Windows – Private/Public Key Authentication for Windows Remote desktop

authenticationremote desktopwindows-server-2012-r2

Does anything exist for Windows RDP (Remote Desktop Protocol) that is similar to SSH (in Linux) Public/Private key authentication (Instead of leaving normal password authentication open)?

I'm finding conflicting answers to this topic around the internet. I'm hoping to be able to just distribute a private key to client devices instead of using a complex password on every login (assuming I do not want to eventually disable password authentication totally).

Best Answer

Remote Desktop supports X.509 client certificates, under the "smart-card authentication" name. Despite the name, it should work with locally-installed certs/keys (i.e. without an actual smart-card). Though it does however require an Active Directory domain, as far as I know.

So, sort of but not really in a way that's useful to you.