Hello, friends in this post, you will learn how to install and configure Apache Guacamole in Debian 10. It will be a step by step guide where you can get the same result as me.
According to the official website of Apache Guacamole:
Apache Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH. We call it clientless because no plugins or client software are required. Thanks to HTML5, once Guacamole is installed on a server, all you need to access your desktops is a web browser.
So Guacamole’s main use is as a client for server administration. Therefore it is quite useful in the case of remote work.
The installation and configuration of Apache Guacamole takes a few steps but is not complicated.
So, let’s get started
Install and configure Apache Guacamole on Debian 10
Apache Guacamole Installation
We will be able to install Apache Guacamole from the previously compiled binaries. However, it is necessary to compile it from the source code to set a parameter.
On the other hand, compiling a program from the source code is a good way to make it more stable and to get the latest version available.
So, start a terminal session and install the necessary packages for the compilation.
sudo apt install build-essential libcairo2-dev libjpeg62-turbo-dev libpng-dev libtool-bin libossp-uuid-dev libvncserver-dev freerdp2-dev libssh2-1-dev libtelnet-dev libwebsockets-dev libpulse-dev libvorbis-dev libwebp-dev libssl-dev libpango1. 0-dev libswscale-dev libavcodec-dev libavutil-dev libavformat-dev
Once you have the necessary packages, you can download the Apache Guacamole code. At the time of writing this post, the latest stable version is 1.2.0
wget -c http://mirrors.advancedhosters.com/apache/guacamole/1.2.0/source/guacamole-server-1.2.0.tar.gz --2020-10-21 13:45:26-- http://mirrors.advancedhosters.com/apache/guacamole/1.2.0/source/guacamole-server-1.2.0.tar.gz Resolving mirrors.advancedhosters.com (mirrors.advancedhosters.com)… 213.174.147.249, 2a02:b48:6:1::2 Connecting to mirrors.advancedhosters.com (mirrors.advancedhosters.com)|213.174.147.249|:80… connected. HTTP request sent, awaiting response… 200 OK Length: 1048759 (1.0M) [application/octet-stream] Saving to: 'guacamole-server-1.2.0.tar.gz' guacamole-server-1.2.0.tar.gz 100%[=====================================================================================>] 1.00M 334KB/s in 3.1s 2020-10-21 13:45:31 (334 KB/s) - 'guacamole-server-1.2.0.tar.gz' saved [1048759/1048759]
Then, use the tar command to decompress it and access the folder that is created
tar -xvf guacamole-server-1.2.0.tar.gz
cd guacamole-server-1.2.0
Now it is time to configure the package by entering an init directory.
./configure --with-init-dir=/etc/init.d
And do the compilation:
make
And now the installation.
sudo make install
Once installed, it refreshes the system libraries by running
sudo ldconfig
It also refreshes the services of the system and systemd to ensure that Guacamole is present.
sudo systemctl daemon-reload
Now start the service and check the status of the service.
sudo systemctl start guacd.service sudo systemctl status guacd.service ● guacd.service - LSB: Guacamole proxy daemon Loaded: loaded (/etc/init.d/guacd; generated) Active: active (running) since Wed 2020-10-21 13:51:15 EDT; 11s ago Docs: man:systemd-sysv-generator(8) Process: 21978 ExecStart=/etc/init.d/guacd start (code=exited, status=0/SUCCESS) Tasks: 1 (limit: 893) Memory: 10.7M CGroup: /system.slice/guacd.service └─21981 /usr/local/sbin/guacd -p /var/run/guacd.pid Oct 21 13:51:15 osradar systemd[1]: Starting LSB: Guacamole proxy daemon… Oct 21 13:51:15 osradar guacd[21979]: Guacamole proxy daemon (guacd) version 1.2.0 started Oct 21 13:51:15 osradar guacd[21978]: Starting guacd: guacd[21979]: INFO: Guacamole proxy daemon (guacd) version 1.2.0 started Oct 21 13:51:15 osradar guacd[21978]: SUCCESS Oct 21 13:51:15 osradar systemd[1]: Started LSB: Guacamole proxy daemon. Oct 21 13:51:15 osradar guacd[21981]: Listening on host 127.0.0.1, port 4822
As you can see from the screen output of the command, Apache Guacamole is installed and running correctly.
2.- Install the Apache Guacamole Client
The Apache Guacamole web client is a marvel but it is made with Java technology. Therefore you have to install a Java Servlet like Tomcat.
sudo apt install tomcat9 tomcat9-admin tomcat9-common tomcat9-user
After the installation, you can download the Apache Guacamole web application with the wget command. Again, at the time of writing this post, the latest version is 1.2.0
cd wget https://downloads.apache.org/guacamole/1.2.0/binary/guacamole-1.2.0.war --2020-10-21 14:11:41-- https://downloads.apache.org/guacamole/1.2.0/binary/guacamole-1.2.0.war Resolving downloads.apache.org (downloads.apache.org)… 88.99.95.219, 2a01:4f8:10a:201a::2 Connecting to downloads.apache.org (downloads.apache.org)|88.99.95.219|:443… connected. HTTP request sent, awaiting response… 200 OK Length: 12249847 (12M) Saving to: 'guacamole-1.2.0.war' guacamole-1.2.0.war 100%[=====================================================================================>] 11.68M 24.6KB/s in 11m 27s 2020-10-21 14:23:10 (17.4 KB/s) - 'guacamole-1.2.0.war' saved [12249847/12249847]
Now, move the downloaded file to the Tomcat folder to install it. Take advantage of the opportunity, to rename it to a simpler name like guacamole.war
sudo mv guacamole-1.2.0.war /var/lib/tomcat9/webapps/guacamole.war
And to implement the changes, restart the services of Tomcat and Guacamole.
sudo systemctl restart tomcat9 guacd
3.- Configuring Apache Guacamole on Debian10
Now we have to make some configurations before using Apache Guacamole. To do this, create the configuration folder:
sudo mkdir /etc/guacamole/
And also the configuration file which for now will not be very extensive:
sudo nano /etc/guacamole/guacamole.properties
And add the following:
guacd-hostname: localhost
guacd-port: 4822
auth-provider: net.sourceforge.guacamole.net basic.BasicFileAuthenticationProvider
basic-user-mapping: /etc/guacamole/user-mapping.xml
In this file, you can change the value of the port. Although we will leave it with the default.
