Installation
Install Ubuntu
You will need a linux VM (or bare metal), I tested this on Ubuntu 22.04.
You can use this guide.
Install RPort
I opted for topt instead of email login.
If you plan to use this with clients on remote locations,
you will need to do some port forwarding on your firewall.
- 20000-20050/tcp
- 8000/tcp
Port 5000 is also the WebUI, if you also want this to be accessible remotely, I’d recommend SSL/TLS offloading with HAProxy
cd $HOMEcurl -o rportd-installer.sh https://get.rport.iosudo bash rportd-installer.sh \--totp \--client-port 8000 \--api-port 5000 \--fqdn rport.yourdomain.com \--port-range 20000-20050Example output:
user@rport:~$ sudo bash rportd-installer.sh \--totp \--client-port 8000 \--api-port 5000 \--fqdn rport.yourdomain.com \--port-range 20000-20050[*] Setting CLIENT_PORT to 8000[*] Setting API_PORT to 5000[-] Using tunnel port range 20000-20050[*] Installing Dependencies ... be patient.[-] The following packages will be installed: pwgen apache2-utils unzip curl sqlite3 netcatHit:1 http://gr.archive.ubuntu.com/ubuntu jammy InReleaseGet:2 http://gr.archive.ubuntu.com/ubuntu jammy-updates InRelease [109 kB]Get:3 http://gr.archive.ubuntu.com/ubuntu jammy-backports InRelease [99.8 kB]Get:4 http://gr.archive.ubuntu.com/ubuntu jammy-security InRelease [110 kB]Fetched 320 kB in 1s (449 kB/s)Reading package lists... Done##################[*] Dependencies installed.[*] UFW firewall detected. Adding rules now.[-] Allowing API Port 5000Skipping adding existing ruleSkipping adding existing rule (v6)[-] Allowing Client Port 8000Skipping adding existing ruleSkipping adding existing rule (v6)[-] Allowing Tunnel Port Range 20000-20050Skipping adding existing ruleSkipping adding existing rule (v6)[-] Downloading https://download.rport.io/rportd/stable/latest.php?arch=x86_64rportdrportd.example.confService installed[-] Service file /etc/systemd/system/rportd.service createdversion 0.7.0------------------------------------------------------------------------------[*] The RPort server has been installed from the latest stable release.
[*] Name of your RPort server: rport.yourdomain.com You can change it later.[*] Skipping Let's encrypt because ACME does not support none default ports.[*] Creating self-signed certificate for rport.yourdomain.com[-] Certificate Authority created in /etc/rport/ssl/ca/export/rport.yourdomain.com-ca-root-cert.crt.Import this file into OS and/or browser.[*] Read https://kb.rport.io/ carefully.Certificate request self-signature oksubject=C = GB, ST = London, L = London, O = Global Security, OU = IT Department, CN = rport.yourdomain.com
[-] SSL key and self-signed certificate created.[-] Configuration file /etc/rport/rportd.conf written.[-] RPort Database /var/lib/rport/user-auth.db created.[-] Client auth file /var/lib/rport/client-auth.json written.[*] totp-based two factor authentication installed.[*] The RPort Frontend has been installed from the latest stable release.[-] Downloading https://github.com/novnc/noVNC/archive/refs/tags/v1.3.0.zip[*] NoVNC Addon installed to /var/lib/rport/noVNC-1.3.0[*] Going to install the Guacamole Proxy Daemon for RPort using Debian/Ubuntu Packages[-] Downloading rport-guacamole_1.4.0_ubuntu_jammy_x86_64.deb[-] Installing rport-guacamole_1.4.0_ubuntu_jammy_x86_64.deb via apt-get###################[*] Guacamole Proxy Daemon for RPort installed.[-] Guacamole Proxy Daemon registered in /etc/rport/rportd.confWhat's nextStatus of your RPort server: Running :-)------------------------------------------------------------------------------TATAA!! All finished
----> Let's get started <----Point your browser to https://rport.yourdomain.com:5000Login with: User = admin Password = GeFatea3b
After the log in, you must set up your TOTP authenticator app.------------------------------------------------------------------------------As you can see on end it shows you the default, random generated credentials. Consider changing them once you login