CrossDesk: The Comprehensive Guide to Open-Source, Cross-Platform Remote Desktop

In an era where remote work and digital collaboration are the norm, the need for reliable, secure, and flexible remote desktop solutions has never been greater. Many commercial tools offer convenience, but often come with connection limitations, subscription fees, and concerns about data privacy. This is where open-source alternatives shine, providing control and transparency. One such emerging solution is CrossDesk, a lightweight, cross-platform remote desktop application designed with modern needs in mind.
This guide provides a deep dive into CrossDesk, exploring its features, installation processes, advanced configurations, and self-hosting capabilities. Whether you’re a developer looking to understand its architecture, an IT professional seeking a self-hosted solution, or a home user wanting to help family members remotely, this article will equip you with the knowledge to effectively use and deploy CrossDesk.

What is CrossDesk? A Modern Approach to Remote Access

At its core, CrossDesk is a lightweight, cross-platform remote desktop software that distinguishes itself with a standout feature: a fully functional web client. This means you can control a remote device directly from a web browser, without needing to install any software on the controlling machine. This browser-based access is complemented by native desktop clients for a more traditional experience.
CrossDesk is built as an experimental application of the MiniRTC library. MiniRTC itself is a powerful, lightweight, cross-platform real-time audio and video transmission library. It forms the technical backbone of CrossDesk, providing a suite of enterprise-grade capabilities:

  • Network Traversal: It implements RFC 5245, which is the standard for Interactive Connectivity Establishment (ICE). This technology is crucial for establishing peer-to-peer connections behind various types of Network Address Translators (NATs), significantly improving connection success rates in complex network environments.
  • Video Encoding: Supports both software and hardware encoding for modern video codecs, including H.264 for broad compatibility and AV1 for next-generation compression efficiency.
  • Audio Encoding: Utilizes the Opus audio codec, a highly versatile and low-latency codec optimized for both speech and music transmission over the internet.
  • Signaling and Control: Includes a robust framework for signaling, which is the process of coordinating communication sessions between endpoints.
  • Network Congestion Control: Dynamically adjusts the transmission bitrate based on network conditions to ensure a smooth and stable connection, even on fluctuating bandwidth.
  • Secure Transmission: All media streams are encrypted using Secure Real-time Transport Protocol (SRTP), providing confidentiality and integrity for your remote sessions.
    This combination of features makes CrossDesk not just a simple remote viewer, but a comprehensive solution for secure, high-performance remote control.

Core Advantages of CrossDesk

CrossDesk offers several compelling advantages that set it apart from both commercial and other open-source remote desktop tools.

1. True Cross-Platform Compatibility

CrossDesk is designed to work seamlessly across all major desktop operating systems, ensuring you can access and control devices regardless of the OS they are running.

Platform Minimum Version Special Notes
Windows Windows 10 and above (64-bit) No special requirements.
macOS Intel: 15.0 and above
Apple Silicon: 14.0 and above		 Versions between 14.0 and 15.0 on Intel Macs can be made compatible through self-compilation.
Linux Ubuntu 22.04 and above Older versions can be supported by compiling from the source code.
This broad compatibility eliminates the common frustration of finding a remote tool that works on your machine but not on the one you’re trying to access.

2. Unique Web Client Functionality

The ability to connect from a web browser is CrossDesk’s most significant convenience feature. By visiting the CrossDesk Web Client, you can initiate a remote session from any device with a modern browser, including tablets and smartphones. This is incredibly useful for providing spontaneous tech support or accessing your own computer from an unfamiliar device where you cannot install software.
iOS Safari controlling a Windows 11 desktop

3. Enterprise-Grade Technical Foundation

Built on MiniRTC, CrossDesk inherits a robust, low-level architecture focused on performance and security. The support for hardware-accelerated video encoding (via CUDA) can offload processing from the CPU, resulting in smoother video and lower system resource usage on the host machine. The use of standard protocols like Opus for audio and SRTP for encryption ensures high-quality, secure communication.

4. Lightweight and Efficient Design

CrossDesk is engineered for performance. It has a small footprint, consumes minimal system resources, and is optimized for speed. This makes it suitable for use on older hardware or in environments where performance is critical, ensuring that the remote session does not bog down the host computer.

System Requirements and Installation

Before diving into usage, it’s essential to ensure your system meets the minimum requirements. The table in the previous section outlines these. For most users on modern systems, compatibility will not be an issue.

