If you also need to learn how to transfer files over Guacamole, check our tutorial here;<\/p>\n
- \n
- How to Enable RDP\/SSH File Transfer Over Guacamole<\/a><\/li>\n<\/ul>\n
Install and Configure Guacamole on Fedora 29<\/h2>\n
The installation covers installation and setup of
Guacamole-server<\/code> as wellGuacamole client<\/code>. Guacamole server (guacd<\/code>) provides contains all the required server-side components required by Guacamole to connect to remote desktops. Guacamole-client on the other hand provides all the all Java and JavaScript components of Guacamole that make up the web application which serves the HTML5 Guacamole client to users that connect to Guacamole server.
\n<\/span><\/p>\nInstalling Guacamole Server on Fedora 29<\/h3>\n
Luckily, the latest release of the Guacamole server (v 0.9.14) is available on the default Fedora 29 repositories. Just power up your terminal and execute the following commands to install Guacamole server (guacd) and all the other required packages for the remote connection protocols that Guacamole server supports.<\/p>\n
Disable SELinux or set it up on permissive mode but be cautious of the repercussions of this. Otherwise, leave it on enforcing mode if at all you understand how it functions.<\/p>\n
sed -i 's\/=enforcing\/=permissive\/' \/etc\/selinux\/config\r\nsystemctl reboot -i<\/code><\/pre>\n
After that, proceed to install Guacamole server.<\/p>\n
dnf update\r\ndnf install guacd libguac-client-rdp libguac-client-ssh libguac-client-vnc libguac-client-telnet<\/code><\/pre>\n
Once the installation is done, start and enable Guacamole server (guacd) to run on system reboot.<\/p>\n
systemctl start guacd\r\nsystemctl enable guacd<\/code><\/pre>\n
By default, Guacamole server listens on TCP port 4822. You need to open this port on firewall.<\/p>\n
Installing Apache Tomcat<\/h3>\n
Once the server is installed, run the command below to install Tomcat Java servelet container that serves Guacamole client and all the required dependencies.<\/p>\n
dnf install tomcat tomcat-webapps<\/code><\/pre>\n
Start and enable Tomcat.<\/p>\n
systemctl start tomcat\r\nsystemctl enable tomcat<\/code><\/pre>\n
Apache Tomcat listens on TCP port 8080. Hence open access to this port on firewall by running the command below;<\/p>\n
firewall-cmd --permanent --add-port=8080\/tcp\r\nfirewall-cmd --reload<\/code><\/pre>\n
Verify that Tomcat is ready to server the client requests by navigating to the browser and entering the URL,
http:\/\/IP_Address:8080<\/code> and you should land on the Tomcat test page.<\/p>\nInstalling Guacamole Client on Fedora 29<\/h3>\n
The Guacamole client is available as a binary. To install it, just pull it from the Guacamole binaries downloads page<\/a> as shown below.<\/p>\n
wget https:\/\/sourceforge.net\/projects\/guacamole\/files\/current\/binary\/guacamole-0.9.14.war<\/code><\/pre>\n
To install the Guacamole client binary, just move it to the main configuration directory renaming it as follows.<\/p>\n
mv guacamole-0.9.14.war \/etc\/guacamole\/guacamole.war<\/code><\/pre>\n
After that, link the Guacamole client to Apache Tomcat webapps configuration directory.<\/p>\n
ln -s \/etc\/guacamole\/guacamole.war \/var\/lib\/tomcat\/webapps\/<\/code><\/pre>\n
Configuring Guacamole Server<\/h3>\n
After the installation of the Guacamole server daemon, you need define how to Guacamole client will connect to the Guacamole server (guacd) under the
\/etc\/guacamole\/guacamole.properties<\/code> configuration file. Within this configuration, you need to simply define Guacamole server hostname, port, user mapping configuration file, authentication provider.<\/p>\nvim \/etc\/guacamole\/guacamole.properties<\/code><\/pre>\n
