{"id":1068,"date":"2018-10-28T12:45:12","date_gmt":"2018-10-28T09:45:12","guid":{"rendered":"http:\/\/kifarunix.com\/?p=1068"},"modified":"2024-03-11T19:57:23","modified_gmt":"2024-03-11T16:57:23","slug":"how-to-setup-guacamole-web-based-remote-desktop-access-tool-on-ubuntu-18-04","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/how-to-setup-guacamole-web-based-remote-desktop-access-tool-on-ubuntu-18-04\/","title":{"rendered":"Setup Guacamole Remote Desktop Access Tool on Ubuntu 18.04"},"content":{"rendered":"\n

Apache Guacamole is a clientless <\/strong>HTML5 web based remote desktop gateway that makes it easy to access remote servers and desktops through a web browser. It supports standard protocols like VNC, RDP, and SSH.<\/p>\n\n\n\n

In this tutorial, we are going to learn how to setup Guacamole web-based remote desktop access tool on Ubuntu 18.04 server and demonstrate how to access a remote Linux server as well as a remote windows 7 server.<\/p>\n\n\n\n

You might as well be interested in running the same setups in Debian 9.8. Check the link below;<\/p>\n\n\n\n

How to Install and Setup Guacamole on Debian 9.8<\/a><\/p>\n\n\n\n

How to Install and Configure Guacamole on Fedora 29<\/a><\/p>\n\n\n\n

Want to transfer files over Guacamole? Check our guide by following the link below;<\/p>\n\n\n\n

How to Enable RDP\/SSH File Transfer Over Guacamole<\/a><\/p>\n\n\n\n

Install and Setup Guacamole on Ubuntu 18.04<\/h2>\n\n\n\n

Installing Guacamole on Ubuntu 18.04<\/h3>\n\n\n\n

Guacamole is made up of two parts; guacamole-server<\/span><\/strong>, which provides the guacd<\/span> proxy<\/strong> and related libraries, and guacamole-client<\/span><\/strong> which provides the client to be served by the servlet container which is usually Tomcat<\/strong>.<\/p>\n\n\n\n

While guacamole-client<\/span> is available in binary form, the guacamole-server<\/span> must be built from source and therefore before we can proceed with installation, we need to first install all the required dependencies.<\/p>\n\n\n\n