Standard Installation and Usage

For the majority of users, the easiest way to get started is by downloading the pre-built, ready-to-use installation packages from the project’s release page on GitHub.
1. Initiating a Connection:
Once the client is installed and running on both the local and remote machines, connecting is straightforward. On the controlling machine, simply enter the unique Device ID of the remote computer into the “Peer ID” field in the menu bar and click the arrow button to initiate the connection.
Initiating a remote connection in CrossDesk
2. Password-Protected Connections:
For enhanced security, the remote device can be configured with a connection password. If a password is set, the local user will be prompted to enter it before the connection is established.
Entering a password for a secure connection
3. Customizing Settings:
Before connecting, users can access the settings menu to customize various options, such as the interface language, preferred video encoding format (H.264 or AV1), and other performance-related parameters.
Accessing the settings menu in CrossDesk

Using the Web Client

The web client offers a remarkably simple experience:

  1. Open any modern web browser (like Chrome, Firefox, or Safari) and navigate to CrossDesk Web Client.
  2. Enter the Remote Device ID of the computer you wish to control.
  3. If required, enter the connection password.
  4. Click the “Connect” button to instantly access the remote desktop.

Advanced Configuration: Compiling from Source

For developers, advanced users, or those who need to run CrossDesk on unsupported systems, compiling from source is the way to go. This process also allows you to enable specific features like CUDA hardware acceleration.

Prerequisites

You will need two primary build tools:

  • xmake: A powerful, cross-platform build utility.
  • cmake: A widely used open-source tool for managing the build process of software.
    On Linux, you’ll also need to install a series of development libraries. You can install them with the following command:
sudo apt-get install -y software-properties-common git curl unzip build-essential libx11-dev libxrandr-dev libxinerama-dev libxcursor-dev libxi-dev libxcb-randr0-dev libxcb-xtest0-dev libxcb-xinerama0-dev libxcb-shape0-dev libxcb-xkb-dev libxcb-xfixes0-dev libxfixes-dev libxv-dev libxtst-dev libasound2-dev libsndio-dev libxcb-shm0-dev libasound2-dev libpulse-dev

The Compilation Process

With the dependencies in place, you can compile CrossDesk using these commands:

# Clone the repository
git clone https://github.com/kunkundi/crossdesk.git
# Navigate into the project directory
cd crossdesk
# Initialize and update the submodules
git submodule init 
git submodule update
# Build the project
xmake b -vy crossdesk

Compilation Options

You can customize the build with specific flags:

  • --USE_CUDA=true/false: This flag enables or disables CUDA support for hardware-accelerated video encoding and decoding. It is disabled by default.
  • --CROSSDESK_VERSION=xxx: Use this to specify a custom version string for your build.
    Example:
    To compile version 1.0.0 with CUDA support enabled:
xmake f --CROSSDESK_VERSION=1.0.0 --USE_CUDA=true

After building, you can run the application directly from xmake:

xmake r crossdesk

Enabling CUDA Without a Pre-installed Environment

Recognizing that not all developers have a full CUDA development environment set up, the CrossDesk team provides convenient solutions.
For Linux Developers:
A pre-configured Ubuntu 22.04 Docker image is available. This image contains all the necessary build dependencies, including the CUDA toolkit, allowing you to compile the project with hardware encoding support in an isolated container.
To use it:

# Inside the Docker container
export CUDA_PATH=/usr/local/cuda
export XMAKE_GLOBALDIR=/data
xmake f --USE_CUDA=true
xmake b --root -vy crossdesk

For Windows Developers:
xmake can automatically manage the CUDA toolchain for you. First, install it with:

xmake require -vy "cuda 12.6.3"

Once installed, verify its location:

xmake require --info "cuda 12.6.3"

This command will output the installation directory. You then need to set the CUDA_PATH environment variable to this directory, either permanently in Windows settings or temporarily in your terminal:

set CUDA_PATH=path_to_cuda_installdir

Finally, re-run the configuration and build commands:

xmake f --USE_CUDA=true
xmake b -vy crossdesk

Important Note: If you run the compiled client and the status bar shows “Not connected to server,” you must first install the official client from the CrossDesk website. This process installs the necessary root certificate files into your system’s trust store, which are required for secure connections.
Certificate installation prompt in the client

Self-Hosting Your Own CrossDesk Server

For ultimate control over your data, privacy, and infrastructure, CrossDesk can be deployed as a self-hosted server using Docker. This is ideal for businesses, teams, or privacy-conscious individuals who want to manage their own relay infrastructure.

