RemoteDesk

1. Overview

RemoteDesk is a modern Windows remote-access client. It puts SSH, SFTP, RDP, and VNC into a single tabbed window, with every server you save kept inside an encrypted master-password vault. The goal: one app for every protocol you actually use, with safe defaults and no cloud.

What you get:

• SSH — full xterm.js terminal in WebView2, password or private-key auth, multi-tab, reconnect, jump-host chains, inline credential prompts when nothing is saved.
• SFTP — dual-pane file browser (right-click an SSH session → Open file browser (SFTP)). Drag-drop between panes or from Windows Explorer, recursive folder transfers, per-transfer progress and cancel.
• RDP — embedded remote desktop session, rendered inside the tab via the Windows MsRdpClient ActiveX. No external mstsc.exe window, no Windows 11 SmartScreen prompt, no taskbar entry. Saved password injected directly; live-resizes with the window; HiDPI-correct.
• VNC — embedded VNC viewer rendered inside the tab. Add a jump host and the connection is automatically tunneled through SSH — wrapping otherwise-plaintext VNC traffic in encryption. Built-in "Send keys" menu for Ctrl+Alt+Del, ☔Win, Alt+Tab, Alt+F4.
• MobaXterm import — bring sessions in from a .mxtsessions export, complete with groups and single-hop jump hosts.

The same session can be opened many times for parallel connections. SSH and SFTP can run as two tabs against the same server simultaneously, sharing one set of credentials.

2. Install & Requirements

RemoteDesk ships as a single-file .exe. Install from Microsoft Store and run — no installer, no .NET runtime required.

• Windows 10 / 11 (x64)
• WebView2 Runtime — pre-installed on Windows 11. On Windows 10 install from Microsoft if the terminal pane is blank: developer.microsoft.com/microsoft-edge/webview2

3. Master Password & Vault

First launch — create your vault

On first run you'll be asked to set a master password. This password encrypts every session you save (host, username, saved passwords, key paths, jump-host credentials, host-key fingerprints).

Unlocking

Every launch prompts for your master password. No "remember on this device" by design. The password box is focused automatically — type and press Enter.

If you forget it, click Forgot password? Reset vault under the password box — confirms, wipes the vault, and starts you fresh.

Auto-lock

After 15 minutes of inactivity (configurable: Settings → General, 1–240 min), the vault locks. Already-open terminals keep running — locking only blocks new connects and edits.

Manual lock: the padlock icon in the title bar, or Ctrl+Shift+L.

4. Managing Sessions

4.1 Creating a Session

Click + New Session in the sidebar — a tabbed editor opens:

4.2 Groups, Search & Multi-Select

Right-click the empty area below the session list → New group at root. Right-click a group for:

• New session in this group — opens the editor pre-targeted to that group.
• New subgroup — nested folder.
• Rename group / Delete group — deleting a group moves its sessions back to root rather than deleting them.

Drag a session onto a group to move it; drag onto the empty area to move it back to root. Group expansion state is remembered across app restarts.

Selecting sessions

• Click — single-select.
• Ctrl+click — toggle a session into / out of the multi-selection.
• Shift+click — range-select from the last single-clicked anchor to the clicked session, in tree order.
• Click a group clears any multi-selection (groups can't be part of a multi-set).

Right-click actions

The menu lists the actions for that session type (e.g. Open SSH terminal, Open file browser (SFTP), Connect to RDP), plus Edit, Duplicate, Delete.

With multiple sessions multi-selected, the action menu items apply to all of them: clicking Open SSH terminal with 3 SSH sessions selected spawns 3 tabs in one go. Sessions whose type doesn't support the chosen action are silently skipped. Duplicate and Delete also operate on the entire multi-selection (delete asks one combined confirmation).

Search

The search box above the tree filters sessions by name or user@host:port as you type. Group structure is preserved while filtering.