Install Required Dependencies<\/h4>\n\n\n\n

Run the command below to install all the requires dependencies.<\/p>\n\n\n\n

apt install -y  gcc-6 g++-6 libcairo2-dev libjpeg-turbo8-dev libpng-dev \\\nlibossp-uuid-dev libavcodec-dev libavutil-dev libswscale-dev libfreerdp-dev \\\nlibpango1.0-dev libssh2-1-dev libvncserver-dev libssl-dev libvorbis-dev libwebp-dev<\/code><\/pre>\n\n\n\n
You can find a comprehensive description of all the required and the optional dependencies here<\/a>.<\/p>\n\n\n\n
Install Tomcat Servlet<\/h4>\n\n\n\n
Apache Tomcat is used to serve guacamole client content to users that connects to guacamole server via the web browser. To install Tomcat, run the command below;<\/p>\n\n\n\n
apt install tomcat8 tomcat8-admin tomcat8-common tomcat8-user -y<\/code><\/pre>\n\n\n\n
If UFW is running, allow Tomcat  through it.<\/p>\n\n\n\n
ufw allow 8080\nufw reload<\/code><\/pre>\n\n\n\n
Building guacamole-server<\/span> on Ubuntu 18.04<\/h4>\n\n\n\n
guacamole-server<\/span> contains all the native, server-side components required by Guacamole to connect to remote desktops. To build guacamole server, download the latest source code from Guacamole releases page<\/a>.<\/p>\n\n\n\n
Guacamole 0.9.14 is the latest release as of this writing. You can simply run the command below to download it;<\/p>\n\n\n\n
wget http:\/\/archive.apache.org\/dist\/guacamole\/0.9.14\/source\/guacamole-server-0.9.14.tar.gz<\/code><\/pre>\n\n\n\n
Once the download is done, extract and navigate to the source code directory as shown below.<\/p>\n\n\n\n
tar xzf guacamole-server-0.9.14.tar.gz \ncd guacamole-server-0.9.14<\/code><\/pre>\n\n\n\n
In the source directory, run the configure<\/code> script. This script will determine the libraries that are available on your system and will select the appropriate components for building guacamole server based on what is installed.<\/p>\n\n\n\n
You can also set the script to install a startup script for guacd<\/span> as shown below.<\/p>\n\n\n\n
.\/configure --with-init-dir=\/etc\/init.d<\/strong><\/code><\/pre>\n\n\n\n
If the script executes successfully, you should be able to see the output similar to the one shown below.<\/p>\n\n\n\n
...output snipped...<\/strong>\n------------------------------------------------\nguacamole-server version 0.9.14\n------------------------------------------------\n\n   Library status:\n\n     freerdp ............. yes\n     pango ............... yes\n     libavcodec .......... yes\n     libavutil ........... yes\n     libssh2 ............. yes\n     libssl .............. yes\n     libswscale .......... yes\n     libtelnet ........... no\n     libVNCServer ........ yes\n     libvorbis ........... yes\n     libpulse ............ no\n     libwebp ............. yes\n     wsock32 ............. no\n\n   Protocol support:\n\n      RDP ....... yes\n      SSH ....... yes\n      Telnet .... no\n      VNC ....... yes\n\n   Services \/ tools:\n\n      guacd ...... yes\n      guacenc .... yes\n\n   Init scripts: \/etc\/init.d\n\nType \"make\" to compile guacamole-server.<\/code><\/pre>\n\n\n\n
Now that the configure script has not complained, go ahead and compile the code as shown below;<\/p>\n\n\n\n
make CC=gcc-6\n...output cut..<\/strong>\nmake[2]: Leaving directory '\/home\/amos\/guacamole-server-0.9.14\/src\/guacenc'\nmake[2]: Entering directory '\/home\/amos\/guacamole-server-0.9.14'\nmake[2]: Nothing to be done for 'all-am'.\nmake[2]: Leaving directory '\/home\/amos\/guacamole-server-0.9.14'\nmake[1]: Leaving directory '\/home\/amos\/guacamole-server-0.9.14<\/code><\/pre>\n\n\n\n
Once the compilation is done, run make install<\/code> <\/strong>to install the components that were built.<\/p>\n\n\n\n
make install<\/code><\/pre>\n\n\n\n
Once the installation is done, run the ldconfig<\/code><\/strong> command to create the necessary links and cache to the most recent shared libraries found in the guacamole server directory.<\/p>\n\n\n\n
ldconfig<\/code><\/pre>\n\n\n\n
Start and enable guacd (Guacamole Daemon) to run on boot.<\/p>\n\n\n\n
systemctl enable guacd\nsystemctl start guacd<\/code><\/pre>\n\n\n\n
Installing Guacamole Client<\/h3>\n\n\n\n
guacamole-client<\/span> contains all Java and JavaScript components of Guacamole (guacamole<\/span>, guacamole-common<\/span>, guacamole-ext<\/span>, and guacamole-common-js<\/span>). These components make up the web application that will serve the HTML5 Guacamole client to users that connect to your server. This web application will then connect to guacd<\/span> on behalf of connected users in order to serve them any remote desktop they are authorized to access.<\/p>\n\n\n\n
