AlmaLinuxRHEL Based

How To Install RustDesk on AlmaLinux 10

Install RustDesk on AlmaLinux 10

Remote desktop solutions have become indispensable tools for system administrators, IT professionals, and organizations seeking secure, reliable connectivity. RustDesk emerges as a powerful open-source alternative to commercial remote desktop software, offering enterprise-grade features without licensing costs. This comprehensive guide demonstrates the complete installation and configuration process for RustDesk on AlmaLinux 10, ensuring optimal performance and security.

AlmaLinux 10 provides an ideal foundation for hosting RustDesk servers due to its enterprise stability, robust security features, and Red Hat Enterprise Linux compatibility. Unlike proprietary solutions such as TeamViewer or AnyDesk, RustDesk offers complete control over data privacy, customizable security policies, and freedom from subscription limitations.

The installation process covers multiple deployment methods, from Docker-based containerized solutions to traditional RPM package installations. Each approach addresses different organizational requirements, whether prioritizing easy deployment, system integration, or performance optimization. Additionally, this guide includes advanced configuration options, security hardening techniques, and comprehensive troubleshooting procedures to ensure successful implementation.

System Requirements and Prerequisites

AlmaLinux 10 Hardware Specifications

RustDesk server deployment requires adequate system resources to handle multiple concurrent connections effectively. The minimum hardware configuration includes 2GB RAM, though 4GB or more is recommended for production environments. CPU requirements vary based on expected user load, with dual-core processors sufficient for small deployments and quad-core or higher recommended for larger organizations.

Storage requirements depend on logging preferences and user session recordings. A minimum of 10GB free disk space ensures adequate room for system files, logs, and temporary data. Network connectivity plays a crucial role, requiring stable internet access with sufficient bandwidth to support simultaneous remote desktop sessions.

Essential System Prerequisites

Administrative access through either root privileges or sudo capabilities is mandatory for installing system packages and configuring services. A fresh AlmaLinux 10 installation provides the cleanest environment, minimizing potential conflicts with existing software configurations.

SSH access enables remote server management and troubleshooting. Configure SSH key-based authentication for enhanced security, especially when managing production servers. Domain name configuration and proper DNS resolution facilitate easier client connections and certificate management for SSL/TLS encryption.

Required Software Dependencies

Package management through DNF requires updated repositories and system packages. Execute comprehensive system updates before beginning RustDesk installation to ensure compatibility and security. Essential development tools and libraries support various installation methods and future maintenance tasks.

Docker and Docker Compose installation may be necessary depending on the chosen deployment method. Container-based deployments offer isolation, simplified management, and consistent environments across different systems. Network configuration tools help optimize connectivity and troubleshoot connection issues.

Understanding RustDesk Architecture

Server Component Overview

RustDesk utilizes a distributed architecture comprising two primary server components working in conjunction. The hbbs (RustDesk ID server) manages client identification, authentication, and initial connection coordination. This component maintains client registrations, handles ID generation, and facilitates peer discovery within the network.

The hbbr (RustDesk Relay server) provides data relay functionality when direct peer-to-peer connections cannot be established. Network address translation (NAT) environments, corporate firewalls, and complex network topologies often require relay services to enable successful remote desktop connections. Understanding this architecture helps optimize deployment strategies and troubleshoot connectivity issues.

Network Configuration Requirements

RustDesk servers require specific TCP and UDP port configurations for optimal functionality. TCP ports 21114 through 21119 handle various communication protocols, including client registration, relay coordination, and administrative functions. UDP port 21116 specifically supports NAT traversal mechanisms, enabling connections through restrictive network environments.

Firewall configuration must accommodate these port requirements while maintaining security standards. Cloud-based deployments require security group modifications to allow inbound traffic on designated ports. Internal network deployments may need firewall rule adjustments and router configuration changes to support external client connections.

Installation Method 1: Docker-Based Deployment

Docker Installation Process

Begin Docker installation by updating the AlmaLinux 10 package repository to ensure access to the latest software versions:

sudo dnf update -y
sudo dnf install -y dnf-plugins-core

Add the official Docker repository to enable installation of Docker Community Edition:

sudo dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

Install Docker CE and associated components:

sudo dnf install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

Enable and start the Docker service to ensure automatic startup after system reboots:

sudo systemctl enable docker
sudo systemctl start docker

Verify successful Docker installation by checking the service status and running a test container:

sudo systemctl status docker
sudo docker run hello-world

RustDesk Container Configuration

Create a dedicated directory structure for RustDesk server files and configuration:

sudo mkdir -p /opt/rustdesk
cd /opt/rustdesk

Generate a comprehensive Docker Compose configuration file to define RustDesk services:

version: '3'

networks:
  rustdesk-net:
    external: false

services:
  hbbs:
    container_name: hbbs
    ports:
      - 21114:21114
      - 21115:21115
      - 21116:21116
      - 21116:21116/udp
      - 21118:21118
    image: rustdesk/rustdesk-server:latest
    command: hbbs -r rustdesk.example.com:21117
    volumes:
      - ./data:/root
    networks:
      - rustdesk-net
    depends_on:
      - hbbr
    restart: unless-stopped

  hbbr:
    container_name: hbbr
    ports:
      - 21117:21117
      - 21119:21119
    image: rustdesk/rustdesk-server:latest
    command: hbbr
    volumes:
      - ./data:/root
    networks:
      - rustdesk-net
    restart: unless-stopped

