Apache Guacamole1

Setup Web-Based Guacamole tool to Access Remote Linux/Windows Machines on Ubuntu 18.04 LTS
ufw enable [sed -i’s/ENABLED=no/ENABLED=yes/g’/etc/ufw/ufw.conf]

ufw allow 22 && ufw allow 8080

apt-get install fail2ban build-essential htop libcairo2-dev libjpeg-turbo8-dev libjpeg62-dev libpng12-dev libtool-bin libossp-uuid-dev libavcodec-dev libavutil-dev libswscale-dev freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libwebsockets-dev libpulse-dev libssl-dev libvorbis-dev libwebp-dev -y

wget http://sourceforge.net/projects/guacamole/files/current/source/guacamole-server-1.1.0.tar.gz

tar -xzf guacamole-server-1.1.0.tar.gz

cd guacamole-server-1.1.0/

./configure -with-init-dir=/etc/init.d && make & make install

ldconfig && update-rc.d guacd defaults

mkdir /etc/guacamole

nano /etc/guacamole/guacamole.properties

# Hostname and port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822

# Location to read extra .jar’s from
lib-directory: /var/lib/tomcat8/webapps/guacamole/WEB-INF/classes

# Authentication provider class
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider

# Properties used by BasicFileAuthenticationProvider
basic-user-mapping:/etc/guacamole/user-mapping.xml
nano /etc/guacamole/user-mapping.xml
<user-mapping>
<authorize username=”quicknotepad” password=”password”>
<connection name=”RDP Connection”>
<protocol>rdp</protocol>
<param name=”hostname”>192.168.110.135</param>
<param name=”port”>3389</param>
</connection>
<connection name=”SSH Connection”>
<protocol>ssh</protocol>
<param name=”hostname”>192.168.110.128</param>
<param name=”port”>22</param>
</connection>
</authorize>
</user-mapping>

 

mkdir /usr/share/tomcat8/.guacamole

 

In -s /etc/guacamole/guacamole.properties /usr/share/tomcat8/.guacamole

cd

wget http://sourceforge.net/projects/guacamole/files/current/binary/guacamole-1.1.0.war

mv guacamole-1.1.0.war /var/lib/tomcat8/webapps/guacamole.war

service guacd start && service tomcat8 start

Launching the Guacamole Web Interface – http://localhost:8080/guacamole – and login with the credentials given earlier
http://server:8080/guacamole [where server is the hostname or IP address of your server]

How to Install and configure Guacamole to allow access to remote machines over RDP and SSH.

 

#####################################
Required dependencies
##########################################
_________________________________________________________________________________
Ubuntu
sudo apt-get install libcairo2-dev libjpeg-turbo8-dev libjpeg62-dev libpng12-dev libtool-bin libossp-uuid-dev libavcodec-dev libavutil-dev libswscale-dev freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libwebsockets-dev libpulse-dev libssl-dev libvorbis-dev libwebp-dev -y
_________________________________________________________________________________

_________________________________________________________________________________
Debian
sudo apt-get install libcairo2-dev libjpeg62-turbo-dev libjpeg62-dev libpng12-dev libtool-bin libossp-uuid-dev libavcodec-dev libavutil-dev libswscale-dev freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libwebsockets-dev libpulse-dev libssl-dev libvorbis-dev libwebp-dev -y
_________________________________________________________________________________
_________________________________________________________________________________
Fedora/CentOS/RHEL package
yum install -y cairo-devel libjpeg-turbo-devel libjpeg-devel libpng-devel libtool uuid-devel ffmpeg-devel freerdp-devel pango-devel libssh2-devel libtelnet-devel libvncserver-devel libwebsockets-devel pulseaudio-libs-devel openssl-devel libvorbis-devel libwebp-devel
_________________________________________________________________________________
###########################################################################
Setup Commands (step-by-step)
###########################################################################

1.
______________________________________________________________________________
tar -xzf guacamole-server-1.1.0.tar.gz

cd guacamole-server-1.1.0/
git clone git://github.com/apache/guacamole-server.git
_______________________________________________________________________________
2.
________________________________________________________________________________
The build process—-

cd guacamole-server/
autoreconf -fi

________________________________________________________________________________
3.
________________________________________________________________________________
./configure –with-init-dir=/etc/init.d

make

make install

ldconfig
________________________________________________________________________________
############################################################
guacamole-client
############################################################

_________________________________________________________________________
tar -xzf guacamole-client-1.1.0.tar.gz

cd guacamole-client-1.1.0/

git clone git://github.com/apache/guacamole-client.git

mvn package
___________________________________________________________________________

#####################################################################
Deploying Guacamole
#####################################################################

____________________________________________________________________________
cp guacamole.war /var/lib/tomcat/webapps

cp guacamole/target/guacamole-1.1.0.war /var/lib/tomcat/webapps/guacamole.war

/etc/init.d/tomcat8 restart

/etc/init.d/guacd start

_______________________________________________________________________________
guac-install
NOTE: The version of FreeRDP2 that comes in the official repo for Ubuntu 18.04 is broken. If you are using Ubuntu 18.04 and RDP is not working / crashing run the ________________________________________________________________________________
following before or after install:
sudo add-apt-repository ppa:remmina-ppa-team/freerdp-daily

sudo apt-get update
sudo apt-get install freerdp2-dev freerdp2-x11
How to Run:
Download file directly from here:

wget https://git.io/fxZq5
Make it executable:

chmod +x guac-install.sh
Run it as root:

Interactive (asks for passwords):

./guac-install.sh

Non-Interactive (values provided via cli):

./guac-install.sh –mysqlpwd password –guacpwd password –nomfa –installmysql

OR

./guac-install.sh -r password -gp password -o -i

Once installation is done you can access Guacamole by browsing to: http://<host_or_ip&gt;:8080/guacamole/ The default credentials are guacadmin as both username and password. Please change them or disable guacadmin after install!
guac-upgrade

Script for upgrading currently installed Guacamole instance (previously installed via this script/guide). This will also now update the TOTP or Duo extensions if used.

If looks for the tomcat folder in /etc/ (E.G. /etc/tomcat7 or /etc/tomcat8) hopefully that works to identify the correct tomcat version/path smile I’m open to suggestions/pull requests for a cleaner method.
All Switches

Install MySQL:

-i or –installmysql

Do NOT install MySQL:

-n or –nomysql

MySQL Host:

-h or –mysqlhost

MySQL Port:

-p or –mysqlport

MySQL Root Password:

-r or –mysqlpwd

Guacamole Database:

-db or –guacdb

Guacamole User:

-gu or –guacuser

Guacamole User Password:

-gp or –guacpwd

No MFA (No TOTP + Duo):

-o or –nomfa

Install TOTP:

-t or –totp

Install Duo:

-d or –duo

NOTE: Only the switches for MySQL Host, MySQL Port and Guacamole Database are available in the upgrade script.
WARNING

Upgrading from 0.9.14 -> 1.1.0 has not been tested, only 1.0.0 -> 1.1.0.
Switches have changed and additional ones have been added!

How to Run:
Download file directly from here:

wget https://raw.githubusercontent.com/MysticRyuujin/guac-install/master/guac-upgrade.sh
Make it executable:

chmod +x guac-upgrade.sh
Run it as root:

Interactive (asks for passwords):

./guac-upgrade.sh

Non-Interactive (MySQL root password provided via cli):

./guac-upgrade.sh –mysqlpwd password

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.