In this tutorial, we are going to install the binary form of the guacamole-client. If you want to build it from the source code, see how to do so here<\/a>.<\/p>\n\n\n\n
To download the client, run the command below. You can check the latest version from the releases page<\/a>.<\/p>\n\n\n\n
wget http:\/\/archive.apache.org\/dist\/guacamole\/0.9.14\/binary\/guacamole-0.9.14.war<\/code><\/pre>\n\n\n\n
Deploying Guacamole Client<\/h4>\n\n\n\n
Once the download above is done, it is time to deploy Guacamole.<\/p>\n\n\n\n
Create Guacamole configuration directory<\/p>\n\n\n\n
mkdir \/etc\/guacamole<\/code><\/pre>\n\n\n\n
Move the download guacamole-client binary to the configuration file created above as shown below;<\/p>\n\n\n\n
mv guacamole-0.9.14.war \/etc\/guacamole\/guacamole.war<\/code><\/pre>\n\n\n\n
Create a symbolic link of the guacamole client to Tomcat webapps directory as shown below;<\/p>\n\n\n\n
ln -s \/etc\/guacamole\/guacamole.war \/var\/lib\/tomcat8\/webapps\/<\/code><\/pre>\n\n\n\n
Once the .war<\/code> file is in place, you may need to restart Tomcat to force Tomcat to deploy the new web application, and the guacd<\/span> daemon must be started if it isn’t running already<\/p>\n\n\n\n
systemctl restart tomcat8\nsystemctl restart guacd<\/code><\/pre>\n\n\n\n
Setup Guacamole on Ubuntu 18.04<\/h3>\n\n\n\n
Guacamole is now successfully installed even though in its current state, it is completely unconfigured, and further steps are required to add Guacamole users and a connections.<\/p>\n\n\n\n
Guacamole’s default authentication method reads all users and connections from a single file called user-mapping.xml<\/code>.<\/p>\n\n\n\n
Guacamole has two major configuration files; \/etc\/guacamole<\/code> which is referenced by the GUACAMOLE_HOME<\/code> environment variable and \/etc\/guacamole\/guacamole.properties<\/code> which is the main configuration file used by Guacamole and its extensions.<\/p>\n\n\n\n
Other guacamole configurations reside in \/etc\/guacamole\/extensions\/<\/code>and \/etc\/guacamole\/lib\/<\/code> directories. We therefore have to create these directories.<\/p>\n\n\n\n
mkdir \/etc\/guacamole\/{extensions,lib}<\/code><\/pre>\n\n\n\n
Add the guacamole home directory environment variable to tomcat8<\/code> configuration file.<\/p>\n\n\n\n
echo \"GUACAMOLE_HOME=\/etc\/guacamole\" >> \/etc\/default\/tomcat8<\/code><\/pre>\n\n\n\n
Define how Guacamole connects to guacd<\/h3>\n\n\n\n
To define how Guacamole connects to guacd<\/code>, create the guacamole.properties<\/code> file under \/etc\/guacamole with the following content.<\/p>\n\n\n\n
vim \/etc\/guacamole\/guacamole.properties<\/code><\/pre>\n\n\n\n
guacd-hostname: localhost\nguacd-port:    4822\nuser-mapping:    \/etc\/guacamole\/user-mapping.xml\nauth-provider:    net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider<\/code><\/pre>\n\n\n\n
After that, save the configuration file and link the Guacamole configurations to Tomcat servlet as shown below.<\/p>\n\n\n\n
ln -s \/etc\/guacamole \/usr\/share\/tomcat8\/.guacamole<\/code><\/pre>\n\n\n\n
Set the default authentication<\/h3>\n\n\n\n
Guacamole’s default authentication module consists of a mapping of usernames to configurations in an XML format, the user-mapping.xml<\/code> in this case. In this file, we will define the user allowed to access Guacamole web UI, the servers to connect to and the method of connection. Therefore, run the command below to create this file with the following contents.<\/p>\n\n\n\n
vim \/etc\/guacamole\/user-mapping.xml<\/code><\/pre>\n\n\n\n
<user-mapping>\n        \n    <!-- Per-user authentication and config information -->\n\n    <!-- A user using md5 to hash the password\n         amos user and its md5 hashed password below is used to <\/strong>\n             login to Guacamole Web UI<\/strong>-->\n    <authorize \n            username=\"amos\"\n            password=\"d6a6bc0db10694a2d90e3a69648f3a03\"\n            encoding=\"md5\">\n\n        <!-- First authorized connection -->\n        <connection name=\"Ubuntu-Server\">\n            <protocol>ssh<\/protocol>\n            <param name=\"hostname\">192.168.43.154<\/param>\n            <param name=\"port\">22<\/param>\n            <param name=\"username\">mibey<\/param>\n        <\/connection>\n\n        <!-- Second authorized connection -->\n        <connection name=\"Windows 7\">\n            <protocol>rdp<\/protocol>\n            <param name=\"hostname\">192.168.43.218<\/param>\n            <param name=\"port\">3389<\/param>\n            <param name=\"username\">mibeyki<\/param>\n        <\/connection>\n\n    <\/authorize>\n\n<\/user-mapping><\/code><\/pre>\n\n\n\n
