Install and use Guacamole remote desktop on CentOS 8

To
You can download this article in PDF format via the link below to support us.

Download the guide in PDF format

turn off
To

To
To

Apache Guacamole is a clientless remote desktop gateway that supports standard protocols such as VNC, RDP and SSH. Thanks to HTML5, after installing guacamole on the server, you can access the desktop just by using a web browser.

Guacamole is divided into two parts: guacamole-server and guacamole-client, which provides guacd proxy and related libraries, while guacamole-client provides the client to be served by the servlet container. In most cases, the only resource you need to build is guacamole-server, and downloading the latest guacamole.war from the project website is enough to serve customers.

Credit: Guacamole website

Step 1: Server preparation

Apache Guacamole has many dependencies, and we will handle most of them in this step. You will notice that I used some packages from the Devel repository because it is a challenge to get them from the official repository. Once the package we need is installed, please disable it.

sudo dnf update
sudo dnf install -y vim wget unzip make cmake wget gcc zlib-devel compat-openssl10
sudo dnf config-manager --set-enabled PowerTools
sudo dnf config-manager --enable Devel
sudo dnf -y install cairo-devel libuv-devel libjpeg-turbo-devel libjpeg-devel libpng-devel libtool uuid-devel freerdp-devel pango-devel libvncserver-devel pulseaudio-libs-devel openssl-devel libvorbis-devel libwebp-devel libssh2-devel libwebsockets-devel libtheora opus lame-libs
sudo dnf config-manager --disable Devel

Install other libraries from source

Some libraries are not yet available on the repository. They include libtelnet

wget https://github.com/seanmiddleditch/libtelnet/releases/download/0.23/libtelnet-0.23.tar.gz
tar -xf libtelnet-0.23.tar.gz
cd libtelnet-0.23
./configure
make && sudo make install

Step 2: Install Apache Tomcat

After sorting the prerequisites, run the following command to install the Apache Tomcat Javaservelet container that can serve the Guacamole Java client and all required dependencies. Since it is the Java language, we first install Java.

Install Java on CentOS 8

Run the following command to get java-11-openjdk.

sudo yum install java-11-openjdk-devel

Create a file and set the Java environment variables.

$ sudo vim /etc/profile.d/java11.sh

export JAVA_HOME=$(dirname $(dirname $(readlink -f $(which javac))))
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=.:$JAVA_HOME/jre/lib:$JAVA_HOME/lib:$JAVA_HOME/lib/tools.jar

Provide the file source to start using it without logging out.

source /etc/profile.d/java11.sh

Install Apache Tomcat on CentOS 8

To install Apache Tomcat, please follow our detailed guide on how to install Apache Tomcat 9 on CentOS 8. Since we have already installed the Java installer, please ignore it.

Step 3: Build a guacamole server from source code

guacamole-server contains all the native server-side components that Guacamole needs to connect to the remote desktop. It provides the general C library libguac on which all other native components depend, as well as independent libraries for each supported protocol, and the proxy daemon guacd (the core of guacamole).

Download The latest stable version of the Guacamole server

cd ~
wget http://mirror.cc.columbia.edu/pub/software/apache/guacamole/1.2.0/source/guacamole-server-1.2.0.tar.gz

Unzip the downloaded file.

tar -xvf guacamole-server-1.2.0.tar.gz

Go to the extracted directory.

cd guacamole-server-1.2.0

Configure the build environment. Running configure will determine the libraries available on the system, and will select appropriate components to build based on the actual installed content.

./configure --with-init-dir=/etc/init.d

Then compile the guacamole server. After compiling all components, quite a bit of output will scroll on the screen

make

After everything is done, all you have to do is type “sudo make install” to install the built components, and then type “ldconfig” to update the system’s cache of installed libraries.

sudo make install

Update the cache of installed libraries in the system.

sudo ldconfig

Refresh it to find the guacd (guacamole agent daemon) service installed in the /etc/init.d/ directory.

sudo systemctl daemon-reload

After restarting, start the guacd service.

sudo systemctl start guacd
sudo systemctl enable guacd

To put a smile on your face, check its status.

$ systemctl status guacd

● guacd.service - LSB: Guacamole proxy daemon
   Loaded: loaded (/etc/rc.d/init.d/guacd; generated)
   Active: active (running) since Thu 2020-08-27 10:26:04 UTC; 43s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 51357 ExecStart=/etc/rc.d/init.d/guacd start (code=exited, status=0/SUCCESS)
    Tasks: 1 (limit: 11070)
   Memory: 11.9M
   CGroup: /system.slice/guacd.service
           └─51360 /usr/local/sbin/guacd -p /var/run/guacd.pid

Step 4: Install the Guacamole web application

The deployment of Guacamole involves two key files: guacamole.war (it is the file that contains the web application) and guacamole.properties, which is the main configuration file of Guacamole. The recommended way to use Guacamole is to put these files in a standard location, and then create a symbolic link to them so that Tomcat can find them

guacamole-client contains all the Java and Maven components of Guacamole (guacamole, guacamole-common, guacamole-ext and guacamole-common-js). These components ultimately constitute a web application that will provide an HTML5 guacamole client to users who connect to the server. This web application will connect to the guacd part of the guacamole server on behalf of connected users in order to provide them with any remote desktops they have access to.

