Files
doc.rustdesk.com/v3/src/content/post/en/rustdesk-unattended-access-setup.md
T
2026-07-09 11:16:29 +08:00

10 KiB

publishDate, lang, translationKey, draft, title, excerpt, image, category, tags, author, faq, metadata
publishDate lang translationKey draft title excerpt image category tags author faq metadata
2026-07-07T00:00:00Z en rustdesk-unattended-access-setup false RustDesk Unattended Access: Setup Guide Set up RustDesk unattended access the right way: a permanent password, run as a service so it starts on boot, and deploy at scale with a pre-configured client. ~/assets/images/blog/rustdesk-unattended-access-setup-og.png Deployment
RustDesk
deployment
unattended-access
RustDesk Team
question answer
How do I set up unattended access in RustDesk? Two things are required: set a permanent password under Settings, Security so you don't need someone to approve each connection, and install RustDesk as a system service so it runs before login and survives logout. With both in place you can reach the machine any time, including at the login screen, without a person present.
question answer
Why does my RustDesk connection drop when the user logs out? That happens when RustDesk is run as a portable executable instead of installed as a service. A portable session ends when the user logs out or a UAC prompt appears. Install RustDesk and enable the service (Start on boot) so it runs in the background independent of any logged-in user, which is what makes unattended access reliable.
question answer
Is unattended access with a permanent password safe? It can be deployed safely when configured well. Use a long, unique permanent password, restrict who can connect, enable available identity and access controls, patch clients, and review logs. Self-hosting controls server-side services and stored deployment data; the endpoint still protects its local credentials.
question answer
Can I deploy RustDesk unattended access to many computers at once? Yes. On Basic and higher self-hosted plans, the Custom Client Generator produces a pre-configured installer with your server address, key, and settings baked in, so end users don't type anything. Push it with your existing deployment tooling and each device installs the service and registers against your server automatically.
question answer
Does unattended access work at the Windows login screen? Yes, once RustDesk is installed as a service with Start on boot enabled. Because the service runs before any user logs in, you can connect to the login screen, authenticate, and even trigger a reboot and reconnect. Running the portable executable cannot do this because it only exists inside a user session.
description keywords
Set up RustDesk unattended access: permanent password, run as a service for start on boot, per-platform notes for Windows/macOS/Linux, and fleet deployment. RustDesk unattended access, RustDesk permanent password, RustDesk start on boot, RustDesk service install, RustDesk unattended setup, RustDesk deploy at scale, unattended remote access

Unattended access means reaching a computer when no one is sitting in front of it — a server in a rack, a kiosk, a family member's PC across the country. RustDesk does this well, but only if you configure two things correctly: a permanent password so no one has to approve each connection, and RustDesk running as a service so it's available before login and after logout. This guide covers both, plus how to roll it out across a fleet.

The short answer

Set a permanent password (Settings → Security) and install RustDesk as a system service with Start on boot enabled. The password removes the need for a human to accept the prompt; the service makes RustDesk run independently of any logged-in user, so you can connect at any time — including at the login screen. To deploy at scale, generate a pre-configured client so every machine installs itself against your server automatically.

Step 1: Set a permanent password

By default, RustDesk shows a rotating one-time password that a person on the remote end would read to you. For unattended access you replace that with a fixed credential:

  1. Open RustDesk on the machine you want to reach.
  2. Go to Settings → Security (older builds: the password area on the main screen).
  3. Choose Set permanent password and enter a strong, unique value.

The RustDesk client documentation describes this as the core of unattended access. One rule worth emphasizing: do not reuse the operating-system login password. Use a dedicated, high-entropy password for RustDesk so a leak of one credential doesn't compromise the other.

Step 2: Install as a service and start on boot

This is the step people miss. If you just run the portable .exe or .app, the session ends the moment the user logs out or a UAC/permission prompt appears — because that process only exists inside the user's session. To be truly unattended, RustDesk must run as a background system service.

  • Run the RustDesk installer (not the portable build) and complete installation.
  • In Settings → General, make sure the Service toggle is on and Start on boot is enabled.

Once RustDesk runs as a service, it loads before anyone logs in, which is what lets you connect to the login screen, authenticate remotely, and even reboot and reconnect without a person present. Community write-ups on proper Windows service setup stress the same distinction: portable equals attended-only; installed service equals unattended.

Per-platform notes

Platform What to do Watch out for
Windows Install, enable Service + Start on boot Portable exe drops on logout/UAC; use the installer
macOS Install, set permanent password, grant permissions Screen Recording and Accessibility must be granted; login-screen capture needs the helper installed
Linux Install the service package; prefer X11/Xorg Wayland capture is experimental and needs an active session
Android Set permanent password; enable capture Screen must be awake; enable Developer-options screen-share settings

Windows

The cleanest path. Install, toggle the service on, set the permanent password, done. Because the service runs at boot, unattended access to the login screen and through reboots works as expected.

macOS

macOS gates screen capture and input behind permissions. After installing, open System Settings → Privacy & Security and grant RustDesk both Screen Recording and Accessibility. For access at the login window (before any user logs in), the RustDesk service/helper must be installed so it can capture pre-login — otherwise you'll get a black screen there, the same capture issue covered in our black-screen guide.

Linux

Install RustDesk so its service component runs at boot. For unattended reliability, prefer an X11/Xorg session: Wayland capture is experimental, prompts for consent on each connect, and only works inside an active session — awkward for a machine that may sit at the greeter. See RustDesk for Linux for the details.

Step 3: Deploy at scale with a pre-configured client

Configuring one machine by hand is fine. Configuring fifty isn't. On Basic and higher self-hosted plans, the Custom Client Generator in the web console builds an installer with your server address, public key, and settings pre-baked, so end users type nothing. Combined with your existing deployment tool (Group Policy, Intune, an MSP RMM, a shell script), each device installs the service and registers against your server on first run.

This is where self-hosting pays off for teams: you get an unattended fleet you fully control, with no per-seat cloud metering deciding how many endpoints you're "allowed" to reach. Set up the generator via the web console on port 21114. Note that RustDesk is licensed per login-user and managed-device, not per concurrent session, so budget by how many machines and admins you have — see what counts as a managed device.

Lock it down

Unattended access is a standing door into a machine, so treat the credentials seriously:

  • Strong, unique permanent password, rotated periodically.
  • Two-factor authentication and, on Pro, access controls so only authorized accounts can connect. Our write-up on per-user access control and device groups covers scoping who reaches what.
  • Self-host the server-side services when you need control of rendezvous, relay, console, and stored deployment data. Endpoint credentials remain an endpoint-security responsibility. Because the client is open source under AGPL, its authentication implementation can be reviewed.

An honest caveat

Unattended access trades convenience for exposure: a machine that answers any time is a machine an attacker would love to answer to. That's a reason to insist on a strong, unique password and 2FA, not the OS login, and to prefer a server you control over the shared public one. Self-hosting also means the service's uptime is now yours to maintain — but in exchange, no third party can silently change the rules on who reaches your fleet. For most admins that ownership is the whole point.

Getting started costs nothing: run the free community server, set a permanent password, install the service, and you have unattended access on infrastructure you own. For the Custom Client Generator, access controls, and other commercial features, see rustdesk.com/pricing or email sales@rustdesk.com — and if you'd like to see the workflow first, browse RustDesk in action.