Rustdesk (https://rustdesk.com/) is the open source, self-hosted alternative to Teamviewer. Rustdesk has client programs for Windows, Linux, MacOS and Android. Rustdesk is a server based application and not a web based application which requires five application ports to be forwarded by your router.
Rustdesk does not use reverse proxy or SSL. Encryption is accomplished by private/public key pairs.
In my example, I am installing the Rustdesk server in a LXD container and then installing the Rustdesk docker application inside of it. If you have an existing Docker server, you can disregard setting up the LXD container.
If you watched my “LXD Step by Step” tutorial, we created a bridge called bridge0 and also created a “bridgeprofile” to allow our LXD container to be presented to the main LAN. I use that when creating the LXD container for Rustdesk. With that in mind, here is the command that can be used to create a LXD container for Rustdesk (I used LXD Dashboard to create the container in the video):
lxc launch ubuntu:22.04 Rustdesk --profile default --profile bridgeprofile -c limits.memory=2048MB -c limits.cpu.allowance=20% -c boot.autostart=true -c security.nesting=true
Connect to your container via LXD or ssh. I used LXD:
lxc shell Rustdesk
Update the container:
sudo apt update && sudo apt upgrade -y
Install docker and docker-compose:
curl -sSL https://get.docker.com | sh sudo apt install docker-compose
Add my user account “scott” to the docker group:
sudo usermod -aG docker scott newgrp docker groups
Create a folder for rustdesk components as a best practice and move into it:
mkdir rustdesk cd rustdesk
Create the docker-compose file:
Insert the following into the file changing “domain.xxx” to your domain or subdomain name:
version: '3' networks: rustdesk-net: external: false services: hbbs: container_name: hbbs ports: - 21115:21115 - 21116:21116 - 21116:21116/udp - 21118:21118 image: rustdesk/rustdesk-server:latest command: hbbs -r domain.xxx:21117 volumes: - ./hbbs:/root networks: - rustdesk-net depends_on: - hbbr restart: unless-stopped hbbr: container_name: hbbr ports: - 21117:21117 - 21119:21119 image: rustdesk/rustdesk-server:latest command: hbbr volumes: - ./hbbr:/root networks: - rustdesk-net restart: unless-stopped
You will now want to define the port forwarding for the five required ports for your Rustdesk server.
All of the port forwards require TCP protocol and port 21116 requires both TCP and UDP protocol. All routers perform port forwarding a bit differently. Basically, you want to listen to ports 21115 - 21119 on your WAN connection of your router and forward this traffic to the same ports to the LAN address of your docker server (the LXD container in my example).
Once your port forwarding on the router is complete, deploy the rustdesk docker application:
docker compose up -d
Now move into the “hbbs” folder:
List the contents of the public key as shown in the video and copy it up to and including the “=”:
Your key will be different from the one listed in the example.
Launch your Rustdesk client program downloaded from https://rustdesk.com/ and go to the settings screen by selecting the hamburger menu and then choose the “network” configuration:
Enter your domain or subdomain name into the “ID server” field. This tells the client programs the location of the rustdesk server.
Paste the public key that you copied above into the “key” field and then click “Apply”.
You need to provide the “ID Server” and the “Key” to others so that they can enter this information into their client as well so that your Rustdesk client can reach their Rustdesk client in order to be able to control their computer.
For those of you that prefer not to install your Rustdesk as a docker container, here’s an alternative installation:
wget https://raw.githubusercontent.com/techahold/rustdeskinstall/master/install.sh chmod +x install.sh ./install.sh
You will now be able to use Rustdesk to remote control/assist clients, customers, students, friends or employees simply by following the procedures in the video tutorial.
Note: Thanks to @dac for the following. You can force your server to only be available to those with your public key. Simply make the changes indicated in the following image to your docker-compose.yml file.