8

When attempting to use remote desktop from a Windows 10 (21H2 19044.1566) box to an Ubuntu 22.04 LTS (fully patched), I receive the following error:

An authentication error has occurred. The token supplied to the function is invalid.

Remote computer: {Computer name}

This is when attempting to RDP with an AD domain user, which I can confirm logs in successfully locally.

SORoss
  • 157
  • 1
  • 1
  • 10
  • Are you using an RDP Gateway? I'm facing the same problem after upgrading last night to 22.04. I think this is an issue with the available ciphers on the current 22.04 SSL library. Can you share your command line for freerdp or what client you're using? – trademarq May 06 '22 at 04:16
  • @beneM Not sure why it got down-voted. I just up-voted it myself. Are you by chance using an RD Gateway? That seems to be the only place I'm having the problem. I'm trying to work on the issue I'm having but it only happens to me with the Gateway and I'm not sure that's the same condition everybody else is seeing. LAN connections seem to work fine. – trademarq May 07 '22 at 03:15
  • I'm not using an RD Gateway. I think your cipher suspicion is correct, from checking syslog. I've lost the link now, but I think the latest version of FreeRDP will fix this. Will try and install this ASAP and report back. – SORoss May 07 '22 at 18:10
  • @trademarq: Not using a RD gateway, trying to connect over LAN only. This might at least help your issue: https://bugs.launchpad.net/ubuntu/+source/freerdp2/+bug/1971170 I am unable to test -proposed hence will probably need to wait. – beneM May 10 '22 at 10:28
  • I just tried -proposed updates and still got the same error, but again, I'm not using a gateway. – SORoss May 10 '22 at 15:12
  • I get the same error connecting from W10 to an Ubuntu Desktop box with local users. syslog displays the folowing for gnome-remote-desktop-daemon: [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_CONTINUE_NEEDED [0x00090312] [WARN][com.winpr.negotiate] - AcceptSecurityContext status SEC_I_COMPLETE_NEEDED [0x00090313] [ERROR][com.winpr.sspi.NTLM] - Message Integrity Check (MIC) verification failed! [WARN][com.winpr.sspi] - CompleteAuthToken status SEC_E_MESSAGE_ALTERED [0x8009030F] [WARN][com.freerdp.core.nla] - CompleteAuthToken status SEC_E_MESSAGE_ALTERED [0x8009030F] ... – rominator007 May 29 '22 at 19:30

2 Answers2

4

Verify the password in Settings->Share->Remote Desktop in Authentification section, maybe it's not the same as the one you use to connect in SSH or locally

Skysave
  • 41
  • 1
  • As it’s currently written, your answer is unclear. Please [edit] to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community May 23 '22 at 06:57
  • Unlike on Windows, RDP on Linux uses a different password than your AD account. Check your settings like the answer above. – manit Jul 01 '22 at 15:06
1

Unsecuring the "Login" Keyring, as described in this answer has solved the issue for me.

Password and Keys application -> Right-click on Login keyring -> change the password to blank. This adds a security vulnerability but might be acceptable in some setups.

Sergii Zaskaleta
  • 502
  • 1
  • 4
  • 21