10 KiB
publishDate, lang, translationKey, draft, title, excerpt, image, category, tags, author, faq, metadata
| publishDate | lang | translationKey | draft | title | excerpt | image | category | tags | author | faq | metadata | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2026-07-07T00:00:00Z | en | rustdesk-unattended-access-setup | false | RustDesk Unattended Access: Setup Guide | Set up RustDesk unattended access the right way: a permanent password, run as a service so it starts on boot, and deploy at scale with a pre-configured client. | ~/assets/images/blog/rustdesk-unattended-access-setup-og.png | Deployment |
|
RustDesk Team |
|
|
Unattended access means reaching a computer when no one is sitting in front of it — a server in a rack, a kiosk, a family member's PC across the country. RustDesk does this well, but only if you configure two things correctly: a permanent password so no one has to approve each connection, and RustDesk running as a service so it's available before login and after logout. This guide covers both, plus how to roll it out across a fleet.
The short answer
Set a permanent password (Settings → Security) and install RustDesk as a system service with Start on boot enabled. The password removes the need for a human to accept the prompt; the service makes RustDesk run independently of any logged-in user, so you can connect at any time — including at the login screen. To deploy at scale, generate a pre-configured client so every machine installs itself against your server automatically.
Step 1: Set a permanent password
By default, RustDesk shows a rotating one-time password that a person on the remote end would read to you. For unattended access you replace that with a fixed credential:
- Open RustDesk on the machine you want to reach.
- Go to Settings → Security (older builds: the password area on the main screen).
- Choose Set permanent password and enter a strong, unique value.
The RustDesk client documentation describes this as the core of unattended access. One rule worth emphasizing: do not reuse the operating-system login password. Use a dedicated, high-entropy password for RustDesk so a leak of one credential doesn't compromise the other.
Step 2: Install as a service and start on boot
This is the step people miss. If you just run the portable .exe or .app, the session ends the moment the user logs out or a UAC/permission prompt appears — because that process only exists inside the user's session. To be truly unattended, RustDesk must run as a background system service.
- Run the RustDesk installer (not the portable build) and complete installation.
- In Settings → General, make sure the Service toggle is on and Start on boot is enabled.
Once RustDesk runs as a service, it loads before anyone logs in, which is what lets you connect to the login screen, authenticate remotely, and even reboot and reconnect without a person present. Community write-ups on proper Windows service setup stress the same distinction: portable equals attended-only; installed service equals unattended.
Per-platform notes
| Platform | What to do | Watch out for |
|---|---|---|
| Windows | Install, enable Service + Start on boot | Portable exe drops on logout/UAC; use the installer |
| macOS | Install, set permanent password, grant permissions | Screen Recording and Accessibility must be granted; login-screen capture needs the helper installed |
| Linux | Install the service package; prefer X11/Xorg | Wayland capture is experimental and needs an active session |
| Android | Set permanent password; enable capture | Screen must be awake; enable Developer-options screen-share settings |
Windows
The cleanest path. Install, toggle the service on, set the permanent password, done. Because the service runs at boot, unattended access to the login screen and through reboots works as expected.
macOS
macOS gates screen capture and input behind permissions. After installing, open System Settings → Privacy & Security and grant RustDesk both Screen Recording and Accessibility. For access at the login window (before any user logs in), the RustDesk service/helper must be installed so it can capture pre-login — otherwise you'll get a black screen there, the same capture issue covered in our black-screen guide.
Linux
Install RustDesk so its service component runs at boot. For unattended reliability, prefer an X11/Xorg session: Wayland capture is experimental, prompts for consent on each connect, and only works inside an active session — awkward for a machine that may sit at the greeter. See RustDesk for Linux for the details.
Step 3: Deploy at scale with a pre-configured client
Configuring one machine by hand is fine. Configuring fifty isn't. On Basic and higher self-hosted plans, the Custom Client Generator in the web console builds an installer with your server address, public key, and settings pre-baked, so end users type nothing. Combined with your existing deployment tool (Group Policy, Intune, an MSP RMM, a shell script), each device installs the service and registers against your server on first run.
This is where self-hosting pays off for teams: you get an unattended fleet you fully control, with no per-seat cloud metering deciding how many endpoints you're "allowed" to reach. Set up the generator via the web console on port 21114. Note that RustDesk is licensed per login-user and managed-device, not per concurrent session, so budget by how many machines and admins you have — see what counts as a managed device.
Lock it down
Unattended access is a standing door into a machine, so treat the credentials seriously:
- Strong, unique permanent password, rotated periodically.
- Two-factor authentication and, on Pro, access controls so only authorized accounts can connect. Our write-up on per-user access control and device groups covers scoping who reaches what.
- Self-host the server-side services when you need control of rendezvous, relay, console, and stored deployment data. Endpoint credentials remain an endpoint-security responsibility. Because the client is open source under AGPL, its authentication implementation can be reviewed.
An honest caveat
Unattended access trades convenience for exposure: a machine that answers any time is a machine an attacker would love to answer to. That's a reason to insist on a strong, unique password and 2FA, not the OS login, and to prefer a server you control over the shared public one. Self-hosting also means the service's uptime is now yours to maintain — but in exchange, no third party can silently change the rules on who reaches your fleet. For most admins that ownership is the whole point.
Getting started costs nothing: run the free community server, set a permanent password, install the service, and you have unattended access on infrastructure you own. For the Custom Client Generator, access controls, and other commercial features, see rustdesk.com/pricing or email sales@rustdesk.com — and if you'd like to see the workflow first, browse RustDesk in action.