Guacamole HTML5 Clientless Remote Desktop
Linke for a goot tutorial: Real Cloud OS with Ubuntu
This documentation describes the setup of Guacamole on a Debian “Wheezy” server.
Guacamole is an HTML5 web application that provides access to desktop environments using remote desktop protocols such as VNC or RDP. A centralized server acts as a tunnel and proxy, allowing access to multiple desktops through a web browser. No plugins are needed: the client requires nothing more than a web browser supporting HTML5 and AJAX.
Links
Pass host, user, password via GET or POST
Multiple Connections for Single User 1
Multiple Connections for Single User 2
Multiple Connections for Single User 3
Multiple Connections for Single User 4
Prerequisites
We need a Debian “Wheezy” server installation without X to have the lowest footprint. I used the i386 version of the testing release from here as my base system.
To be able to compile everything you should install the following packages before continuing:
apt-get install build-essential apt-get install automake apt-get install libtool apt-get install shtool apt-get install checkinstall apt-get install git apt-get install libcairo-dev apt-get install libfreerdp-dev apt-get install tomcat6 apt-get install libvncserver0 ...
Installing Guacamole Base
There is already a package that includes all files required for Guacamole with VNC support. So we use this as a base for our sytem. You can download the Debian packages here. I used the guacamole-0.6.0-debian-6.0-i586.tar.gz.
cd wget "http://downloads.sourceforge.net/project/guacamole/current/binary/linux-i586/debian-6.0/bundle/guacamole-0.6.0-debian-6.0-i586.tar.gz" tar xzvf guacamole-*.tar.gz cd guacamole-* dpkg -i guacd_*.deb guacamole_*.deb libguac3_*.deb libguac-client-vnc0_*.deb dpkg -i libguac*.deb apt-get -f install
After installing the Debian packages (you might get some errors) and installing the dependencies (apt-get -f install) you should see something like this:
... a lot of lines before ... guacd[9535]: INFO: Unable to bind socket to host ::1, port 4822: Address family not supported by protocol guacd[9535]: INFO: Successfully bound socket to host 127.0.0.1, port 4822 Setting up guacamole (0.6.0-1) ... Setting up libguac-client-vnc0 (0.6.0-1) ...
There is also a package that automatically configures tomcat for Guacamole, so let us install it, too.
dpkg -i guacamole-tomcat*.deb
If you get asked to
Restart Tomcat server?
answer
Yes
To verify the installation point your browser to the following URL
http://<ip-address>:8080/guacamole
and you should see this login prompt.
You cannot login at this point, since alle logins are disabled after installation. To be able to login you have to edit the following file:
/etc/guacamole/user-mapping.xml
and remove the comments (!←- –>) or add new lines to it. Here is my file for a user with name “hans” and with the password “letmein”.
<user-mapping> <authorize username="hans" password="0d107d09f5bbe40cade3de5c71e9e9b7" encoding="md5"> <protocol>vnc</protocol> <param name="hostname">localhost</param> <param name="port">5900</param> <param name="password"></param> </authorize> </user-mapping>
Btw. you can get the md5 of your password with the following command
echo -n <yourpassword> | md5sum -t
After editing the file you should be able to login, but the connect to the VNC-Server will fail. You should see something like this. This is okay.
Prepare libguac-client-rdp for compiling
To be able to have an HTML5 RDP Client, we need the libguac-client-rdp. Since there is no precompiled package, we have to do it manually. First of all let's download the sources from Github.
cd git clone git://guacamole.git.sourceforge.net/gitroot/guacamole/libguac-client-rdp cd libguac-client-rdp
You should receive the following output:
Cloning into 'libguac-client-rdp'... remote: Counting objects: 842, done. remote: Compressing objects: 100% (740/740), done. remote: Total 842 (delta 578), reused 126 (delta 93) Receiving objects: 100% (842/842), 279.95 KiB | 218 KiB/s, done. Resolving deltas: 100% (578/578), done.
We have now a local copy of the git repository. To compile we need to prepare the source:
cd libguac-client-rdp libtoolize aclocal #autoheader automake --force-missing --add-missing autoconf
After that the configure
./configure --prefix=/usr
should work without errors. If you have any errors, resolve them. Make sure you have libfreerdp-dev Versiion >=1.0.1.
We continue with the make command
make
Also this should work without any errors.
It would be easy now to do a make install, but we have a debian system so we create a debian package. This is the clean way to do it.
Create Debian package for libguac-client-rdp
checkinstall -y --maintainer=pcfreak@pcfreak.de --pkgname=libguac-client-rdp --pkgversion=0.6.0 --install=no -D make install
The result should look like this:
... a lot of lines before ********************************************************************** Done. The new package has been saved to /root/libguac-client-rdp/libguac-client-rdp_0.6.0-1_i386.deb You can install it in your system anytime using: dpkg -i libguac-client-rdp_0.6.0-1_i386.deb **********************************************************************
We have now successfully compiled libguac-client-rdp. Let's install it.
dpkg -i libguac-client-rdp_0.6.0-1_i386.deb
Your Guacamole server is now ready to serve VNC and RDP connections. You have to edit your configuration file /etc/guacamole/user-mapping.xml with an RDP connection if you want to connect to RDP server. See the latest parameters here. I used the following file for my test:
<user-mapping> <authorize username="hans" password="0d107d09f5bbe40cade3de5c71e9e9b7" encoding="md5"> <protocol>rdp</protocol> <param name="hostname">192.168.177.233</param> <param name="port">3389</param> <param name="domain"></param> <param name="username"></param> <param name="password"></param> <!-- <param name="initial-program">explorer.exe</param> --> <param name="color-depth">32</param><!-- 8,16,24 or 32 --> <param name="width">800</param> <param name="height">600</param> </authorize> </user-mapping>
For my test I used a Windows 7 machine with RDP enabled and it worked like a charm! See this screenshot! I love OpenSource !!!
Tomcat SSL
Create a certificate
/usr/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /tmp/.keystore Passwort: deinpasswort
Copy it to the appropriate folder
sudo mv /tmp/.keystore /usr/share/tomcat6/
Change/Update Tomcat configuration
sudo vi /etc/tomcat6/server.xml
and add this
<!-- by PCFreak START--> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" scheme="https" secure="true" connectionTimeout="20000" URIEncoding="UTF-8" keystoreFile="${user.home}/.keystore" keystorePass="deinpasswort" clientAuth="false" sslProtocol="TLS" /> <!-- by PCFreak ENDE -->
Restart Tomcat
sudo service tomcat6 restart
Now you can open your site with https:<yourip>:8443/guacamole/