Wondering how to install Apache Guacamole? This timely guide by our Support Team at Bobcares covers everything. So get ready to roll up your sleeves and dive in. 

Apache Guacamole helps you get your environment organized and also offers you flexibility and convenience. Take advantage of this by installing it today. Our Support Team is here to guide you every step of the way.

How to install: Apache guacamole

Apache Guacamole offers you the convenience of having access to your servers from one place. Our Support Engineers have put together this in-depth guide to help you set up Apache Guacamole like a pro.

Installation Guide: Apache Guacamole

1. Server Preparation
2. Installing Apache Tomcat
3. Building the Guacamole server from source
4. Installing the Guacamole web application
5. Configuring Guacamole server
6. Setup Guacamole authentication method
7. Getting Guacamole web interface

Server Preparation

First, we will start with the server preparation. We will install each of the dependencies. This allows Guacamole to function seamlessly. In other words, we will run the following commands:

sudo apt update
sudo apt install -y gcc vim curl wget g++ libcairo2-dev libjpeg-turbo8-dev libpng-dev \
libtool-bin libossp-uuid-dev libavcodec-dev libavutil-dev libswscale-dev build-essential \
libpango1.0-dev libssh2-1-dev libvncserver-dev libtelnet-dev \
libssl-dev libvorbis-dev libwebp-dev

After this, we have to install FreeRDP2 hosted in the remmina PPA with the following commands:

sudo add-apt-repository ppa:remmina-ppa-team/remmina-next-daily
sudo apt update
sudo apt install freerdp2-dev freerdp2-x11 -y

Installing Apache Tomcat

Here, our Support Engineers will install the Apache Tomcat Java servlet container which is responsible for running the Guacamole Java war file. Furthermore, it serves the Guacamole java client. However, we have to install Java first with the following command:

sudo apt install openjdk-11-jdk

Then, verify the version installed with these commands:

$ java --version
openjdk 11.0.9.1 2020-11-04
OpenJDK Runtime Environment (build 11.0.9.1+1-Ubuntu-0ubuntu1.20.04)
OpenJDK 64-Bit Server VM (build 11.0.9.1+1-Ubuntu-0ubuntu1.20.04, mixed mode, sharing)

We will then create a user apart from root to run the tomcat application:

sudo useradd -m -U -d /opt/tomcat -s /bin/false tomcat

Then, download the latest version of Apache Tomcat binary distribution with the command wget.
Once the download is over, we will extract the tar file as seen below:

sudo mkdir /opt/tomcat
sudo tar -xzf apache-tomcat-9.0.53.tar.gz -C /opt/tomcat/
sudo mv /opt/tomcat/apache-tomcat-9.0.53 /opt/tomcat/tomcatapp

Then we will grant the tomcat user requisite rights to the /opt/tomcat directory with this command:

sudo chown -R tomcat: /opt/tomcat

Next, it is time to make the shell scripts in the opt/tomcat/tomcatapp/bin directory executable with this command:

sudo chmod +x /opt/tomcat/tomcatapp/bin/*.sh

If you have reached this far without any trouble, it is time to add Tomcat’s Systemd service. This makes it easy to start and stop the service. Before we proceed, you need to create a new file and enter the following configuration details:

$ sudo vim /etc/systemd/system/tomcat.service

[Unit]
Description=Tomcat 9 servlet container
After=network.target

[Service]
Type=forking

User=tomcat
Group=tomcat

Environment="JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64"
Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom -Djava.awt.headless=true"

Environment="CATALINA_BASE=/opt/tomcat/tomcatapp"
Environment="CATALINA_HOME=/opt/tomcat/tomcatapp"
Environment="CATALINA_PID=/opt/tomcat/tomcatapp/temp/tomcat.pid"
Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"

ExecStart=/opt/tomcat/tomcatapp/bin/startup.sh
ExecStop=/opt/tomcat/tomcatapp/bin/shutdown.sh

[Install]
WantedBy=multi-user.target

Now we will save this file and reload the daemon.

sudo systemctl daemon-reload

After that, we will start the service with this command:

sudo systemctl enable --now tomcat

By this point, your Tomcat will be running smoothly:

$ systemctl status tomcat
● tomcat.service - Tomcat 9 servlet container
     Loaded: loaded (/etc/systemd/system/tomcat.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2020-12-18 13:36:34 UTC; 2s ago
    Process: 53538 ExecStart=/opt/tomcat/tomcatapp/bin/startup.sh (code=exited, status=0/SUCCESS)
   Main PID: 53545 (java)
      Tasks: 27 (limit: 2204)
     Memory: 137.3M
     CGroup: /system.slice/tomcat.service
             └─53545 /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Djava.util.logging.config.file=/opt/tomcat/to

Building the Guacamole server from source

First, we will download the latest version of the Guacamole server via this command:

wget https://downloads.apache.org/guacamole/1.3.0/source/guacamole-server-1.3.0.tar.gz -P ~

Then, we will extract the source tarball as seen below:

tar xzf ~/guacamole-server-1.3.0.tar.gz

After that, change to the Guacamole server source code directory:

cd ~/guacamole-server-1.3.0

Next. We will execute the configure script to verify whether any required dependency is missing:

./configure –with-init-dir=/etc/init.d

The above command will result in the following output. Our Support Team recommends checking whether you see a yes next to RDP, Telnet,SSH and VNC.

guacamole-server version 1.3.0
------------------------------------------------

   Library status:

     freerdp2 ............ yes
     pango ............... yes
     libavcodec .......... yes
     libavformat.......... no
     libavutil ........... yes
     libssh2 ............. yes
     libssl .............. yes
     libswscale .......... yes
     libtelnet ........... yes
     libVNCServer ........ yes
     libvorbis ........... yes
     libpulse ............ no
     libwebsockets ....... no
     libwebp ............. yes
     wsock32 ............. no

   Protocol support:

      Kubernetes .... no
      RDP ........... yes
      SSH ........... yes
      Telnet ........ yes
      VNC ........... yes

   Services / tools:

      guacd ...... yes
      guacenc .... no
      guaclog .... yes

   FreeRDP plugins: /usr/lib/x86_64-linux-gnu/freerdp2
   Init scripts: /etc/init.d
   Systemd units: no

Type "make" to compile guacamole-server.

