I will show you How to create a clientless remote desktop gateway server-free and easy way.
#Install Guacamole Server in ubuntu
Apache Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH.
Install Guacamole Server
Step 1: Server Preparation
Log in to the Compute Instance over SSH or Lish.Install all required dependencies. For Debian users, replace libjpeg-turbo8-dev with libjpeg62-turbo-dev.
sudo apt update
sudo apt install build-essential libcairo2-dev libjpeg-turbo8-dev \
libpng-dev libtool-bin libossp-uuid-dev libvncserver-dev \
freerdp2-dev libssh2-1-dev libtelnet-dev libwebsockets-dev \
libpulse-dev libvorbis-dev libwebp-dev libssl-dev \
libpango1.0-dev libswscale-dev libavcodec-dev libavutil-dev \
libavformat-dev
Download the Guacamole source code
wget https://downloads.apache.org/guacamole/1.3.0/source/guacamole-server-1.3.0.tar.gz
Extract the file and navigate to its directory.
tar -xvf guacamole-server-1.3.0.tar.gz
cd guacamole-server-1.3.0
Build the Guacamole Server using the downloaded source files.
sudo ./configure --with-init-dir=/etc/init.d --enable-allow-freerdp-snapshots
sudo make
sudo make install
Update installed library cache and reload system
sudo ldconfig
sudo systemctl daemon-reload
Start guacd
sudo systemctl start guacd
sudo systemctl enable guacd
Create a directory to store Guacamole configuration files and extensions. These directories are used in later steps.
sudo mkdir -p /etc/guacamole/{extensions,lib}
Step 2: Install Apache Tomcat
Install Apache Tomcat
In this step, we are going to install the Apache Tomcat Java servlet container which will run the Guacamole Java war file and thus serves the Guacamole java client. Since it is in Java, we will have to get Java installed first.
sudo apt install openjdk-11-jdk
sudo apt install tomcat9 tomcat9-admin tomcat9-common tomcat9-user
Download the Guacamole Client
Download the Guacamole Client
wget https://downloads.apache.org/guacamole/1.3.0/binary/guacamole-1.3.0.war
Move the client to the Tomcat web directory.
Move the client to the Tomcat web directory.
sudo mv guacamole-1.3.0.war /var/lib/tomcat9/webapps/guacamole.war
Restart both Apache Tomcat and Guacd.
Restart both Apache Tomcat and Guacd.
sudo systemctl restart tomcat9 guacd
Step 3: Setting up Database Authentication
While Apache Guacamole does support basic user authentication via a user-mapping.xml file, it should only be used for testing. For this guide, we will use production-ready database authentication through MySQL/MariaDB.
Install either MySQL or MariaDB on your system.
Step 3: Setting up Database Authentication
While Apache Guacamole does support basic user authentication via a user-mapping.xml file, it should only be used for testing. For this guide, we will use production-ready database authentication through MySQL/MariaDB.
Install either MySQL or MariaDB on your system.
sudo apt install mariadb-server
Run the following command to perform the initial security configuration:
Run the following command to perform the initial security configuration:
sudo mysql_secure_installation
Before populating the database, install the MySQL Connector/J library and Guacamole JDBC authenticator plugin.
Before populating the database, install the MySQL Connector/J library and Guacamole JDBC authenticator plugin.
Download the JDBC auth plugin for Apache Guacamole. This file can be found on http://guacamole.apache.org/releases/ by selecting the release version and then locating the “JDBC” file.
wget https://downloads.apache.org/guacamole/1.3.0/binary/guacamole-auth-jdbc-1.3.0.tar.gz
Extract the tar file and copy it to /etc/guacamole/extensions/.
Extract the tar file and copy it to /etc/guacamole/extensions/.
tar -xf guacamole-auth-jdbc-1.3.0.tar.gz
sudo mv guacamole-auth-jdbc-1.3.0/mysql/guacamole-auth-jdbc-mysql-1.3.0.jar/etc/guacamole/extensions/
Log in to mysql as the root user.
Log in to mysql as the root user.
mysql -u root -p
The prompt should change again to mysql>.
