How to install guacamole 1.0.0 on Centos 7 box

Hey. Guacamole – really good app that allow you to connect to PC in your net via RDP/SSH/Telnet/VNC. Lets install it.

yum install cairo-devel libjpeg-devel libpng-devel uuid-devel freerdp-devel pango-devel libssh2-devel libssh-dev tomcat libvncserver-devel libtelnet-devel tomcat-admin-webapps tomcat-webapps gcc terminus-fonts


Download guacamole-server-1.0.0.tar.gz and guacamole-client-1.0.0.tar.gz from offsite. And lets install it

./configure
# check what you will install. In good case you will see: VNC, RDP, SSH
make
make install
ldconfig

Put guacamole-1.0.0.war /var/lib/tomcat/webapps and rename it to guacamole.war

mkdir /etc/guacamole
mkdir /usr/share/tomcat/.guacamole

Create file /etc/guacamole/guacamole.properties with content:

guacd-hostname: localhost<br>
guacd-port:    4822<br>
user-mapping:    /etc/guacamole/user-mapping.xml
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
basic-user-mapping:    /etc/guacamole/user-mapping.xml
ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat/.guacamole/

Lets add user. Generate hash via printf ‘%s’ “superpass” | md5sum

<user-mapping>
        <authorize
                username="admin"
                password="superpass_hash"
                encoding="md5">
                <connection name="RHEL 7">
                        <protocol>ssh</protocol>
                        <param name="hostname">192.168.1.3</param>
                        <param name="port">22</param>
                        <param name="username">sshusername</param>
                        <param name="private-key">-----BEGIN RSA PRIVATE KEY-----</param>
                        <param name="passphrase">SSHKEYPASSPHRASE</param>
                        <param name="font-name">terminus</param>
                </connection>
                <connection name="Windows 2k19">
                        <protocol>rdp</protocol>
                        <param name="hostname">192.168.1.4</param>
                        <param name="port">3389</param>
                        <param name="security">tls</param>
                        <param name="ignore-cert">true</param>
                        <param name="enable-drive">true</param>
                        <param name="drive-path">/data/rdpexchange</param>

                </connection>
        </authorize>
</user-mapping>
chmod 600 /etc/guacamole/user-mapping.xml
chown tomcat:tomcat /etc/guacamole/user-mapping.xml

Add to the bottom of /etc/tomcat/catalina.properties

guacamole.home=/etc/guacamole

Lets make systemd file: /etc/systemd/system/guacamole.service

[Unit]
Description=Guacamole Server
Documentation=man:guacd(8)
After=network.target

[Service]
User=root
ExecStart=/usr/local/sbin/guacd -f
Restart=on-abnormal

[Install]
WantedBy=multi-user.target

systemctl daemon-reload && systemctl start guacamole && systemctl enable guacamole && systemctl start tomcat && systemctl enable tomcat

Make folder /data/rdpexchange for File-Exchange-OverRDP.

For my windows installation i make one fix in regedit:

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]
SecurityLayer set to 1
UserAuthentication set to 0

Now go to http://serverurl:8080/guacamole/

Enter your login and password and you should see and connect to your hosts.

Leave a Reply

Your email address will not be published. Required fields are marked *