RustDesk Server requires strict key management and stable relay connectivity for reliable self-hosted remote access.
RustDesk server stack usually includes:
hbbs (ID/signal server)hbbr (relay server)
Example environment values:
RUSTDESK_DOMAIN=rustdesk.example.com
RUSTDESK_RELAY=rustdesk.example.com
RUSTDESK_KEY_PATH=/var/lib/rustdesk/id_ed25519
¶ Key and trust management
- Generate and protect server key pair on first deployment.
- Distribute trusted public key to clients via managed channel.
- Rotate keys only with planned client rollout to avoid lockouts.
¶ Access and session policy
- Restrict admin panel/network exposure.
- Use allowlists for managed endpoints where possible.
- Log session metadata for operational auditing.
- Define approval policy for unattended access.
¶ Backup and recovery
Back up:
- RustDesk key material
- server config files and service units
- optional account/state database if enabled
Recovery test:
- Restore key and config on test host.
- Register one client.
- Validate direct and relay-assisted session paths.
- Relay/signaling process health monitored.
- Key storage permissions audited.
- TLS endpoint monitoring active.
- Client trust-on-first-use policy documented.
Feel free to contact us. Find all contact information on our contact page.