Docker Deployment

The recommended method for deployment is using Docker. The following command launches a CrossDesk server instance:

sudo docker run -d \
  --name crossdesk_server \
  --network host \
  -e EXTERNAL_IP=xxx.xxx.xxx.xxx \
  -e INTERNAL_IP=xxx.xxx.xxx.xxx \
  -e CROSSDESK_SERVER_PORT=xxxx \
  -e COTURN_PORT=xxxx \
  -e MIN_PORT=xxxxx \
  -e MAX_PORT=xxxxx \
  -v /path/to/your/certs:/crossdesk-server/certs \
  -v /path/to/your/db:/crossdesk-server/db \
  -v /path/to/your/logs:/crossdesk-server/logs \
  crossdesk/crossdesk-server:v1.1.1

Understanding the Configuration Parameters:

  • EXTERNAL_IP: Your server’s public IP address. This is the address you will enter in the client’s “Self-hosted server configuration” as the “Server Address.”
  • INTERNAL_IP: Your server’s private/local network IP address.
  • CROSSDESK_SERVER_PORT: The main port for the CrossDesk service. This corresponds to the “Server Port” in the client configuration.
  • COTURN_PORT: The port for the COTURN relay service (used for NAT traversal). This is the “Relay Service Port” in the client.
  • MIN_PORT / MAX_PORT: A range of UDP ports for the COTURN service to use for media relay. For example, MIN_PORT=50000 and MAX_PORT=60000. The range size should be adjusted based on the expected number of concurrent connections.
  • /path/to/your/certs: A local directory path where you will store your SSL certificate files. This must be an absolute path to a directory you have created.
  • /path/to/your/db: A local directory path for persisting the server’s device management database.
  • /path/to/your/logs: A local directory path for storing server logs.
    Crucial Firewall Considerations:
    For the server to function correctly, you must open the following ports in your server’s firewall:
  • 3478/udp and 3478/tcp (for COTURN signaling)
  • The MIN_PORT to MAX_PORT range over UDP (for media relay)
  • The CROSSDESK_SERVER_PORT over TCP (for the main service)

SSL/TLS Certificate Configuration

Secure connections rely on SSL/TLS certificates. The server needs its own private key and certificate, while the client needs to trust the root certificate authority (CA) that signed the server’s certificate.
If you already have your own SSL certificates, you can use them. If not, you can generate a simple set for testing or internal use with the provided script.

Generating Certificates with the Provided Script

  1. Create a new file named generate_certs.sh:

    vim generate_certs.sh
  2. Copy the following script content into the file:

    #!/bin/bash
set -e
# Check for server IP argument
if [ "$#" -ne 1 ]; then
    echo "Usage: $0 <SERVER_IP>"
    exit 1
fi
SERVER_IP="$1"
# Define file names
ROOT_KEY="crossdesk.cn_root.key"
ROOT_CERT="crossdesk.cn_root.crt"
SERVER_KEY="crossdesk.cn.key"
SERVER_CSR="crossdesk.cn.csr"
SERVER_CERT="crossdesk.cn_bundle.crt"
FULLCHAIN_CERT="crossdesk.cn_fullchain.crt"
# Define certificate subject
SUBJ="/C=CN/ST=Zhejiang/L=Hangzhou/O=CrossDesk/OU=CrossDesk/CN=$SERVER_IP"
# 1. Generate root private key
echo "Generating root private key..."
openssl genrsa -out "$ROOT_KEY" 4096
echo "Generating self-signed root certificate..."
openssl req -x509 -new -nodes -key "$ROOT_KEY" -sha256 -days 3650 -out "$ROOT_CERT" -subj "$SUBJ"
# 2. Generate server private key
echo "Generating server private key..."
openssl genrsa -out "$SERVER_KEY" 2048
# 3. Generate server CSR
echo "Generating server CSR..."
openssl req -new -key "$SERVER_KEY" -out "$SERVER_CSR" -subj "$SUBJ"
# 4. Create a temporary OpenSSL config file for SAN
SAN_CONF="san.cnf"
cat > $SAN_CONF <<EOL
[ req ]
default_bits = 2048
distinguished_name = req_distinguished_name
req_extensions = req_ext
prompt = no
[ req_distinguished_name ]
C = CN
ST = Zhejiang
L = Hangzhou
O = CrossDesk
OU = CrossDesk
CN = $SERVER_IP
[ req_ext ]
subjectAltName = IP:$SERVER_IP
EOL
# 5. Sign the server certificate with the root certificate (including SAN)
echo "Signing server certificate with root certificate..."
openssl x509 -req -in "$SERVER_CSR" -CA "$ROOT_CERT" -CAkey "$ROOT_KEY" -CAcreateserial \
  -out "$SERVER_CERT" -days 3650 -sha256 -extfile "$SAN_CONF" -extensions req_ext
# 6. Create the full chain certificate
cat "$SERVER_CERT" "$ROOT_CERT" > "$FULLCHAIN_CERT"
# 7. Clean up intermediate files
rm -f "$ROOT_CERT.srl" "$SAN_CONF" "$ROOT_KEY" "$SERVER_CSR" "$FULLCHAIN_CERT"
echo "Generation complete. Deployment files:"
echo "  Client root certificate: $ROOT_CERT"
echo "  Server private key: $SERVER_KEY"
echo "  Server certificate: $SERVER_CERT"
  3. Make the script executable and run it, providing your server’s public IP:

