Installing Apache Guacamole on RPI
Apache Guacamole is a clientless remote desktop gateway https://guacamole.apache.org/ which an be used to get SSH, RDP, VNC .. on the web browser using HTML5
The following is an installation on a Raspberry Pi 2B+ running Raspbian 8:
All commands were done as root user
Update the OS $ apt-get update $ apt-get upgrade
Install the Dependencies $ apt-get install libcairo2-dev libjpeg62-turbo-dev libpng-dev libossp-uuid-dev libavcodec-dev libavutil-dev libswscale-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libpulse-dev libssl-dev libvorbis-dev libwebp-dev
Download the packages from Guacamole Release https://guacamole.apache.org/releases/ root@BB-8:~# wget 'http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/1.1.0/source/guacamole-server-1.1.0.tar.gz' -O guacamole-server-1.1.0.tar.gz root@BB-8:~# wget 'http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/1.1.0/source/guacamole-client-1.1.0.tar.gz' -O guacamole-client-1.1.0.tar.gz
Extract the Tar files and build the Guacamole server
$ tar -xzf guacamole-server-1.1.0.tar.gz
$ cd guacamole-server-1.1.0
$ ./configure --with-init-dir=/etc/init.d
.....
------------------------------------------------
guacamole-server version 1.1.0
------------------------------------------------
Library status:
freerdp2 ............ no
pango ............... yes
libavcodec .......... yes
libavutil ........... yes
libssh2 ............. yes
libssl .............. yes
libswscale .......... yes
libtelnet ........... yes
libVNCServer ........ yes
libvorbis ........... yes
libpulse ............ yes
libwebsockets ....... no
libwebp ............. yes
wsock32 ............. no
Protocol support:
Kubernetes .... no
RDP ........... no
SSH ........... yes
Telnet ........ yes
VNC ........... yes
Services / tools:
guacd ...... yes
guacenc .... yes
guaclog .... yes
FreeRDP plugins: no
Init scripts: /etc/init.d
Systemd units: no
Type "make" to compile guacamole-server.
$ make
$ make install
$ update-rc.d guacd defaults
$ ldconfig
Compile the Guacamole Client $ tar -xvf guacamole-client-1.1.0.tar.gz $ cd guacamole-client-1.1.0 Install tomcat8 Package $ apt install tomcat8 Install Openjdk-8-JDK $ apt install openjdk-8-jdk Download the maven binary from https://maven.apache.org/download.cgi Compile the Guacamole-client using mvn package It took around 40mins for compilation and download all the necessary package $ ~/guacamole-client-1.1.0# /root/apache-maven-3.6.3/bin/mvn package …. [INFO] --- maven-assembly-plugin:2.5.3:single (make-source-archive) @ guacamole-client --- [INFO] Reading assembly descriptor: project-assembly.xml [INFO] Building tar: /root/guacamole-client-1.1.0/target/guacamole-client-1.1.0.tar.gz [INFO] ------------------------------------------------------------------------ [INFO] Reactor Summary for guacamole-client 1.1.0: [INFO] [INFO] guacamole-common …………………………….. SUCCESS [01:16 min] [INFO] guacamole-ext ……………………………….. SUCCESS [01:40 min] [INFO] guacamole-common-js ………………………….. SUCCESS [ 7.425 s] [INFO] guacamole …………………………………… SUCCESS [07:30 min] [INFO] guacamole-auth-cas …………………………… SUCCESS [03:11 min] [INFO] guacamole-auth-duo …………………………… SUCCESS [01:08 min] [INFO] guacamole-auth-header ………………………… SUCCESS [01:01 min] [INFO] guacamole-auth-jdbc ………………………….. SUCCESS [ 7.232 s] [INFO] guacamole-auth-jdbc-base ……………………… SUCCESS [01:31 min] [INFO] guacamole-auth-jdbc-mysql …………………….. SUCCESS [ 53.872 s] [INFO] guacamole-auth-jdbc-postgresql ………………… SUCCESS [01:27 min] [INFO] guacamole-auth-jdbc-sqlserver …………………. SUCCESS [01:43 min] [INFO] guacamole-auth-jdbc-dist ……………………… SUCCESS [01:31 min] [INFO] guacamole-auth-ldap ………………………….. SUCCESS [07:27 min] [INFO] guacamole-auth-openid ………………………… SUCCESS [01:17 min] [INFO] guacamole-auth-quickconnect …………………… SUCCESS [01:30 min] [INFO] guacamole-auth-totp ………………………….. SUCCESS [02:12 min] [INFO] guacamole-example ……………………………. SUCCESS [ 36.275 s] [INFO] guacamole-playback-example ……………………. SUCCESS [ 3.657 s] [INFO] guacamole-client …………………………….. SUCCESS [01:30 min] [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 37:48 min [INFO] Finished at: 2020-03-17T22:35:09+04:00 [INFO] ------------------------------------------------------------------------
Copy the generated war file towards the webapps folder of tomcat8 $ ~/guacamole-client-1.1.0# cp guacamole/target/guacamole-1.1.0.war /var/lib//tomcat8/webapps/guacamole.war
Create configuration file for Guacamole $ mkdir -p /etc/guacamole $ cat /etc/guacamole/guacamole.properties # Hostname and port of guacamole proxy #guacd-hostname: localhost #guacd-port: 4822 # Auth provider class (authenticates user/pass combination, needed if using the provided login screen) auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider basic-user-mapping: /etc/guacamole/user-mapping.xml Generate The password $echo "password" |md5sum The user-mapping file
cat /etc/guacamole/user-mapping.xml
<user-mapping>
<authorize
username="xxxx"
password="b8sf34r3f34gf3"
encoding="md5">
<connection name="BB-8">
<protocol>ssh</protocol>
<param name="hostname">localhost</param>
<param name="port">22</param>
<param name="swap-red-blue">false</param>
<param name="enable-audio">true</param>
</connection>
</authorize>
</user-mapping>Start the GUACD server and Tomcat8 $ /etc/init.d/tomcat8 start [ ok ] Starting tomcat8 (via systemctl): tomcat8.service. $ /etc/init.d/guacd start Starting guacd: guacd[13606]: INFO: Guacamole proxy daemon (guacd) version 1.1.0 started SUCCESS
The Application Should be running on port 8080
Once login, the SSH console should be open allow the user to use it through web browser
Instead of opening port 22, everything can be exposed only via https.
References:
https://guacamole.apache.org/releases/1.1.0/
http://www.m-opensolutions.com/?p=936
https://guacamole.apache.org/doc/gug/configuring-guacamole.html