Replace rustdesk.example.com with your actual domain name or server IP address. Create the data directory for persistent storage:

sudo mkdir -p data

Service Deployment and Management

Deploy RustDesk services using Docker Compose:

sudo docker-compose up -d

Monitor container startup and verify successful deployment:

sudo docker-compose ps
sudo docker-compose logs

The deployment generates encryption keys automatically on first startup. Retrieve the public key for client configuration:

sudo cat data/id_ed25519.pub

Installation Method 2: RPM Package Installation

Direct Package Installation

Download the latest RustDesk server RPM package from the official repository:

cd /tmp
wget https://github.com/rustdesk/rustdesk-server/releases/latest/download/rustdesk-server-linux-amd64.rpm

Install the package using DNF with automatic dependency resolution:

sudo dnf localinstall -y rustdesk-server-linux-amd64.rpm

Verify package installation and available executables:

rpm -ql rustdesk-server
which hbbs hbbr

Service Configuration and Management

Create systemd service files for automated service management. Configure the hbbs service:

sudo tee /etc/systemd/system/hbbs.service > /dev/null <<EOF
[Unit]
Description=RustDesk ID Server
After=network.target

[Service]
Type=simple
ExecStart=/usr/bin/hbbs -r your-domain.com:21117
WorkingDirectory=/var/lib/rustdesk
User=rustdesk
Group=rustdesk
Restart=always
RestartSec=3

[Install]
WantedBy=multi-user.target
EOF

Configure the hbbr service:

sudo tee /etc/systemd/system/hbbr.service > /dev/null <<EOF
[Unit]
Description=RustDesk Relay Server
After=network.target

[Service]
Type=simple
ExecStart=/usr/bin/hbbr
WorkingDirectory=/var/lib/rustdesk
User=rustdesk
Group=rustdesk
Restart=always
RestartSec=3

[Install]
WantedBy=multi-user.target
EOF

Create the rustdesk user and working directory:

sudo useradd -r -s /sbin/nologin rustdesk
sudo mkdir -p /var/lib/rustdesk
sudo chown rustdesk:rustdesk /var/lib/rustdesk

Enable and start the services:

sudo systemctl daemon-reload
sudo systemctl enable hbbs hbbr
sudo systemctl start hbbs hbbr

Client Installation and Configuration

Multi-Platform Client Setup

RustDesk clients support various operating systems, ensuring comprehensive remote access capabilities. Download the appropriate client version for your target platform from the official RustDesk website or GitHub releases page.

For AlmaLinux and other RPM-based distributions, install the client package:

wget https://github.com/rustdesk/rustdesk/releases/latest/download/rustdesk-1.x.x-x86_64.rpm
sudo dnf localinstall -y rustdesk-1.x.x-x86_64.rpm

Windows clients require administrative privileges for installation and service configuration. macOS installations support both Intel and Apple Silicon architectures through universal binaries.

Client Configuration Process

Launch the RustDesk client and navigate to network settings to configure server connections. Enter your server’s domain name or IP address in the ID/Relay Server field. Specify port 21116 for the ID server and port 21117 for the relay server if using non-standard configurations.

Install RustDesk on AlmaLinux 10

Import the server’s public key to establish encrypted communications. Copy the contents of the id_ed25519.pub file generated during server installation and paste it into the client’s key field. This step ensures end-to-end encryption and prevents man-in-the-middle attacks.

Generate unique connection IDs for each client installation. These IDs facilitate remote connections and should be documented for administrative purposes. Configure access passwords or enable unattended access mode for automated connections.

Firewall and Network Configuration

AlmaLinux 10 Firewall Management

Configure the system firewall to allow RustDesk traffic while maintaining security standards. Open the required TCP ports:

sudo firewall-cmd --permanent --add-port=21114/tcp
sudo firewall-cmd --permanent --add-port=21115/tcp
sudo firewall-cmd --permanent --add-port=21116/tcp
sudo firewall-cmd --permanent --add-port=21117/tcp
sudo firewall-cmd --permanent --add-port=21118/tcp
sudo firewall-cmd --permanent --add-port=21119/tcp

Configure UDP port access for NAT traversal:

sudo firewall-cmd --permanent --add-port=21116/udp

Reload firewall configuration and verify rule implementation:

sudo firewall-cmd --reload
sudo firewall-cmd --list-all

SELinux Configuration Management

SELinux may restrict RustDesk server operations requiring policy adjustments. Check current SELinux status:

getenforce
sudo sestatus

If SELinux is enforcing, configure appropriate contexts for RustDesk executables and data directories:

sudo semanage fcontext -a -t bin_t "/usr/bin/hbbs"
sudo semanage fcontext -a -t bin_t "/usr/bin/hbbr"
sudo semanage fcontext -a -t var_lib_t "/var/lib/rustdesk(/.*)?"
sudo restorecon -Rv /usr/bin/hbbs /usr/bin/hbbr /var/lib/rustdesk

Generate custom SELinux policies if standard contexts prove insufficient for your deployment requirements.

