Saucepan

User Tools

Site Tools

Trace: ssh dns_transfer install_nginx visudo ntp deploy_reporting_vm install_oracle_11gr2 routing bash firewall_rules
linux:install_guacamole

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
linux:install_guacamole [2020/10/03 07:57] – created bstaffordlinux:install_guacamole [2022/11/23 12:49] (current) – external edit 127.0.0.1
Line 20: Line 20:
  
 ===== Install Guacamole Web App ===== ===== Install Guacamole Web App =====
-<code>sudo apt install tomcat9 tomcat9-admin tomcat9-common tomcat9-user</code>+<code>sudo apt install tomcat9 tomcat9-admin tomcat9-common tomcat9-user -y</code>
 <code>wget https://downloads.apache.org/guacamole/1.2.0/binary/guacamole-1.2.0.war</code> <code>wget https://downloads.apache.org/guacamole/1.2.0/binary/guacamole-1.2.0.war</code>
 <code>sudo mv guacamole-1.2.0.war /var/lib/tomcat9/webapps/guacamole.war</code> <code>sudo mv guacamole-1.2.0.war /var/lib/tomcat9/webapps/guacamole.war</code>
 +<code>sudo systemctl start tomcat9 guacd</code>
 +<code>sudo systemctl enable tomcat9 guacd</code>
 <code>sudo systemctl restart tomcat9 guacd</code> <code>sudo systemctl restart tomcat9 guacd</code>
  
Line 136: Line 138:
 }</code> }</code>
  
 +<code>sudo openssl dhparam -out /etc/nginx/certs/certsdhparam.pem 4096</code>
 ''/etc/nginx/snippets/ssl-params.conf'' ''/etc/nginx/snippets/ssl-params.conf''
 <code> <code>
Line 183: Line 186:
 You can edit the text on the login screen by editing the following file and changing the value of the "NAME" field (7th line down?) You can edit the text on the login screen by editing the following file and changing the value of the "NAME" field (7th line down?)
 <code>/var/lib/tomcat9/webapps/guacamole/translations/en.json</code> <code>/var/lib/tomcat9/webapps/guacamole/translations/en.json</code>
 +===== Enabled Database Authentication ======
 +
 +Download mysql-connector-java_8.0.21-1ubuntu20.04_all.deb from https://dev.mysql.com/downloads/connector/j/
 +
 +<code>sudo dpkg -i mysql-connector-java_8.0.21-1ubuntu20.04_all.deb</code>
 +
 +<code>sudo mkdir -p /etc/guacamole/extensions</code>
 +<code>sudo mkdir -p /etc/guacamole/lib</code>
 +
 +<code>sudo cp /usr/share/java/mysql-connector-java-* /etc/guacamole/lib</code>
 +
 +<code>wget "http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/1.2.0/binary/guacamole-auth-jdbc-1.2.0.tar.gz"</code>
 +
 +<code>mv ./"closer.cgi?action=download&filename=guacamole%2F1.2.0%2Fbinary%2Fguacamole-auth-jdbc-1.2.0.tar.gz" guacamole-auth-jdbc-1.2.0.tar.gz</code>
 +
 +<code>tar -xzf guacamole-auth-jdbc-1.2.0.tar.gz</code>
 +
 +<code>sudo cp ./guacamole-auth-jdbc-1.2.0/mysql/guacamole-auth-jdbc-mysql-1.2.0.jar /etc/guacamole/extensions/guacamole-auth-jdbc-mysql-1.2.0.jar</code>
 +
 +<code>sudo apt install mysql-server</code>
 +
 +<code>sudo mysql_secure_installation</code>
 +
 +<code>mysql -u root -p
 +
 +CREATE DATABASE guacamole_db;
 +
 +CREATE USER 'guacamole_user'@'localhost' IDENTIFIED BY 'somepassword';
 +
 +GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole_db.* TO 'guacamole_user'@'localhost';
 +
 +FLUSH PRIVILEGES;
 +
 +quit</code>
 +
 +<code>ls ./guacamole-auth-jdbc-1.2.0/mysql/schema/</code>
 +
 +<code>cat ./guacamole-auth-jdbc-1.2.0/mysql/schema/*.sql | mysql -u root -p guacamole_db</code>
 +
 +
 +<code>sudo vi /etc/guacamole/guacamole.properties</code>
 +
 +
 +<code>
 +# Hostname and port of guacamole proxy
 +guacd-hostname: localhost
 +guacd-port:     4822
 +
 +# Auth provider class
 +auth-provider: net.sourceforge.guacamole.net.auth.mysql.MySQLAuthenticationProvider
 +
 +# MySQL properties
 +mysql-hostname: localhost
 +mysql-port: 3306
 +mysql-database: guacamole_db
 +mysql-username: guacamole_user
 +mysql-password: somepassword
 +
 +# MySQL
 +mysql-disallow-simultaneous-connections: true
 +
 +# MySQL
 +mysql-disallow-duplicate-connections: false
 +</code>
 +
 +
 +
 +<code>sudo systemctl restart tomcat9 guacd</code>
 +
 +The default Guacamole user created by the provided SQL scripts is ''guacadmin'', with a default password of ''guacadmin''.
 +
 +
 +<code>https://mole.stafford.local/#/settings/sessions</code>
 +
 +===== Identify Version of Guacamole Installed =====
 +
 +[[http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/Guacamole-Version-identification-td7741.html|From here]].
 +
 +<code>curl -s -L https://url_of_server.local | grep -oE "app.js\?v=.*\"" | awk -F"=" {​​​​​​​'print $2'}​​​​​​​ | sed 's/\"//g'
 +</code>
 +===== Windows Server 2019 =====
 +Guacamole 1.2.0 RDP client is broken when talking to Windows 2019 Server, by default Windows Server 2019 attempts to negotiate a connection. To get Guacamole 1.2.0 to work you must configure the Group Policy to the following
 + 
 +Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Service -> Remote Desktop Session Host -> Security -> Require use of specific security layer for remote (RDP) connections - Enable and set to RDP
 + 
 +For Guacamole 0.9.14 you must configure it to the default of negotiate
 + 
 +Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Service -> Remote Desktop Session Host -> Security -> Require use of specific security layer for remote (RDP) connections - Enable and set to negotiate
 + 
linux/install_guacamole.1601711835.txt.gz · Last modified: (external edit)