🖥️ Setup RustDesk Self-Hosted Server on Ubuntu
Deploy your own private RustDesk relay & ID server using Docker on Ubuntu 22.04 or 24.04 — fully automated with a single script.
📦 Resources & Setup Scripts
Grab the automated bash script from GitHub to follow along with the video.
Quick Install:
wget https://raw.githubusercontent.com/mhmdali94/Docker/main/remote-access/rustdesk/rustdesk-ubuntu.sh
chmod +x rustdesk-ubuntu.sh
sudo bash rustdesk-ubuntu.shTutorial Steps
1 Prerequisites
Make sure you have Ubuntu 22.04 or 24.04 with root/sudo access. The following firewall ports must be open:
| Port | Protocol | Purpose |
|---|---|---|
| 21115 | TCP | NAT type test |
| 21116 | TCP + UDP | ID service & hole punching |
| 21117 | TCP | Relay service (hbbr) |
| 21118 | TCP | Web client support |
| 21119 | TCP | Relay web client support |
2 Download the Script
Download the automated installer using wget:
wget https://raw.githubusercontent.com/mhmdali94/Docker/main/remote-access/rustdesk/rustdesk-ubuntu.sh3 Make it Executable
chmod +x rustdesk-ubuntu.sh4 Run the Installer
The script will check for Docker, clean up any previous installation, generate a fresh docker-compose.yml, and start the containers automatically.
sudo bash rustdesk-ubuntu.sh5 Enter Your Server IP or Domain
The script auto-detects your public WAN IP. Press Enter to accept it, or type a custom domain/IP:
Enter your domain or IP address [203.0.113.10]:6 Configure Your RustDesk Client
In your RustDesk client app, go to Settings → Network and set:
ID Server: your-server-ip:21116
Relay Server: your-server-ip:21117
API Server: http://your-server-ip:21114Files Location
/root/docker/rustdesk/docker-compose.ymlOverview
RustDesk is a fully open-source remote desktop application built in Rust. Unlike TeamViewer or AnyDesk, you run the relay and ID registration servers yourself, so all connection metadata stays private. The client app works on Windows, macOS, Linux, iOS, and Android, and supports both relayed and direct peer-to-peer connections.
Why Use It
RustDesk gives you a completely self-hosted remote desktop solution — no subscription, no per-seat fees, and zero connection metadata shared with third parties. Unlike TeamViewer or AnyDesk whose relay servers see every connection handshake, your RustDesk server handles all relay traffic so your organization's remote access data stays internal. The client apps are free, open-source, and available on every major platform. For IT teams and MSPs managing dozens of machines, the cost saving over TeamViewer licensing is substantial from day one.
When You Need It
Who Should Use It
Real Use Cases
Main Features
How to Use After Installation
Security Best Practices
Ports and Firewall Notes
RustDesk requires ports 21115, 21116, and 21117 TCP open for the hbbs (ID server) and hbbr (relay server). Port 21116 UDP must also be open for hole-punching NAT traversal — this is what enables direct peer-to-peer connections that bypass the relay. Port 21118 and 21119 are used if you enable the RustDesk web client. Do not block UDP 21116 or all connections will relay instead of going direct, increasing latency.
Backup and Maintenance
Common Mistakes
Troubleshooting
Alternatives
TeamViewer and AnyDesk are the commercial equivalents — polished, widely supported, but expensive at scale and all traffic goes through vendor infrastructure. Apache Guacamole is browser-based and excellent for centralized server access but requires a jump server setup and does not support Windows unattended desktop the same way. Remotely is purpose-built for IT helpdesk with agent-based management. MeshCentral is a full-featured open-source device management platform with remote access. For server-only SSH access, a simple bastion host with SSH key management may be simpler.
When Not to Use It
If you only need SSH access to Linux servers, RustDesk is overkill — a well-configured SSH setup with key authentication is simpler and more robust. If your team only accesses browser-based tools, Guacamole's web-only approach is cleaner. For compliance environments requiring session recording with tamper-proof audit trails, a dedicated PAM (Privileged Access Management) solution offers more controls than RustDesk. If you are supporting users who need guided help rather than unattended access, Remotely's helpdesk-focused workflow is better suited.
Need Help Setting Up RustDesk?
PrismaTechWork provides end-to-end infrastructure services — from initial deployment and security hardening to ongoing monitoring, automated backups, and dedicated support. Whether you need a single-server setup or a multi-site network, our team ensures your infrastructure is built right, secured properly, and maintained reliably.
Frequently Asked Questions
Is RustDesk truly free with no hidden limits?
Yes. The RustDesk server software (hbbs and hbbr) is open source under AGPLv3 and completely free with no connection limits. The client apps are also free and open source. There is an optional RustDesk Pro (paid) that adds a web admin console, user management, device groups, and audit logs — but the core relay and ID server functionality is entirely free for self-hosting.
How do I configure the RustDesk client to use my private server?
Open the RustDesk desktop client, click the three-dot menu icon next to your ID, and select Network. Set the ID Server, Relay Server, and API Server fields to your server's IP address or hostname. Paste your server's public key into the Key field. Click Apply. All future connections will route through your server instead of RustDesk's public infrastructure.
Can RustDesk connect without the relay server if both devices are on the same network?
Yes. When both devices are on the same LAN, RustDesk attempts a direct connection first. It also uses UDP hole-punching (on port 21116) to establish direct connections across NAT. If hole-punching succeeds, traffic flows peer-to-peer and the relay is not used. The relay is only used as a fallback when direct connection fails — typically in strict firewall environments.
How do I give someone access to my machine without them knowing my RustDesk ID and password?
Share your RustDesk ID (the 9-digit number shown on the main screen) and the one-time random password shown below it. This password changes every session when using temporary mode. The person enters these into their RustDesk client and requests a connection — you see a prompt to Accept or Decline. For unattended access, set a permanent password in Security settings so you can connect without interaction.
Does RustDesk support multiple monitors on the remote machine?
Yes. During a session, you can switch between monitors using the monitor icons in the toolbar. You can also choose to view all monitors simultaneously in a scaled-down view. This works on Windows and Linux. On macOS, screen recording permission must be granted in System Preferences > Security & Privacy for RustDesk to capture the display.
What happens if my RustDesk server goes down?
Existing active sessions continue until they are closed — the relay is only needed to establish the connection, not to maintain it after direct connection. New connections cannot be initiated while the server is down. If you need high availability, run hbbs and hbbr on two servers and configure clients with the primary server; clients can be reconfigured to the backup server manually if the primary fails.
Is RustDesk encrypted?
Yes. All RustDesk connections are end-to-end encrypted using the server's public key for key exchange and then AES-256 for session traffic. When you configure the client with your server's public key, it verifies the server identity and establishes an encrypted channel. The relay server only sees encrypted packets and cannot read the session content. Without the correct public key, a client cannot connect to your server.
Can I use RustDesk to access Android or iOS devices?
RustDesk can connect FROM Android and iOS devices to desktops and servers. For controlling Android devices remotely (the reverse), you need to install the RustDesk app on the Android device in server mode — Android allows this without root. iOS is more restricted by Apple and full remote control of an iOS device is not currently supported. Most users use mobile RustDesk clients to access their desktops, not the other way around.