To generate md5 hash for the password, run either of the commands below;<\/p>\n\n\n\n
echo -n password | openssl md5<\/code><\/pre>\n\n\n\n
printf '%s' password | md5sum<\/code><\/pre>\n\n\n\n
Be sure to replace password<\/strong> with your strong password.<\/p>\n\n\n\n
Restart both Tomcat and guacd to effect the changes.<\/p>\n\n\n\n
systemctl restart tomcat8\nsystemctl restart guacd<\/code><\/pre>\n\n\n\n
Verify the Setup<\/h3>\n\n\n\n
Now that we have done almost all the configurations, it is time to test it up. To access the Guacamole web interface. navigate to web browser and enter your url in the format, http:\/\/server-IP:8080\/guacamole<\/strong><\/code>.<\/p>\n\n\n\n
Want to run Guacamole in production with SSL\/TLS enabled? See our guide on how to configure Guacamole SSL\/TLS with Nginx Reverse Proxy using the link below;<\/p>\n\n\n\n
Configure Guacamole SSL\/TLS with Nginx Reverse Proxy<\/a><\/p>\n\n\n\n
If everything is okay, you should see a login prompt as shown in the screenshot below.<\/p>\n\n\n\n
\"Setup
guacamole-web-ui-login<\/figcaption><\/figure>\n\n\n\n
Enter your username and password set above and login to Guacamole Dashboard.<\/p>\n\n\n\n
\"\"
guacamole-web-dashboard<\/figcaption><\/figure>\n\n\n\n
There you go.<\/p>\n\n\n\n
To login to any of the servers, just click on it and you will be prompted to enter the password for the user defined in the user-mapping.xml<\/code>.<\/p>\n\n\n\n
For example to login to Ubuntu server, click on it, enter password at for user mibey at prompt and there you are, inside Ubuntu server. See the screenshot below.<\/p>\n\n\n\n
\"\"
guacamole-web-login-to-ubuntu<\/figcaption><\/figure>\n\n\n\n
To login to Windows 7 system, see below demo.<\/p>\n\n\n\n
\"guacamole-rdp-login\"<\/a>
guacamole-rdp-login<\/figcaption><\/figure>\n\n\n\n
You have now successfully installed Guacamole Web based Remote desktop access tool.<\/p>\n\n\n\n
That concludes our guide on how to install and setup Guacamole on Ubuntu 18.04 for accessing your remote devices via web browser.<\/p>\n\n\n\n
Are you looking for IT system administration jobs? Please check them here<\/a>.<\/p>\n\n\n\n
Reference:<\/p>\n\n\n\n
Apache Guacamole website<\/a><\/p>\n\n\n\n
You can check our other articles for Ubuntu 18.04 by following the links below;<\/p>\n\n\n\n
How to Install Acutenix on Ubuntu 18.04<\/a><\/p>\n\n\n\n
How to Install and Use WPScan WordPress Vulnerability Scanner Ubuntu 18.04<\/a><\/p>\n\n\n\n
How to Install and Setup OpenVAS 9 Vulnerability Scanner on Ubuntu 18.04<\/a><\/p>\n\n\n\n
How to Install and Use Nikto Web Scanner on Ubuntu 18.04<\/a><\/p>\n\n\n\n
How to Install and Configure Nessus Scanner on Ubuntu 18.04\/CentOS 7<\/a><\/p>\n\n\n\n
 <\/p>\n","protected":false},"excerpt":{"rendered":"
Apache Guacamole is a clientless HTML5 web based remote desktop gateway that makes it easy to access remote servers and desktops through a web browser.<\/p>\n","protected":false},"author":1,"featured_media":8461,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"footnotes":""},"categories":[214,121],"tags":[1474,215,1473,1472,216,67],"class_list":["post-1068","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-remote-desktop","category-howtos","tag-apache-guacamole-ubuntu-18-04","tag-guacamole","tag-guacamole-ubuntu-18-04","tag-install-guacamole-ubuntu-18-04","tag-rdp","tag-ubuntu-18-04","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50","resize-featured-image"],"_links":{"self":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/1068"}],"collection":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/comments?post=1068"}],"version-history":[{"count":21,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/1068\/revisions"}],"predecessor-version":[{"id":21022,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/1068\/revisions\/21022"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media\/8461"}],"wp:attachment":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media?parent=1068"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/categories?post=1068"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/tags?post=1068"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}