    chmod +x generate_certs.sh
./generate_certs.sh YOUR_SERVER_PUBLIC_IP

    For example: ./generate_certs.sh 123.45.67.89
    This will produce three key files:

  • crossdesk.cn_root.crt: The root certificate to be installed on clients.
  • crossdesk.cn.key: The server’s private key.
  • crossdesk.cn_bundle.crt: The server’s public certificate.

Deploying the Certificates

On the Server:
Place the crossdesk.cn.key and crossdesk.cn_bundle.crt files into the directory you specified with the -v /path/to/your/certs flag in the Docker run command.
On the Desktop Client:

  1. Click the settings icon in the top-right corner of the client.

    Accessing the settings page

  2. Navigate to the “Self-hosted server configuration” section.

    Self-hosted configuration menu

  3. In the “Certificate file path” selector, locate and select the crossdesk.cn_root.crt file you generated. Click confirm.

    Selecting the root certificate file

  4. Check the box to “Use self-hosted server configuration” and fill in your server’s IP and port details. Click confirm to apply the settings.

    Enabling self-hosted configuration
    For the Web Client, certificate handling is managed differently. More details can be found in the CrossDesk Web Client project repository.

Frequently Asked Questions (FAQ)

Can I control a desktop from my mobile phone?
Yes. The CrossDesk Web Client allows you to control a remote desktop from any modern mobile browser, including Safari on iOS. Simply navigate to the web client URL and enter the device ID and password.
What are the requirements for self-hosting a server?
You need a server with a public IP address, Docker installed, and the ability to open specific firewall ports (3478/tcp+udp, a range of UDP ports, and a TCP port for the main service).
How do I enable hardware acceleration for better performance?
You need to compile CrossDesk from source with the --USE_CUDA=true flag. This requires a CUDA-compatible NVIDIA GPU and the CUDA development toolkit installed on the host machine. The project provides Docker images and xmake commands to simplify this process.
What does the “Not connected to server” status mean?
This typically means the client cannot verify the server’s identity because the required root certificate is not installed in your system’s trust store. The easiest fix is to download and run the official installer from the CrossDesk website once, which handles the certificate installation.
What video and audio codecs does CrossDesk support?
CrossDesk supports H.264 and AV1 for video encoding, and Opus for audio. You can choose your preferred video codec in the client settings.
Is the Web Client as feature-rich as the desktop client?
The Web Client provides the core remote control functionality, including real-time audio and video transmission. It is designed for convenience and accessibility, especially on devices where you cannot install software.
Can I use CrossDesk on older Linux distributions?
While the pre-built packages are for Ubuntu 22.04+, you can compile CrossDesk from source on older distributions. You may need to manually resolve dependencies for your specific OS version.
How secure is a CrossDesk connection?
Connections are secured using SRTP (Secure Real-time Transport Protocol) for encrypting the media stream. When self-hosting, you can further enhance security by using your own SSL/TLS certificates, ensuring all communication, including signaling, is encrypted and authenticated.
Does CrossDesk support multiple monitors?
Yes, the desktop client supports remote control of systems with multiple monitors. You can typically switch between the different displays from within the remote session interface.
How do I persist data when using the Docker server?
The Docker run command uses volume mounts (-v flags) to map directories on your host machine to directories inside the container. By mounting paths for the database (/path/to/your/db) and logs (/path/to/your/logs), you ensure that this data is preserved even if the container is stopped, removed, or recreated.

Conclusion

CrossDesk presents a compelling, modern alternative in the remote desktop landscape. Its combination of cross-platform native clients, a unique and convenient web client, a foundation built on robust real-time communication protocols, and the option for full self-hosting makes it a versatile tool for a wide range of users. From personal use cases like accessing a home computer while traveling to professional applications like providing secure, in-house IT support, CrossDesk offers the features, performance, and control that many users are looking for. Its open-source nature not only ensures transparency but also invites community contribution and continuous improvement.