ADDED   rdp.sh
Index: rdp.sh
==================================================================
--- rdp.sh
+++ rdp.sh
@@ -0,0 +1,117 @@
+#! /bin/bash
+
+if [ "$1" = '-ssh' ]; then
+	shift
+
+	RDP_SSH_JUMPBOX="$1"
+	shift
+else
+	RDP_SSH_JUMPBOX=''
+fi
+
+RDP_HOST="$1"
+shift
+
+function printHelp() {
+	echo 'Usage: rdp [-ssh host] <host> [<xfreeRdpArgs...>]'
+}
+
+if [ -z "${RDP_HOST}" ]; then
+	printHelp >&2
+
+	exit 1
+fi
+
+# Include a config file, which is actually just a script
+# This script can do things like update the "RDP_SSH_JUMPBOX"
+# based on the "RDP_HOST", provide a password (from a password
+# manager, like hunter2, ideally), etc.
+if [ -f ~/.rdp.conf ]; then
+	. ~/.rdp.conf
+fi
+
+## Split the target into host/port pairs
+case "${RDP_HOST}" in
+	*:*)
+		hostName="$(echo "${RDP_HOST}" | cut -f 1 -d ':')"
+		hostPort="$(echo "${RDP_HOST}" | cut -f 2 -d ':')"
+		;;
+	*)
+		hostName="${RDP_HOST}"
+		hostPort='3389'
+		;;
+esac
+
+# If we are jumping through an SSH jumpbox, setup port forwarding
+if [ -n "${RDP_SSH_JUMPBOX}" ]; then
+	# Pick a random port to forward on
+	randomPort=$[${RANDOM} % 1024 + 3390]
+
+	# Determine an SSH control socket
+	sshControlSocket="/tmp/ssh-sock-${randomPort}-$$${RANDOM}${RANDOM}${RANDOM}"
+
+	function cleanup() {
+		# Kill the SSH session
+		sshPid="$(timeout 30 ssh -S "${sshControlSocket}" -O check /dev/null 2>&1 | grep 'pid=' | sed 's@.*pid=@@;s@).*$@@')"
+		if [ -n "${sshPid}" ]; then
+			kill -9 "${sshPid}" >/dev/null 2>/dev/null
+		fi
+
+		rm -f "${sshControlSocket}"
+	}
+
+	# Start SSH
+	ssh -L${randomPort}:${hostName}:${hostPort} -o ExitOnForwardFailure=yes -o ControlMaster=yes -S "${sshControlSocket}" -a -f -N "${RDP_SSH_JUMPBOX}"
+
+	# Verify SSH started
+	sshPid="$(ssh -S "${sshControlSocket}" -O check /dev/null 2>&1 | grep 'pid=' | sed 's@.*pid=@@;s@).*$@@')"
+	if [ -z "${sshPid}" ]; then
+		echo "Unable to start SSH" >&2
+
+		exit 1
+	fi
+
+	hostId="${hostName}:${hostPort}!${RDP_SSH_JUMPBOX}"
+
+	hostName='localhost'
+	hostPort="${randomPort}"
+else
+	function cleanup() {
+		return 0
+	}
+
+	hostId="${hostName}:${hostPort}"
+fi
+
+trap cleanup EXIT
+
+# Connect to the RDP session
+## Determine username and domain
+if [ -n "${RDP_USERNAME}" ]; then
+	addArgs=("${addArgs[@]}" -u "${RDP_USERNAME}")
+else
+	addArgs=("${addArgs[@]}" -u "$(whoami)")
+fi
+
+if [ -n "${RDP_DOMAIN}" ]; then
+	addArgs=("${addArgs[@]}" -d "${RDP_DOMAIN}")
+fi
+
+## Determine port
+if [ -n "${hostPort}" -a "${hostPort}" != '3389' ]; then
+	addArgs=("${addArgs[@]}" -t "${hostPort}")
+fi
+
+## Export the password to the environment and tell xfreerdp to use
+## it.  This requires a patched xfreerdp.
+if [ -n "${RDP_PASSWORD}" ]; then
+	export RDP_PASSWORD
+
+	addArgs=("${addArgs[@]}" -p ENV:RDP_PASSWORD)
+fi
+
+## Actually call xfreerdp
+xfreerdp --plugin drdynvc --plugin rdpdr --data scard "disk:pwd:$(pwd)" -- --certificate-name "${hostId}" "${addArgs[@]}" "$@" "${hostName}"
+returnCode="$?"
+
+exit "${returnCode}"