While in the MySQL prompt, change the root password, create a database, and create a new user for that database. When running the below commands, replace any instance of password with a secure password string for the MySQL root user and the new user for your database, respectively.
The prompt should change again to mysql>.
While in the MySQL prompt, change the root password, create a database, and create a new user for that database. When running the below commands, replace any instance of password with a secure password string for the MySQL root user and the new user for your database, respectively.
ALTER USER 'root'@'localhost' IDENTIFIED BY 'password';
CREATE DATABASE guacamole_db;
CREATE USER 'guacamole_user'@'localhost' IDENTIFIED BY 'password';
GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole_db.* TO 'guacamole_user'@'localhost';
FLUSH PRIVILEGES;
Exit the MySQL prompt by typing quit.
Locate the scheme files in the extracted directory for the JDBC plugin.
Exit the MySQL prompt by typing quit.
Locate the scheme files in the extracted directory for the JDBC plugin.
cd guacamole-auth-jdbc-1.3.0/mysql/schema
Import those SQL schema files into the MySQL database.
Import those SQL schema files into the MySQL database.
cat *.sql | mysql -u root -p guacamole_db
Create the properties file for Guacamole.
Create the properties file for Guacamole.
sudo nano /etc/guacamole/guacamole.properties
Paste in the following configuration settings, replacing [password] with the password of the new guacamole_user that you created for the database.
Paste in the following configuration settings, replacing [password] with the password of the new guacamole_user that you created for the database.
# MySQL properties
mysql-hostname: 127.0.0.1
mysql-port: 3306
mysql-database: guacamole_db
mysql-username: guacamole_user
mysql-password: [password]
guacd-hostname: localhost
guacd-port: 4822
user-mapping: /etc/guacamole/user-mapping.xml
Restart all related services.
Restart all related services.
sudo systemctl restart tomcat9 guacd mysql
You’ll also want to set the guacamole home directory environment variable in /etc/default/tomcat9 configuration file.
sudo sh -c "echo 'GUACAMOLE_HOME=/etc/guacamole' >> /etc/default/tomcat9"
After that, create a user-mapping.xml file. This file will contain settings to access the web portal.
You’ll need a password hash for the user-mapping configuration. To generate a password, use the commands below.
echo -n type_your_password | openssl md5
Replace type_your_password with your real password. That should out a password hash. Copy the hash value to use in the config below.
After that, create a user-mapping.xml file. This file will contain settings to access the web portal.
You’ll need a password hash for the user-mapping configuration. To generate a password, use the commands below.
echo -n type_your_password | openssl md5
Replace type_your_password with your real password. That should out a password hash. Copy the hash value to use in the config below.
(stdin)= 36879e235d55b4d4e23789a4798ee37a8d
Next, run the commands below to create a new user-mapping.xml
sudo nano /etc/guacamole/user-mapping.xml
Then copy and paste the content below into the file and save.
<user-mapping>
<authorize
username="admin"
password="36160e235d67eb4d4e234r449a4798ee37a8d"
encoding="md5">
<connection name="Ubuntu20.04-Server">
<protocol>ssh</protocol>
<param name="hostname">192.168.1.2</param>
<param name="port">22</param>
<param name="username">root</param>
</connection>
<connection name="Windows Server">
<protocol>rdp</protocol>
<param name="hostname">192.168.2.3</param>
<param name="port">3389</param>
</connection>
</authorize>
</user-mapping>
Save and exit.
Next, restart Tomcat and Guacamole services to apply the changes.
sudo systemctl restart tomcat9sudo systemctl restart guacd
Access Guacamole in a Browser
Apache Guacamole should now be accessible through a web browser.
Open your preferred web browser on your local computer.
Navigate to the URL: [IP Address]:8080/guacamole, replacing *[IP Address] with the IP address of your Linode. This will display the login prompt.
Apache Guacamole should now be accessible through a web browser.
Open your preferred web browser on your local computer.
Navigate to the URL: [IP Address]:8080/guacamole, replacing *[IP Address] with the IP address of your Linode. This will display the login prompt.
0 মন্তব্যসমূহ