guacd-hostname: localhost\r\nguacd-port: 4822\r\nuser-mapping: \/etc\/guacamole\/user-mapping.xml\r\nauth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider<\/code><\/pre>\n
you need to configure authentication method and create users who can access Guacamole server. To begin with, create the Guacamole general configuration directory. This file is reference by the Guacamole home environment variable,
GUACAMOLE_HOME<\/code>.<\/p>\nmkdir \/etc\/guacamole<\/code><\/pre>\n
In regards to authentication methods, Guacamole supports LDAP, backend databases, local file etc. Reading users and connection details from local file, usually
user-mapping.xml<\/code>, is the default method used by Guacamole. We are going to use the default authentication method in this guide.<\/p>\nConfigure default authentication<\/h3>\n
The default authentication method for Guacamole involves reading usernames and passwords from an XML file,
\/etc\/guacamole\/user-mapping.xml<\/code>.<\/p>\nvim \/etc\/guacamole\/user-mapping.xml<\/code><\/pre>\n
<user-mapping>\r\n \r\n <!-- Per-user authentication and config information -->\r\n\r\n <!-- A user using md5 to hash the password\r\n amos user and its md5 hashed password below is used to \r\n login to Guacamole Web UI-->\r\n <authorize \r\n username=\"amos\"<\/strong>\r\n password=\"602361b61d6818197680784e1112e3ee\"<\/strong>\r\n encoding=\"md5\"><\/strong>\r\n <\/authorize>\r\n\r\n<\/user-mapping><\/code><\/pre>\n
For every defined user, you need generate MD5 hashed password. The MD5 password hashes can be generated as shown below;<\/p>\n
echo -n Your_Password | openssl md5\r\n(stdin)= 602361b61d6818197680784e1112e3ee<\/code><\/pre>\n
You can as well specify authorized connections for each user.<\/p>\n
<user-mapping>\r\n \r\n <!-- Per-user authentication and config information -->\r\n\r\n <!-- A user using md5 to hash the password\r\n amos user and its md5 hashed password below is used to \r\n login to Guacamole Web UI-->\r\n <authorize \r\n username=\"amos\"\r\n password=\"602361b61d6818197680784e1112e3ee\"\r\n encoding=\"md5\">\r\n <connection name=\"SSH Connection\">\r\n <protocol>ssh<\/protocol>\r\n <param name=\"hostname\">192.168.43.203<\/param>\r\n <param name=\"port\">22<\/param>\r\n <param name=\"username\">amos<\/param>\r\n <\/connection>\r\n <connection name=\"RDP connection\">\r\n <protocol>rdp<\/protocol>\r\n <param name=\"hostname\">192.168.43.73<\/param>\r\n <param name=\"port\">3389<\/param>\r\n <param name=\"username\">mibeyki<\/param>\r\n <\/connection>\r\n\r\n <\/authorize>\r\n\r\n<\/user-mapping><\/code><\/pre>\n
Next, the Apache Tomcat servelet container should\u00a0 be able to read all the configurations defined under
\/etc\/guacamole<\/code> directory. Hence, add the GUACAMOLE_HOME environment variable to the serverlet configuration file as shown below;<\/p>\necho \"GUACAMOLE_HOME=\/etc\/guacamole\" >> \/etc\/default\/tomcat<\/code><\/pre>\n
Restart both Tomcat and Guacamole server.<\/p>\n
systemctl restart tomcat\r\nsystemctl restart guacd<\/code><\/pre>\n
Guacamole UI can be accessed with the URL,
http:\/\/Server_IP:8080\/guacamole<\/code>.<\/p>\n![\"Install](\"http:\/\/kifarunix.com\/wp-content\/uploads\/2019\/02\/guacamole-login.png\" "\\"\\"")
<\/a><\/p>\nWhen you login, you should be able to see the two connections defined above.<\/p>\n
![\"Install](\"http:\/\/kifarunix.com\/wp-content\/uploads\/2019\/02\/guacamole-interface.png\" "\\"\\"")
<\/a><\/p>\n![\"Install](\"http:\/\/kifarunix.com\/wp-content\/uploads\/2019\/02\/guacamole-SSH-connection.png\" "\\"\\"")
<\/a><\/p>\n