5. Tabs & Split View

• Status dot — gray (idle) → amber (connecting) → emerald (connected) → red (error / disconnected).
• Active tab is clearly marked — colored top accent bar (in the session's color), bolder title, lighter background.
• Drag a tab to reorder the tab strip.
• Right-click a tab for Close / Close others / Close all.
• Close with the × on the tab, Ctrl+W, or the right-click menu — the connection is torn down cleanly.

Split view

The split-view button in the title bar (the rectangles icon) toggles between single-active-tab mode and all-tabs-visible-at-once mode. In split mode every open tab renders simultaneously in an auto-laid grid (max 2 columns; an odd last row spans full width). The active pane has a colored border.

Reconnect

When an SSH connection drops, a banner appears above the terminal with a Reconnect button. The same tab is reused (scrollback preserved) and a fresh connection is started.

6. SSH Terminal

• Copy — Ctrl+Shift+C (selection only). The xterm.js selection ends up on the Windows clipboard.
• Paste — Ctrl+Shift+V or right-click → Paste. Multi-line content opens a confirm dialog (preview + warning) before sending; single-line pastes go straight through.
• Select all — Ctrl+Shift+A or right-click → Select all.
• Ctrl+C is unchanged — sends SIGINT to the shell.

Multi-paste

Right-click → Multi-paste to terminals. Pick any subset of open terminals (with All / None / Others shortcuts), edit the payload in the preview pane, toggle Append newline to execute on send. One click types the same text into every selected terminal.

Inline credential prompts

When a session has no saved username or password, you're prompted inline in the terminal at connect time — like OpenSSH does. Right-click → Paste works inside the prompt too. Banners make it clear which server is asking:

Multi-hop jumps are numbered (Jump host 1/3:). Hops using key auth skip the password prompt. Pressing Ctrl+C at any prompt cancels the connect cleanly.

7. SFTP File Browser

Right-click an SSH session → Open file browser (SFTP). The SFTP tab shares the SSH session's credentials — no second login.

• Left pane — local Windows files (starts in your home folder).
• Right pane — remote SFTP files (starts in the server's home directory). Folder/file icons are pulled from your Windows shell so .txt, .zip, .png, etc. look the same as in Explorer.
• Toolbar per pane: Up / Home / Refresh + editable path bar.
• Multi-select files / folders for batch operations.
• Right-click menus — Local: Upload (works on files and folders). Remote: Download / Delete (confirmed) / Rename / New folder / Refresh.
• Drag-drop: Local → Remote = upload, Remote → Local = download, Windows Explorer → Remote pane also uploads.
• Folder transfers are recursive — the directory tree is walked, matching remote directories are created on demand (existing dirs are reused, not re-created).

Sign-in card

If the SSH session is missing a username, password, or jump-host credential when you open the SFTP tab, an inline Sign in to SFTP card appears over the dimmed file panes — one row per missing target/jump field, with the session's color accent strip on top. Click Connect. On auth failure the card stays with a red error banner; the password field is cleared so you retype intentionally, and the username stays pre-filled.

Overwrite prompts

Before clobbering anything that already exists, you get a single dialog:

• Upload a folder that already exists on the remote → "Folder already exists — Merge / Cancel". Merge overwrites colliding files inside.
• Upload a file that already exists → "Replace / Cancel".
• Download a folder or file that already exists locally → same prompts, against your local disk.

Cancel always aborts silently — nothing is queued, no half-state.

Transfer drawer & concurrency

The bottom Transfers panel auto-hides when empty. Each row shows direction icon (↑ accent upload, ↓ green download, 🗑 red delete), filename, live progress bar (color-coded by state), percent and bytes transferred, state label, and a × cancel button.

Up to 3 transfers run in parallel per SFTP tab (capped to avoid saturating the SSH session). Extra transfers wait in Queued state in the drawer and start as slots free up.

