Guacamole HTML5 Clientless Remote Desktop

Linke for a goot tutorial: Real Cloud OS with Ubuntu

This documentation describes the setup of Guacamole on a Debian “Wheezy” server.

Guacamole is an HTML5 web application that provides access to desktop environments using remote desktop protocols such as VNC or RDP. A centralized server acts as a tunnel and proxy, allowing access to multiple desktops through a web browser. No plugins are needed: the client requires nothing more than a web browser supporting HTML5 and AJAX.

Prerequisites

We need a Debian “Wheezy” server installation without X to have the lowest footprint. I used the i386 version of the testing release from here as my base system.

To be able to compile everything you should install the following packages before continuing:

apt-get install build-essential
apt-get install automake
apt-get install libtool
apt-get install shtool
apt-get install checkinstall
apt-get install git
apt-get install libcairo-dev
apt-get install libfreerdp-dev
apt-get install tomcat6
apt-get install libvncserver0
...

Installing Guacamole Base

There is already a package that includes all files required for Guacamole with VNC support. So we use this as a base for our sytem. You can download the Debian packages here. I used the guacamole-0.6.0-debian-6.0-i586.tar.gz.

cd
wget "http://downloads.sourceforge.net/project/guacamole/current/binary/linux-i586/debian-6.0/bundle/guacamole-0.6.0-debian-6.0-i586.tar.gz"
tar xzvf guacamole-*.tar.gz
cd guacamole-*
dpkg -i guacd_*.deb guacamole_*.deb libguac3_*.deb libguac-client-vnc0_*.deb
dpkg -i libguac*.deb
apt-get -f install

After installing the Debian packages (you might get some errors) and installing the dependencies (apt-get -f install) you should see something like this:

... a lot of lines before
...
guacd[9535]: INFO:  Unable to bind socket to host ::1, port 4822: Address family not supported by protocol
guacd[9535]: INFO:  Successfully bound socket to host 127.0.0.1, port 4822
Setting up guacamole (0.6.0-1) ...
Setting up libguac-client-vnc0 (0.6.0-1) ...

There is also a package that automatically configures tomcat for Guacamole, so let us install it, too.

dpkg -i guacamole-tomcat*.deb

If you get asked to

Restart Tomcat server?

answer

Yes

To verify the installation point your browser to the following URL

http://<ip-address>:8080/guacamole

and you should see this login prompt.

You cannot login at this point, since alle logins are disabled after installation. To be able to login you have to edit the following file:

/etc/guacamole/user-mapping.xml

and remove the comments (!←- –>) or add new lines to it. Here is my file for a user with name “hans” and with the password “letmein”.

<user-mapping>
<authorize username="hans"
           password="0d107d09f5bbe40cade3de5c71e9e9b7"
           encoding="md5">
     <protocol>vnc</protocol>
     <param name="hostname">localhost</param>
     <param name="port">5900</param>
     <param name="password"></param>
</authorize>
</user-mapping>

Btw. you can get the md5 of your password with the following command

echo -n <yourpassword> | md5sum -t  

After editing the file you should be able to login, but the connect to the VNC-Server will fail. You should see something like this. This is okay.

Prepare libguac-client-rdp for compiling

To be able to have an HTML5 RDP Client, we need the libguac-client-rdp. Since there is no precompiled package, we have to do it manually. First of all let's download the sources from Github.

cd
git clone git://guacamole.git.sourceforge.net/gitroot/guacamole/libguac-client-rdp
cd libguac-client-rdp

You should receive the following output:

Cloning into 'libguac-client-rdp'...
remote: Counting objects: 842, done.
remote: Compressing objects: 100% (740/740), done.
remote: Total 842 (delta 578), reused 126 (delta 93)
Receiving objects: 100% (842/842), 279.95 KiB | 218 KiB/s, done.
Resolving deltas: 100% (578/578), done.

We have now a local copy of the git repository. To compile we need to prepare the source:

cd libguac-client-rdp
libtoolize
aclocal
#autoheader
automake --force-missing --add-missing
autoconf

After that the configure

./configure --prefix=/usr

should work without errors. If you have any errors, resolve them. Make sure you have libfreerdp-dev Versiion >=1.0.1.

We continue with the make command

make

Also this should work without any errors.

It would be easy now to do a make install, but we have a debian system so we create a debian package. This is the clean way to do it.

Create Debian package for libguac-client-rdp

checkinstall -y --maintainer=pcfreak@pcfreak.de --pkgname=libguac-client-rdp --pkgversion=0.6.0 --install=no -D make install

The result should look like this:

... a lot of lines before
**********************************************************************

 Done. The new package has been saved to

 /root/libguac-client-rdp/libguac-client-rdp_0.6.0-1_i386.deb
 You can install it in your system anytime using:

      dpkg -i libguac-client-rdp_0.6.0-1_i386.deb

**********************************************************************

We have now successfully compiled libguac-client-rdp. Let's install it.

dpkg -i libguac-client-rdp_0.6.0-1_i386.deb

Your Guacamole server is now ready to serve VNC and RDP connections. You have to edit your configuration file /etc/guacamole/user-mapping.xml with an RDP connection if you want to connect to RDP server. See the latest parameters here. I used the following file for my test:

<user-mapping>
<authorize username="hans"
           password="0d107d09f5bbe40cade3de5c71e9e9b7"
           encoding="md5">
     <protocol>rdp</protocol>
     <param name="hostname">192.168.177.233</param>
     <param name="port">3389</param>
     <param name="domain"></param>
     <param name="username"></param>
     <param name="password"></param>
     <!-- <param name="initial-program">explorer.exe</param> -->
     <param name="color-depth">32</param><!-- 8,16,24 or 32 -->
     <param name="width">800</param>
     <param name="height">600</param>
</authorize>
</user-mapping>

For my test I used a Windows 7 machine with RDP enabled and it worked like a charm! See this screenshot! I love OpenSource !!!

Tomcat SSL

Create a certificate

/usr/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /tmp/.keystore
Passwort: deinpasswort

Copy it to the appropriate folder

sudo mv /tmp/.keystore /usr/share/tomcat6/

Change/Update Tomcat configuration

sudo vi /etc/tomcat6/server.xml

and add this

<!-- by PCFreak START-->
        <Connector port="8443" protocol="HTTP/1.1"
                SSLEnabled="true"
                scheme="https"
                secure="true"
                connectionTimeout="20000"
                URIEncoding="UTF-8"
                keystoreFile="${user.home}/.keystore" keystorePass="deinpasswort"
                clientAuth="false"
                sslProtocol="TLS"
        />
<!-- by PCFreak ENDE -->

Restart Tomcat

sudo service tomcat6 restart

Now you can open your site with https:<yourip>:8443/guacamole/

public/linux/guacamole.txt · Last modified: 2015/08/11 08:20 (external edit)
CC Attribution-Share Alike 3.0 Unported
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0