Install Guacamole Client on CentOS 8

Guacamole client can be used as a binary file. To install it, simply pull it from the Guacamole binary download page as shown below, and copy it to /etc/guacamole/ Directory and rename at the same time.

cd ~
sudo mkdir /etc/guacamole
wget https://downloads.apache.org/guacamole/1.2.0/binary/guacamole-1.2.0.war -O /etc/guacamole/guacamole.war

To install the Guacamole client binaries, create a symbolic link from the guacamole client to the Tomcat webapps directory as shown below;

sudo ln -s /etc/guacamole/guacamole.war /usr/share/tomcat/webapps/

Step 5: Configure the guacamole server

After installing the Guacamole server daemon, you need to define how to connect the Guacamole client to the Guacamole server (guacd) located at the following location. /etc/guacamole/guacamole.properties Configuration file. In this configuration, you only need to define the hostname, port, user mapping profile, and authentication provider of the Guacamole server.

GUACAMOLE_HOME is the name of the guacamole configuration directory, which is located at /etc/guacamole by default. All configuration files, extensions, etc. are located in this directory.

Create GUACAMOLE_HOME environment variable

echo "GUACAMOLE_HOME=/etc/guacamole" | sudo tee -a /etc/default/tomcat

Create and fill in the /etc/guacamole/guacamole.properties configuration file as shown below:

$ sudo vim /etc/guacamole/guacamole.properties

guacd-hostname: localhost
guacd-port:    4822
user-mapping:    /etc/guacamole/user-mapping.xml
auth-provider:    net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider

After configuring as shown above, save it and link the Guacamole configuration directory to the Tomcat servlet directory as shown below.

sudo ln -s /etc/guacamole /usr/share/tomcat/.guacamole

Step 6: Set up the guacamole authentication method

Guacamole’s default authentication method reads all users and connections from a file called user-mapping.xml. In this file, you need to define the users who are allowed to access the Guacamole Web UI, the server to connect to, and the connection method.

Generate an MD5 hash of the password for the user who will be used to log in to the Guacamole web user interface. Replace your password accordingly.

$ echo -n StrongPassword | openssl md5
(stdin)= 0f6e4a1df0cf5ee97c2066953bed21b2

After preparing the password, create a user mapping file with the following sample content. You can put any hostname, username and host according to your environment.

$ sudo vim /etc/guacamole/user-mapping.xml



    

    
    

        
        
            ssh
            10.10.10.10
            22
        

        
        
            rdp
            10.10.10.5
            3389
            tech
            true
        

    

good stuff. After completing all operations, restart Tomcat and guacd to implement the changes.

sudo systemctl restart tomcat guacd

If you are running a firewall and have not yet allowed the port, you can do so as quickly as possible as follows:

sudo firewall-cmd --permanent --add-port={4822,8080}/tcp
sudo firewall-cmd --reload

Step 7: Get the guacamole web interface

So far, we have set everything up well, so we should be ready to access the application we have been working on. To access Guacamole’s web interface, simply point your browser to http: // ip-or-domain-name: 8080 / guacamole And the login screen shown below appears:

Install and use Guacamole remote desktop on CentOS 8

As you can see, the connection we established in the configuration file is loaded when you log in.

Install and use Guacamole remote desktop on CentOS 8

Simply click on the one you wish to connect to and you will be prompted to enter your username and password, whether via SSH or RDP.

Install and use Guacamole remote desktop on CentOS 8

Enter your server password

Install and use Guacamole remote desktop on CentOS 8

We should be allowed in

Install and use Guacamole remote desktop on CentOS 8

Concluding remarks

Since the Guacamole client is an HTML5 web application, your use of the computer is not restricted by any device or location. As long as you have access to a web browser, you can access your machine. With Guacamole and a desktop operating system hosted in the cloud, you can combine the convenience of Guacamole with the elasticity and flexibility of cloud computing. Check it out and take advantage of its flexibility and convenience, especially in this season when most of us are working from home.

references:

Apache Guacamole page

Apache Guacamole documentation

Thank you for your continued support, and please keep having fun as you take other ideas from the subtle guide shared below.

The easy way to create an SSH tunnel on Linux CLI

Install and configure OpenSSH Server on Windows Server 2019

How to set up two-factor (2FA) authentication for SSH on CentOS/RHEL 7/8

To
You can download this article in PDF format via the link below to support us.

Download the guide in PDF format

turn off
To

To
To

Sidebar