Guacamole will provide a web-based control panel that will allow you to switch quickly from one machine to another – all within the same web browser window.It will help us to control our server through web interface.Before installing guacamole we want to make sure xrdp is installed in our system(follow my blog http://www.goserverspace.com/2017/09/xrdp-for-ubuntu-142.html for it)
Installing Guacamole Server
Before installing guacamole, you will need to take care of its dependencies first.
For Debian and Ubuntu:
#apt-get install make libssh2-1-dev libtelnet-dev libpango1.0-dev libossp-uuid-dev libcairo2-dev libpng12-dev freerdp-x11 libssh2-1 libvncserver-dev libfreerdp-dev libvorbis-dev libssl0.9.8 gcc libssh-dev libpulse-dev tomcat7 tomcat7-admin tomcat7-docs ghostscript
For RHEL / CentOS / Fedora#yum install cairo-devel libjpeg-devel libpng-devel uuid-devel freerdp-devel pango-devel libssh2-devel libssh-dev tomcat tomcat-admin-webapps tomcat-webapps libvncserver-devel.x86_64 libvncserver-devel.i686 libvncserver.x86_64 libvncserver.i686 libtelnet-devel.x86_64 libtelnet-utils.x86_64 libtelnet.x86_64 libvorbis* libwebp*
After installing Dependencies check Tomcat is working or not by following.
http://localhost:8080 or http://IPADDRESS:8080
You can change the Webserver port by following:
If we want to change the port number of comcat service,then edit server.xml file
#vi /etc/tomcat/server.xml
Change from: <Connector port="8080" protocol="HTTP/1.1"
To: <Connector port="40001" protocol="HTTP/1.1"
Download and extract the Guacamole Server – 0.9.9
# mkdir /usr/src/guacamole-server
#cd /usr/src/guacamole-server
Download the packages by following
#wget http://downloads.sourceforge.net/project/guacamole/current/source/guacamole-server-0.9.9.tar.gz
#wget http://downloads.sourceforge.net/project/guacamole/current/binary/guacamole-0.9.9.war
Extract the downloaded package by following:
#tar xzf guacamole-server-0.9.9.tar.gz
Call the directory after successfully extracted.
#cd /usr/src/guacamole-server/guacamole-server-0.9.9/
Compile the software
#./configure --with-init-dir=/etc/init.d
As it is to be expected, configure will check your system for the presence of the required dependencies and for supported communication protocols (as can be seen in the highlighted square, Remote Desktop Protocol (RDP) and SSH are supported by the dependencies installed earlier).
If everything goes as expected you should see this when it completes (otherwise, make sure you installed all the necessary dependencies):
Installing Guacamole Server
Before installing guacamole, you will need to take care of its dependencies first.
For Debian and Ubuntu:
#apt-get install make libssh2-1-dev libtelnet-dev libpango1.0-dev libossp-uuid-dev libcairo2-dev libpng12-dev freerdp-x11 libssh2-1 libvncserver-dev libfreerdp-dev libvorbis-dev libssl0.9.8 gcc libssh-dev libpulse-dev tomcat7 tomcat7-admin tomcat7-docs ghostscript
For RHEL / CentOS / Fedora#yum install cairo-devel libjpeg-devel libpng-devel uuid-devel freerdp-devel pango-devel libssh2-devel libssh-dev tomcat tomcat-admin-webapps tomcat-webapps libvncserver-devel.x86_64 libvncserver-devel.i686 libvncserver.x86_64 libvncserver.i686 libtelnet-devel.x86_64 libtelnet-utils.x86_64 libtelnet.x86_64 libvorbis* libwebp*
After installing Dependencies check Tomcat is working or not by following.
http://localhost:8080 or http://IPADDRESS:8080
You can change the Webserver port by following:
If we want to change the port number of comcat service,then edit server.xml file
#vi /etc/tomcat/server.xml
Change from: <Connector port="8080" protocol="HTTP/1.1"
To: <Connector port="40001" protocol="HTTP/1.1"
Download and extract the Guacamole Server – 0.9.9
# mkdir /usr/src/guacamole-server
#cd /usr/src/guacamole-server
Download the packages by following
#wget http://downloads.sourceforge.net/project/guacamole/current/source/guacamole-server-0.9.9.tar.gz
#wget http://downloads.sourceforge.net/project/guacamole/current/binary/guacamole-0.9.9.war
Extract the downloaded package by following:
#tar xzf guacamole-server-0.9.9.tar.gz
Call the directory after successfully extracted.
#cd /usr/src/guacamole-server/guacamole-server-0.9.9/
Compile the software
#./configure --with-init-dir=/etc/init.d
As it is to be expected, configure will check your system for the presence of the required dependencies and for supported communication protocols (as can be seen in the highlighted square, Remote Desktop Protocol (RDP) and SSH are supported by the dependencies installed earlier).
If everything goes as expected you should see this when it completes (otherwise, make sure you installed all the necessary dependencies):
Then run
make and make install to compile the program:
#make
#make install
Update the cache of installed libraries.
# ldconfig
Test
Server
#/etc/init.d/guacd
start
Starting guacd: guacd: INFO: Guacamole proxy daemon (guacd) version
0.9.9 started
SUCCESS
Installing Guacamole Client
After completing the above steps, the guacamole server will have been installed. The following instructions will now help you to set up guacd (the proxy daemon that integrates JavaScript with communication protocols such as RDP or SSH) and guacamole.war (the client), the component that makes up the final HTML5 application that will be presented to you.
