Nov
11

Installing Apache Guacamole on Ubuntu 20.04

11/11/2022 12:00 AM by Publisher in Web_development

Install Guacamole Server

Install all required dependencies

sudo apt install build-essential libcairo2-dev libjpeg-turbo8-dev

sudo apt install libpng-dev libtool-bin libossp-uuid-dev libvncserver-dev

sudo apt install freerdp2-dev libssh2-1-dev libtelnet-dev libwebsockets-dev

sudo apt install libpulse-dev libvorbis-dev libwebp-dev libssl-dev

sudo apt install libpango1.0-dev libswscale-dev libavcodec-dev libavutil-dev

sudo apt install libavformat-dev

 Download the Guacamole source code

wget https://downloads.apache.org/guacamole/1.4.0/source/guacamole-server-1.4.0.tar.gz

 Extract the file and navigate to its directory.

tar -xvf guacamole-server-1.4.0.tar.gz
cd guacamole-server-1.4.0

 Build the Guacamole Server using the downloaded source files.

sudo ./configure --with-init-dir=/etc/init.d --enable-allow-freerdp-snapshots
sudo make
sudo make install

Update installed library cache and reload systemd

sudo ldconfig
sudo systemctl daemon-reload 

  Start guacd 

sudo systemctl start guacd
sudo systemctl enable guacd

 

Create a directory to store Guacamole configuration files and extensions. These directories are used in later steps.

sudo mkdir -p /etc/guacamole/{extensions,lib}

 

Install Guacamole Web App

Install Apache Tomcat

sudo apt install tomcat9 tomcat9-admin tomcat9-common tomcat9-user

 

Download the Guacamole Client

wget https://downloads.apache.org/guacamole/1.4.0/binary/guacamole-1.4.0.war

 

Move the client to the Tomcat web directory.

sudo mv guacamole-1.4.0.war /var/lib/tomcat9/webapps/guacamole.war

 

Restart both Apache Tomcat and Guacd.

sudo systemctl restart tomcat9 guacd

 

Setting up Database Authentication

Install either MariaDB on your system.

sudo apt install mariadb-server

 Run the following command to perform the initial security configuration:

 

sudo mysql_secure_installation

Before populating the database, install the MySQL Connector/J library and Guacamole JDBC authenticator plugin.

 

wget https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-8.0.26.tar.gz
tar -xf mysql-connector-java-8.0.26.tar.gz
sudo cp mysql-connector-java-8.0.26/mysql-connector-java-8.0.26.jar /etc/guacamole/lib/
wget https://downloads.apache.org/guacamole/1.4.0/binary/guacamole-auth-jdbc-1.4.0.tar.gz
tar -xf guacamole-auth-jdbc-1.4.0.tar.gz
sudo mv guacamole-auth-jdbc-1.4.0/mysql/guacamole-auth-jdbc-mysql-1.4.0.jar /etc/guacamole/extensions/

Log in to mysql as the root user.

mariadb -u root -p 

If you get  error message "Access denied for user 'root'@'localhost'

  1. Open and edit /etc/mysql/mariadb.conf.d/50-server.cnf
  2. Add skip-grant-tables under [mysqld]
  3. Restart MySQL - sudo service restart mariadb
  4. You should be able to log in to MySQL now using the below command mariadb -u root -p
  5. Run mysql> flush privileges;
  6. Set new password by ALTER USER 'root'@'localhost' IDENTIFIED BY 'NewPassword';
  7. Go back to /etc/mysql/mariadb.conf.d/50-server.cnf and remove/comment skip-grant-tables
  8. Restart MySQL - sudo service restart mariadb
  9. Now you will be able to login with the new password mariadb -u root -p

Log in to mysql again as the root user. Now the prompt should change to mysql>

While in the mysql prompt, change the root password, create a database, and create a new user for that database. When running the below commands, replace any instance of password with a secure password string for the mysql root user and the new user for your database, respectively.

ALTER USER 'root'@'localhost' IDENTIFIED BY 'password';
CREATE DATABASE guacamoleDB;
CREATE USER 'guacamoleUSER'@'localhost' IDENTIFIED BY 'password';
GRANT SELECT,INSERT,UPDATE,DELETE ON guacamoleDB.* TO 'guacamoleUSER'@'localhost';
FLUSH PRIVILEGES;

 

  Exit the MySQL prompt by typing quit

Locate the scheme files in the extracted directory for the JDBC plugin.

cd guacamole-auth-jdbc-1.3.0/mysql/schema

Import those sql schema files into the MySQL database.

cat *.sql | mysql -u root -p guacamoleDB

Create the properties file for Guacamole.

sudo nano /etc/guacamole/guacamole.properties 

Paste in the following configuration settings, replacing [password] with the password of the new guacamole_user that you created for the database.

# MySQL properties
mysql-hostname: 127.0.0.1
mysql-port: 3306
mysql-database: guacamoleDB
mysql-username: guacamoleUSER
mysql-password: [password]

Restart all related services. 

sudo systemctl restart tomcat9 guacd mariadb

 

Access Guacamole in a Browser

Apache Guacamole should now be accessible through a web browser.

Open your preferred web browser on your local computer.

Navigate to the URL: [ip]:8080/guacamole, replacing *[ip] with the IP address of your machine. This will display the login prompt.  

Enter guacadmin as the username and guacadmin as the password. Then click Login.

Before continuing with configuring Guacamole, it’s recommended that you create a new admin account and delete the original.

  1. Click the guacadmin user dropdown menu on the top right and select Settings.

  2. Navigate to the Users tab and click the New User button.

  3. Under the Edit User section, enter your preferred username and a secure password.

  4. Under the Permissions section, check all the permissions.

  5. Click Save to create the new user.

  6. Log out of the current user and log in as the newly created user.

  7. Click your username on the top left and select Settings from the dropdown menu.

  8. Navigate to the Users tab and click the guacadmin user.

  9. At the bottom of the Edit User screen, click Delete to remove the default user.

 

To test Guacamole, let’s create an new connection in Guacamole that opens up an SSH connection to the server.

After logging in to Guacamole, click your username on the top left and select Settings from the dropdown menu.

Navigate to the Connections tab and click New Connection.

Under Edit Connection, enter a name for your new connection (such as “Guacamole SSH”) and select SSH as the Protocol.

Under Parameters, enter your IP address as the Hostname, 22 as the Port, your username as the Username and your user’s password as the Password. Other parameters as available if you wish to edit the connection further.

Click Save to create the new connection.

Navigate back to your user’s home screen by clicking your username on the top left and select Home from the dropdown menu.

Click on the new connection under the All Connections list.

This should open up a terminal in your browser and automatically log you in to the server with the settings that you specified.

 

Source


leave a comment
Please post your comments here.