RustDesk clients support various operating systems, ensuring comprehensive remote access capabilities. Download the appropriate client version for your target platform from the official RustDesk website or GitHub releases page.
For AlmaLinux and other RPM-based distributions, install the client package:
wget https://github.com/rustdesk/rustdesk/releases/latest/download/rustdesk-1.x.x-x86_64.rpm
sudo dnf localinstall -y rustdesk-1.x.x-x86_64.rpm
Windows clients require administrative privileges for installation and service configuration. macOS installations support both Intel and Apple Silicon architectures through universal binaries.
Client Configuration Process
Launch the RustDesk client and navigate to network settings to configure server connections. Enter your server’s domain name or IP address in the ID/Relay Server field. Specify port 21116 for the ID server and port 21117 for the relay server if using non-standard configurations.
Import the server’s public key to establish encrypted communications. Copy the contents of the id_ed25519.pub
file generated during server installation and paste it into the client’s key field. This step ensures end-to-end encryption and prevents man-in-the-middle attacks.
Generate unique connection IDs for each client installation. These IDs facilitate remote connections and should be documented for administrative purposes. Configure access passwords or enable unattended access mode for automated connections.
Firewall and Network Configuration
AlmaLinux 10 Firewall Management
Configure the system firewall to allow RustDesk traffic while maintaining security standards. Open the required TCP ports:
sudo firewall-cmd --permanent --add-port=21114/tcp
sudo firewall-cmd --permanent --add-port=21115/tcp
sudo firewall-cmd --permanent --add-port=21116/tcp
sudo firewall-cmd --permanent --add-port=21117/tcp
sudo firewall-cmd --permanent --add-port=21118/tcp
sudo firewall-cmd --permanent --add-port=21119/tcp
Configure UDP port access for NAT traversal:
sudo firewall-cmd --permanent --add-port=21116/udp
Reload firewall configuration and verify rule implementation:
sudo firewall-cmd --reload
sudo firewall-cmd --list-all
SELinux Configuration Management
SELinux may restrict RustDesk server operations requiring policy adjustments. Check current SELinux status:
getenforce
sudo sestatus
If SELinux is enforcing, configure appropriate contexts for RustDesk executables and data directories:
sudo semanage fcontext -a -t bin_t "/usr/bin/hbbs"
sudo semanage fcontext -a -t bin_t "/usr/bin/hbbr"
sudo semanage fcontext -a -t var_lib_t "/var/lib/rustdesk(/.*)?"
sudo restorecon -Rv /usr/bin/hbbs /usr/bin/hbbr /var/lib/rustdesk
Generate custom SELinux policies if standard contexts prove insufficient for your deployment requirements.
Testing and Verification
Server Functionality Validation
Verify RustDesk server operations through multiple testing approaches. Check service status and resource utilization:
sudo systemctl status hbbs hbbr
sudo docker ps
sudo ss -tulpn | grep -E '2111[4-9]'
Test port accessibility from external networks using telnet or netcat:
telnet your-server.com 21114
nc -zv your-server.com 21116
Monitor server logs for error messages or connectivity issues:
sudo journalctl -u hbbs -f
sudo journalctl -u hbbr -f
sudo docker-compose logs -f
Connection Testing Procedures
Establish initial client connections to verify complete functionality. Test file transfer capabilities between connected systems to ensure data relay operations. Evaluate audio and video quality during active sessions, adjusting network settings if performance issues arise.
Document connection speeds and latency measurements for baseline performance metrics. Test multiple simultaneous connections to assess server capacity and identify potential bottlenecks. Verify connection stability during extended sessions and network interruptions.
Advanced Configuration and Security
Performance Optimization Strategies
Optimize RustDesk server performance through resource allocation adjustments and network tuning. Configure Docker container memory limits and CPU constraints to prevent resource exhaustion:
services:
hbbs:
deploy:
resources:
limits:
memory: 512M
cpus: '1.0'
reservations:
memory: 256M
cpus: '0.5'
Implement network optimization settings for improved connection quality. Adjust TCP buffer sizes and congestion control algorithms:
echo 'net.core.rmem_max = 16777216' >> /etc/sysctl.conf
echo 'net.core.wmem_max = 16777216' >> /etc/sysctl.conf
echo 'net.ipv4.tcp_congestion_control = bbr' >> /etc/sysctl.conf
sudo sysctl -p
Security Hardening Implementation
Implement SSL/TLS encryption for enhanced security. Generate SSL certificates using Let’s Encrypt or internal certificate authorities:
sudo dnf install -y certbot
sudo certbot certonly --standalone -d your-domain.com
Configure access control mechanisms through firewall rules and authentication policies. Implement fail2ban to prevent brute-force attacks:
sudo dnf install -y fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2ban
Enable audit logging for security monitoring and compliance requirements:
sudo auditctl -w /var/lib/rustdesk -p wa -k rustdesk_access
Troubleshooting Common Issues
Installation Problem Resolution
Address Docker installation failures by verifying repository configuration and system architecture compatibility. Resolve package dependency conflicts through manual dependency installation or alternative repository sources.
Permission issues often arise from incorrect user configuration or SELinux restrictions. Verify service user permissions and adjust ownership accordingly:
sudo chown -R rustdesk:rustdesk /var/lib/rustdesk
sudo chmod 755 /var/lib/rustdesk
Service startup failures typically indicate configuration errors or port conflicts. Examine system logs and verify port availability:
sudo lsof -i :21114
sudo netstat -tulpn | grep 21114
Connection Issue Diagnosis
Network connectivity problems require systematic diagnosis starting with basic connectivity tests. Verify DNS resolution and routing configuration:
nslookup your-domain.com
traceroute your-domain.com
Firewall blocking often prevents successful connections. Temporarily disable firewalls for testing while ensuring security implications are understood:
sudo systemctl stop firewalld
sudo iptables -F
Performance issues may result from network latency, insufficient bandwidth, or resource constraints. Monitor system resources during active sessions:
htop
iftop
iotop
Maintenance and Updates
Regular Maintenance Procedures
Establish routine maintenance schedules encompassing server updates, log rotation, and performance monitoring. Update RustDesk servers regularly to incorporate security patches and feature improvements:
sudo docker-compose pull
sudo docker-compose up -d
For RPM installations, use package managers for updates:
sudo dnf update rustdesk-server
sudo systemctl restart hbbs hbbr
Implement log rotation to prevent disk space exhaustion:
sudo tee /etc/logrotate.d/rustdesk > /dev/null <
Backup and Recovery Strategies
Develop comprehensive backup strategies covering configuration files, encryption keys, and user data. Critical files include server keys, configuration files, and logs:
sudo tar -czf rustdesk-backup-$(date +%Y%m%d).tar.gz /var/lib/rustdesk /opt/rustdesk
Test recovery procedures regularly to ensure backup integrity and restoration capabilities. Document recovery processes for emergency situations and staff training purposes.
Monitor server health through automated scripts and alerting systems. Implement capacity planning to accommodate growing user bases and increased connection demands.
Congratulations! You have successfully installed RustDesk. Thanks for using this tutorial for installing the RustDesk open-source remote desktop access on your AlmaLinux OS 10 system. For additional or useful information, we recommend you check the official RustDesk website.