Testing and Verification

Server Functionality Validation

Verify RustDesk server operations through multiple testing approaches. Check service status and resource utilization:

sudo systemctl status hbbs hbbr
sudo docker ps
sudo ss -tulpn | grep -E '2111[4-9]'

Test port accessibility from external networks using telnet or netcat:

telnet your-server.com 21114
nc -zv your-server.com 21116

Monitor server logs for error messages or connectivity issues:

sudo journalctl -u hbbs -f
sudo journalctl -u hbbr -f
sudo docker-compose logs -f

Connection Testing Procedures

Establish initial client connections to verify complete functionality. Test file transfer capabilities between connected systems to ensure data relay operations. Evaluate audio and video quality during active sessions, adjusting network settings if performance issues arise.

Document connection speeds and latency measurements for baseline performance metrics. Test multiple simultaneous connections to assess server capacity and identify potential bottlenecks. Verify connection stability during extended sessions and network interruptions.

Advanced Configuration and Security

Performance Optimization Strategies

Optimize RustDesk server performance through resource allocation adjustments and network tuning. Configure Docker container memory limits and CPU constraints to prevent resource exhaustion:

services:
  hbbs:
    deploy:
      resources:
        limits:
          memory: 512M
          cpus: '1.0'
        reservations:
          memory: 256M
          cpus: '0.5'

Implement network optimization settings for improved connection quality. Adjust TCP buffer sizes and congestion control algorithms:

echo 'net.core.rmem_max = 16777216' >> /etc/sysctl.conf
echo 'net.core.wmem_max = 16777216' >> /etc/sysctl.conf
echo 'net.ipv4.tcp_congestion_control = bbr' >> /etc/sysctl.conf
sudo sysctl -p

Security Hardening Implementation

Implement SSL/TLS encryption for enhanced security. Generate SSL certificates using Let’s Encrypt or internal certificate authorities:

sudo dnf install -y certbot
sudo certbot certonly --standalone -d your-domain.com

Configure access control mechanisms through firewall rules and authentication policies. Implement fail2ban to prevent brute-force attacks:

sudo dnf install -y fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2ban

Enable audit logging for security monitoring and compliance requirements:

sudo auditctl -w /var/lib/rustdesk -p wa -k rustdesk_access

Troubleshooting Common Issues

Installation Problem Resolution

Address Docker installation failures by verifying repository configuration and system architecture compatibility. Resolve package dependency conflicts through manual dependency installation or alternative repository sources.

Permission issues often arise from incorrect user configuration or SELinux restrictions. Verify service user permissions and adjust ownership accordingly:

sudo chown -R rustdesk:rustdesk /var/lib/rustdesk
sudo chmod 755 /var/lib/rustdesk

Service startup failures typically indicate configuration errors or port conflicts. Examine system logs and verify port availability:

sudo lsof -i :21114
sudo netstat -tulpn | grep 21114

Connection Issue Diagnosis

Network connectivity problems require systematic diagnosis starting with basic connectivity tests. Verify DNS resolution and routing configuration:

nslookup your-domain.com
traceroute your-domain.com

Firewall blocking often prevents successful connections. Temporarily disable firewalls for testing while ensuring security implications are understood:

sudo systemctl stop firewalld
sudo iptables -F

Performance issues may result from network latency, insufficient bandwidth, or resource constraints. Monitor system resources during active sessions:

htop
iftop
iotop

Maintenance and Updates

Regular Maintenance Procedures

Establish routine maintenance schedules encompassing server updates, log rotation, and performance monitoring. Update RustDesk servers regularly to incorporate security patches and feature improvements:

sudo docker-compose pull
sudo docker-compose up -d

For RPM installations, use package managers for updates:

sudo dnf update rustdesk-server
sudo systemctl restart hbbs hbbr

Implement log rotation to prevent disk space exhaustion:

sudo tee /etc/logrotate.d/rustdesk > /dev/null <

Backup and Recovery Strategies

Develop comprehensive backup strategies covering configuration files, encryption keys, and user data. Critical files include server keys, configuration files, and logs:

sudo tar -czf rustdesk-backup-$(date +%Y%m%d).tar.gz /var/lib/rustdesk /opt/rustdesk

Test recovery procedures regularly to ensure backup integrity and restoration capabilities. Document recovery processes for emergency situations and staff training purposes.

Monitor server health through automated scripts and alerting systems. Implement capacity planning to accommodate growing user bases and increased connection demands.

Congratulations! You have successfully installed RustDesk. Thanks for using this tutorial for installing the RustDesk open-source remote desktop access on your AlmaLinux OS 10 system. For additional or useful information, we recommend you check the official RustDesk website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Back to top button