Deletion

Recursive — the directory tree is walked and emptied before the folder itself is removed (SFTP servers refuse rmdir on non-empty directories). A pre-count walk runs first so the drawer can show 47 / 189 items instead of an indeterminate spinner.

8. RDP — Embedded

RDP sessions are embedded in the tab — the remote desktop renders directly inside RemoteDesk, the same way MobaXterm shows it. There is no separate mstsc.exe window, no taskbar entry for the session, and no Windows 11 "Opening Remote Desktop Connection" SmartScreen warning.

What happens when you open an RDP session:

• The saved username and password are pushed straight into the control — no Credential Manager dance, no re-prompt.
• The session opens at the actual size of the tab in real pixels, with the correct DPI scale factor sent to the server so text on the remote stays crisp.
• Resizing the RemoteDesk window live-resizes the session — on Windows Server 2019/2022/Windows 10/11, the server renegotiates a new resolution on the fly. On older servers that don't support dynamic resolution change, the existing image is smart-sized to fit instead.
• Clipboard redirection is on; smart-card redirection is on; drive and printer redirection are off.
• Closing the tab disconnects the session.

9. VNC — Embedded & SSH-Tunneled

VNC is embedded the same way RDP is — the remote desktop renders inside the tab, no external viewer process, no separate window. Mouse, keyboard, and the framebuffer are all driven directly.

Send keys

Some key combinations (Ctrl+Alt+Del, ☔Win, Alt+Tab, Alt+F4) are intercepted by Windows locally and never reach the framebuffer. The floating Send keys ▾ button at the top-right of the tab synthesizes these chords directly to the remote — pick one from the menu.

VNC is plaintext — the safe defaults

The VNC protocol itself does not encrypt anything. Passwords (a weak DES-based scheme) and the entire screen + keyboard stream travel in cleartext over TCP. That's fine on your own LAN but not OK over the internet.

The proper fix is routing the VNC connection through SSH. There's no on/off switch for this — just add a jump host and tunneling happens automatically.

Scenario 1 — Jump host has direct network access to the VNC server

Your jump host (a bastion, ops box, anything you can SSH into) can already reach the VNC server's IP on its LAN. You want the jump host to forward the VNC connection.

Set it up:

Scenario 2 — VNC is on a hypervisor's loopback (loopback gateway)

The libvirt/QEMU/Proxmox case: a hypervisor hosts a VM, the VM's VNC console is bound to the hypervisor's loopback (127.0.0.1:5901), and the hypervisor itself is only reachable via an SSH bastion.

The bastion can't reach 127.0.0.1:5901 of the hypervisor directly — that loopback only exists on the hypervisor. So we need one extra SSH hop at the end of the chain to land on the hypervisor itself, and forward the TCP connection from there.

Jump-host credentials caveat (VNC only)

Every jump host needs its own saved password or private key — there is no inline prompt for jump-host credentials in a VNC tab the way there is in an SSH terminal (VNC tabs don't have text I/O). If you leave a jump host's password empty, RemoteDesk surfaces a clear error before attempting any connection: "Jump host X@Y has no saved password or private key. Open the session editor → Jump hosts tab, re-enter the password (or pick a key), and save."

10. Jump-Host Chains

The Jump hosts tab in the session editor lets you chain any number of SSH gateways before the final connection. Hops are dialed in display order (first row first); the last hop performs the TCP forward to the target.

• Per-hop credentials — each hop has its own host, port, username, and either a password or a private key file.
• Reorderable — rearrange hops in the editor; order on the wire matches order in the list.
• Per-hop error attribution — when a chain fails, the exception names the exact hop and auth method: e.g. SSH hop failed: [email protected]:22 (password auth): Permission denied (password).
• Works for SSH, SFTP, and VNC — the same chain definition carries across protocols.
• Inline prompts for missing jump credentials in SSH and SFTP terminals; VNC tabs surface a clear pre-connect error (no inline prompt because there's no text I/O surface).