Run make as advised in the last line of the output. It will take a while to finish. Once it is down, install the Guacamole server with this command:

sudo make install

Finally, run the dconfig command. This will create the required links as well as cache to the recently shared libraries present in the Guacamole server directory.

sudo ldconfig

Then refresh systemd in order to find the guacd service which has been installed in the /etc/init.d/ directory.

sudo systemctl daemon-reload

After reloading, start and enable the Guacamole proxy daemon service.

sudo systemctl start guacd
sudo systemctl enable guacd

You can check the status with the following command:

$ systemctl status guacd
● guacd.service - LSB: Guacamole proxy daemon
     Loaded: loaded (/etc/init.d/guacd; generated)
     Active: active (running) since Fri 2020-12-18 14:03:06 UTC; 8s ago
       Docs: man:systemd-sysv-generator(8)
    Process: 76312 ExecStart=/etc/init.d/guacd start (code=exited, status=0/SUCCESS)
      Tasks: 1 (limit: 2204)
     Memory: 10.1M
     CGroup: /system.slice/guacd.service
             └─76324 /usr/local/sbin/guacd -p /var/run/guacd.pid

Installing the Guacamole web application

Next, we are going to install the Guacamole client after downloading it. We will also move it to /etc/guacamole/ directory and rename it as well.

sudo mkdir /etc/guacamole
wget https://downloads.apache.org/guacamole/1.3.0/binary/guacamole-1.3.0.war -P ~
sudo mv ~/guacamole-1.3.0.war /etc/guacamole/guacamole.war

We also need to create a symbolic link to the Tomcat webapps directory with the following command:

sudo ln -s /etc/guacamole/guacamole.war /opt/tomcat/tomcatapp/webapps

Configuring Guacamole server

After installing the Guacamole server daemon, it is time to define the hostname, user mapping configuration file, port and authentication provider in the /etc/guacamole/guacamole.properties configuration file.
First, we will run the following command to create the GUACAMOLE_HOME environment variable.

echo "GUACAMOLE_HOME=/etc/guacamole" | sudo tee -a /etc/default/tomcat

Then, we will create the /etc/guacamole/guacamole.properties config file and enter the following information:

$ sudo vim /etc/guacamole/guacamole.properties
guacd-hostname: localhost
guacd-port:    4822
user-mapping:    /etc/guacamole/user-mapping.xml
auth-provider:    net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider

Finally, save this and link the Guacamole configurations directory to the Tomcat servlet directory with the following command:

sudo ln -s /etc/guacamole /opt/tomcat/tomcatapp/.guacamole

Setting up Guacamole authentication method

You have to define users who are allowed access to the Guacamole web UI in the user-mapping.xml file. Furthermore, you also need to include the server to connect to as well as the method of connection.

First, generate the MD5 has of password for the user and replace the password:

$ echo -n StrongPassword | openssl md5
(stdin)= 0f6e4a1df0cf5ee97c2066953bed21b2

Then create a user-mapping file with the following sample content:

$ sudo vim /etc/guacamole/user-mapping.xml

<user-mapping>

<!-- Per-user authentication and config information -->

<!-- A user using md5 to hash the password
guacadmin user and its md5 hashed password below is used to
login to Guacamole Web UI-->
<authorize
username="GeeksAdmin"
password="0f6e4a1df0cf5ee97c2066953bed21b2"
encoding="md5">

<!-- First authorized Remote connection -->
<connection name="RHEL 7 Maipo">
<protocol>ssh</protocol>
<param name="hostname">172.25.169.26</param>
<param name="port">22</param>
</connection>

<!-- Second authorized remote connection -->
<connection name="Windows Server 2019">
<protocol>rdp</protocol>
<param name="hostname">10.10.10.5</param>
<param name="port">3389</param>
<param name="username">tech</param>
<param name="ignore-cert">true</param>
</connection>

</authorize>

</user-mapping>

Once you have reached this point, it is time to restart Tomcat and guacd to allow the new changes to come into effect.

sudo systemctl restart tomcat guacd

In case you haven’t allowed the ports yet and you have a firewall running, run the following command:

sudo ufw allow 4822/tcp

Congratulations, your Apache Guacamole is up and running!

Getting Guacamole web interface

The last step in this detailed guide involves accessing Guacamole’s web interface. We do this by pointing our browser towards http://ip-or-domain-name:8080/guacamole. We will be greeted by the below screen
And voila! You have installed Apache Guacamole successfully.

[In search of help? Try our Server Management Services.]

Conclusion

To summarize, the Support Engineers made the installation Apache Guacamole process a lot simpler and easy to follow with this in-depth tutorial. From downloading Apache Guacamole to setting it up, Bobcares has you covered.