Score:1

Does Microsoft Official RDP Program end to end encrypt data?

my flag

For example,

me RDP Client --connect to--> a Linux ServerA 1.1.1.1:3388 --iptables_Port_Forwarding--> a Windows ServerB 2.2.2.2:3389

Then, Is the part of me RDP Client >-to-> the Jump ServerA 1.1.1.1:3388 also Encrypted by RDP(TLS), or not like "naked"?

Score:3
za flag

Yes, RDP supports encryption between client and server. Remember how it asks for certificate trust when you first connect, and complains when common name in the certificate doesn't match hostname you entered? This is it.

In general, you use MS AD Certificate Services to issue certificates for server. Then, because AD CA certificates could be distributed to all domain computers, connections from those computers will verify server's certificates successfully and automatically. The dialog should not appear in this case. This is how it is intended to work.

If you enter IP address of a server to connect to instead of its FQDN, or connect from outside network via address translation, or connect from a computer which doesn't have CA certificate, this verification is impossible and the confirmation dialog appears.

FreeRDP asks for this confirmation too, showing the details of the remote presented certificate at first connection, and it maintains the list of "confirmed" servers in .config/freerdp/known_hosts2 file, much like ssh client does.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.