Saved credentials skip prompts silently. A banner suffix ((using saved credentials)) tells you why no prompt appeared for a particular hop — making it explicit that nothing has been authenticated yet, just that the credentials will be sent when the connect attempt fires.

11. Importing from MobaXterm

Settings → General → Import sessions from MobaXterm... Pick your .mxtsessions export. The preview lists every entry from the file:

• Supported protocols (SSH, SFTP, RDP, VNC) have an enabled checkbox, checked by default.
• Unsupported protocols (Telnet, Mosh, Serial, RSH, Xdmcp, FTP, WSL, etc.) appear with a disabled checkbox and an "Unsupported" tag so you can see what was skipped.
• Group structure is preserved (MobaXterm's \-separated folders map to RemoteDesk's /-separated groups, including empty folders).
• For SSH/SFTP sessions, the single-hop "Connect through SSH gateway" jump host is imported into our Jump hosts list.

12. Settings & Credential Auto-Save

The ⚙ icon in the title bar opens Settings, organized in two tabs.

General

• Auto-lock after — minutes of inactivity before the vault locks (1–240).
• Change master password — verifies the current password, then re-encrypts the entire vault under a new key.
• Import sessions from MobaXterm — see the import section above.
• About — app version.

Credentials

Controls what happens to credentials you type at an inline prompt during connect. Any usernames or passwords you save in the session editor are always kept in the vault. For sessions with nothing saved, the policy decides whether credentials typed inline are auto-saved after a successful connect.

• Save session host username (default: on)
• Save session host password (default: off — opt in for convenience)
• Save jump host usernames (default: on)
• Save jump host passwords (default: off)

Auto-save only fires on a successful connect — a rejected password is never persisted. Saves are written into the encrypted vault under your master password.

13. Keyboard Shortcuts

14. Security Model

What the vault protects you from:

• Someone reading your sessions.vault file directly.
• A stolen laptop, hard drive, or backup ending up in unfriendly hands.

What it does not protect you from:

• Malware or a keylogger running as your Windows user — they can capture the master password as you type it.
• Someone with physical access while the vault is already unlocked.

These are the same limits every serious password manager has.

15. Configuration Files & Paths

RemoteDesk writes to exactly two per-user folders. Nothing is written next to the .exe — the install location is treated as read-only so the app works when installed from the Microsoft Store.

Persistent files

Cache

Reset / Backup / Store-compatibility

• Wipe everything (factory reset): close the app, delete %APPDATA%\RemoteDesk\ (vault + settings) and %LOCALAPPDATA%\RemoteDesk\ (cache). Next launch behaves like a fresh install.
• Back up: copy %APPDATA%\RemoteDesk\sessions.vault and %APPDATA%\RemoteDesk\settings.json. The vault is already encrypted under your master password so it's safe to copy to OneDrive, a USB stick, or another machine.
• Microsoft Store distribution: under MSIX packaging, Windows transparently virtualizes the %APPDATA% and %LOCALAPPDATA% writes into the per-package container. No code change required.

16. Troubleshooting

• Terminal pane is blank — install the WebView2 Runtime (see Install & Requirements above). The app will pick it up on next launch.
• Can't connect through a jump host that has no saved credentials — RemoteDesk prompts inline for missing jump-host credentials in SSH/SFTP tabs, labeled per-hop. If you cancelled the prompt, try connecting again; or fill the credentials in via the session editor's Jump hosts tab. For VNC tabs (no text I/O surface), open the editor and save the credentials there.
• RDP session opens at a tiny resolution and stays that way — should be auto-handled by the post-connect retry burst. If you still see it, resizing the RemoteDesk window once forces a re-negotiate.
• "VNC traffic is not encrypted" amber warning on a server I trust — either move the VNC server to an RFC1918 / loopback / link-local address (warning auto-hides), or add a jump host to enable SSH tunneling.
• Session editor dialog content looks clipped — should not happen on supported Windows builds; if it does, share a screenshot.