Save the changes and close the editor.
Now we have to generate a hash code for a password that we define. To do this, execute the following command:
echo -n [your-password] | openssl md5
In my case:
echo -n osradar123 | openssl md5
This will generate a screen output similar to this one:
f5779e76981e3a855340255d1dd9da12
As you can see in the previously created configuration file, other settings are defined and stored in the file /etc/guacamole/user-mapping.xml
So, create it
sudo nano /etc/guacamole/user-mapping.xml
And adds the following content:
<user-mapping>
!-- Per-user authentication and config information -->
<authorize
<username="username"
< password="md5code"
<encoding="md5">
<connection name="default">
<protocol>vnc</protocol>
<param name="hostname">localhost</param>
<param name="port">5901</param>
<param name="password">vnc_password</param>
</connection>
</authorize>
</user-mapping>
Then save the changes, close the file, and apply the changes restarting the Apache Guacamole and Tomcat services.
sudo systemctl restart tomcat9 guacd
4.- Install TigerVNC
On Linux, we have many applications that use the VNC protocol but we will opt for TigerVNC
So, install it with the following command:
sudo apt install tigervnc-standalone-server
Then I start with this one:
vncserver
During the execution of the command you will be asked to set the password that VNC will use.
Now go back to the /etc/guacamole/user-mapping.xml file and in the vncpassword field type the one you defined.
Apply the changes by restarting the services:
sudo systemctl restart tomcat9 guacd
As TigerVNC is not distributed as a systemd service, it is advisable to create a new entry manually:
sudo nano /etc/systemd/system/[email protected]
And add the following:
[Unit] Description=a wrapper to launch an X server for VNC After=syslog.target network.target [Service] Type=forking User=angelo Group=angelo WorkingDirectory=/home/angelo ExecStartPre=-/usr/bin/vncserver -kill :%i > /dev/null 2>&1 ExecStart=/usr/bin/vncserver -depth 24 -geometry 1280x800 -localhost :%i ExecStop=/usr/bin/vncserver -kill :%i [Install] WantedBy=multi-user.target
Remember to change the values for User, Group and WorkingDirectory
Save the changes and close the editor.
Then, close the X session that TigerVNC started when you started it.
vncserver -kill :1
And now, start the service using the systemctl command.
sudo systemctl start [email protected]
Enable it to start with the system:
sudo systemctl enable [email protected]
And check the status of the service:
sudo systemctl status [email protected] ● [email protected] - a wrapper to launch an X server for VNC Loaded: loaded (/etc/systemd/system/[email protected]; disabled; vendor preset: enabled) Active: active (running) since Wed 2020-10-21 14:54:39 EDT; 3s ago Process: 25142 ExecStartPre=/usr/bin/vncserver -kill :1 > /dev/null 2>&1 (code=exited, status=0/SUCCESS) Process: 25147 ExecStart=/usr/bin/vncserver -depth 24 -geometry 1280x800 -localhost :1 (code=exited, status=0/SUCCESS) Tasks: 7 (limit: 893) Memory: 33.6M CGroup: /system.slice/system-vncserver.slice/[email protected] ├─25155 /usr/bin/Xtigervnc :1 -desktop osradar:1 (angelo) -auth /home/angelo/.Xauthority -geometry 1280x800 -depth 24 -rfbwait 30000 -rfbauth /home/angelo/.vn ├─25158 /usr/bin/perl /usr/bin/vncserver -depth 24 -geometry 1280x800 -localhost :1 ├─25159 /bin/sh /etc/X11/Xvnc-session ├─25160 vncconfig -iconic ├─25161 xterm -class UXTerm -title uxterm -u8 ├─25184 /usr/bin/ssh-agent x-terminal-emulator └─25190 bash Oct 21 14:54:36 osradar systemd[1]: Starting a wrapper to launch an X server for VNC… Oct 21 14:54:36 osradar vncserver[25147]: New 'osradar:1 (angelo)' desktop at :1 on machine osradar Oct 21 14:54:36 osradar vncserver[25147]: Starting applications specified in /etc/X11/Xvnc-session Oct 21 14:54:36 osradar vncserver[25147]: Log file is /home/angelo/.vnc/osradar:1.log Oct 21 14:54:36 osradar vncserver[25147]: Use xtigervncviewer -SecurityTypes VncAuth,TLSVnc -passwd /home/angelo/.vnc/passwd osradar:1 to connect to the VNC server. Oct 21 14:54:39 osradar systemd[1]: Started a wrapper to launch an X server for VNC.
So, everything is ready.
Now all you have to do is open your web browser and go to http://your-server/guacamole/ and you will see the login page.
So, Gucamole is ready.
Conclusion
Apache Guacamole is a very useful application in these times of pandemic. Because with this server we will be able to access the advantages of remote administration of a cloud server. Everything in a safe and fast way.
So, share this post and join our Telegram channel and our Facebook page. Also, buy us a coffee 😉