Note that both components (guacamole server and client) need to be installed on the same machine – there is no need to install a so-called client on the machines you want to connect to).
Goto directory where you have downloaded “guacamole-0.9.9.war” cp to WebServer folder.
Note: Depending on your distribution, the Tomcat libraries directory may be located at /var/lib/tomcat
#pwd
/usr/src/guacamole-server/
#cp guacamole-0.9.9.war /var/lib/tomcat7/webapps/ (note:try also by renaming guacamole-0.9.9 file)
#cd /var/lib/tomcat7/webapps/
#mv guacamole-0.9.9.war guacamole
Create the configuration file (/etc/guacamole/guacamole.properties). This file contains the instructions for Guacamole to connect to guacd:
# mkdir /etc/guacamole
# mkdir /usr/share/tomcat/.guacamole
Insert the following contents to /etc/guacamole/guacamole.properties. Note that we are referencing a file we will create in the next step (/etc/guacamole/user-mapping.xml):
#vi /etc/guacamole/guacamole.properties
#######*****************************************************#########
guacd-hostname: localhost
guacd-port: 4822
user-mapping: /etc/guacamole/user-mapping.xml
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
basic-user-mapping: /etc/guacamole/user-mapping.xml
#######*****************************************************#########
Save and close the file
Create a file and insert the following contents to /etc/guacamole/user-mapping.xml.
#vi /etc/guacamole/user-mapping.xml
#######*****************************************************#########
<user-mapping>
<authorize
username="root"
password="P@ssw0rd@123">
<connection name="BigDataSRVR - RDP">
<protocol>rdp</protocol>
<param name="hostname">localhost</param>
<param name="port">3389</param>
<param name="username">root</param>
<param name="password">P@ssw0rd@123</param>
</connection>
</authorize>
</user-mapping>
#######*****************************************************#########
Save and close the file
And create a symbolic link for Tomcat to be able to read the file:
# ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat7/.guacamole/
As it is the case with all files that contain sensitive information, it is important to restrict the permissions and change the ownership of the user-mapping.xml file:
# chmod 600 /etc/guacamole/user-mapping.xml
# chown tomcat7:tomcat7 /etc/guacamole/*
# chown -R tomcat7:tomcat7 /var/lib/tomcat7/webapps/
Start Tomcat and guacd.
# service tomcat start
# service guacd start
Launching the Guacamole Web Interface
To access the Guacamole web interface, launch a browser and point it to http://your ip:8080/guacamole where server is the hostname or IP address of your server (username: root, password: P@ssw0rd@123):
Suppose if we want to access our linux server without guacamole authentication,we can also do it.
Disabling Authentication:
Important
The security implications of this should be obvious - anyone with access to your Guacamole instance will have access to your remote desktops. If you wish to effectively disable authentication using NoAuth, do so with caution.
Downloading the NoAuth extension
Download the NoAuth authentication extension is packaged as a .tar.gz file containing:
#cd /usr/src/guacamole-server/
#wget http://downloads.sourceforge.net/project/guacamole/current/extensions/guacamole-auth-noauth-0.9.9.tar.gz
#tar xzf guacamole-auth-noauth-0.9.9.tar.gz
#cd guacamole-auth-noauth-0.9.9
Installing the NoAuth extension
#pwd
/usr/src/guacamole-server/guacamole-auth-noauth-0.9.9
#cp guacamole-auth-noauth-0.9.9.jar /var/lib/tomcat7/webapps/guacamole/WEB-INF/lib/
Configuring Guacamole for NoAuth
An additional property must be added to guacamole.properties such that Guacamole will load the NoAuth extension and locate its configuration file.
#vi /etc/guacamole/guacamole.properties
#######*****************************************************#########
# Guacamole - Clientless Remote Desktop
# Copyright (C) 2010 Michael Jumper
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# Hostname and port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822
# Auth provider class (authenticates user/pass combination, needed if using the provided login screen)
#user-mapping: /etc/guacamole/user-mapping.xml
#auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
#basic-user-mapping: /etc/guacamole/user-mapping.xml
# Auth provider class
auth-provider: net.sourceforge.guacamole.net.auth.noauth.NoAuthenticationProvider
# NoAuth properties
noauth-config: /etc/guacamole/noauth-config.xml
#######*****************************************************#########
Save and close the file
Create the NoAuth configuration file and insert the following contents
#vi /etc/guacamole/noauth-config.xml
#######*****************************************************#########
<configs>
<config name="BigDataSRVR-RDP" protocol="rdp">
<param name="hostname" value="localhost" />
<param name="port" value="3389" />
<param name="username" value="root" />
<param name="password" value="P@ssw0rd@123" />
</config>
</configs>
#######*****************************************************#########
Save and close the file
Completing the installation
Once you are done with all the above configuration, restart tomcat and guacd service.
#service tomcat7 start / restart
#service guacd start / restart
Make the above service start on reboot.
#chkconfig tomcat7 on
#chkconfig guacd on
Or
#systemctl enable tomcat7
#systemctl enable guacd
Now your server is ready to access to NOAUTHENTICATION using WEB URL
Before that make sure your server has proper Desktop Packages installed with XRDP enabled