Apache Guacamole is a clientless HTML5 web application that can be used to access your remote servers and desktops via a web browser. All you need is just a web browser, No additional software, plugins, and tools required. Install Guacamole on any system and start accessing your remote desktops in no time from anywhere. It is completely free and open source software.
Table of Contents
Access Your Computer From Anywhere Via Web Browser using Apache Guacamole
You can install it using the official way which is bit complicated for newbies and intermediate users. Alternatively, there is a script called "Guacamole Install Script" to do this automatically. This script will install latest Apache Guacamole version on your Linux system. Only little user intervention is required. Everything will be performed automatically. It will install all necessary dependencies and packages that needed to setup a perfect remote desktop gateway. This script will work on a clean CentOS 6.x and 7.x versions. Here is the list of things It will do:
- Install Packages Dependencies
- Download Guacamole and MySQL Connector packages
- Install Guacamole Server
- Install Guacamole Client
- Install MySQL Connector
- Configure MariaDB or MySQL
- Setting Tomcat Server
- Generates a Java KeyStore for SSL Support
- Install and Setting Nginx Proxy (SPDY enabled)
- Generates a Self-Signed Certificate for SSL Support
- Configure SELinux for Nginx Proxy
- Configure FirewallD or iptables
Now, let us see how to install Guacamole in CentOS 7 64 bit minimal edition.
Download the Guacamole installer script from this link.
Or run the following command from your Terminal to download it.
# wget http://sourceforge.net/projects/guacamoleinstallscript/files/CentOS/guacamole-install-script.sh
Make the script executable using command:
# chmod +x guacamole-install-script.sh
Then, run it to install Guacamole on your CentOS system.
# ./guacamole-install-script.sh
You will be asked to answer a few questions such as root password for MariaDB, Guacamole database name, database user, database user's password, and Guacamole URL etc. Answer them accordingly. I use "centos" as password in this tutorial for the sake of easy remembrance. But I recommend to use any strong password.
'.:++++++++++++++++++++++: 'yhhhhhhhhy- .+y' '://++++++++++++++++++++++++' ':yhhhhyo:' -yNd. '/+++++++++++++++++++++++++++//' .+yo:' ':: oNMh' ./++++++++++++++++++++++++++++++/:' '''' 'mMh. -MMM: /+++++++++++++++++++++++++++++++++-.:/+: yMMs -MMMs ./++++++++++++++++++++++++++++++++++++/' .mMMy 'NMMMy. '-/+++++++++++++++++++++++++++++++/:. :dMMMo +MMMMNy:' '.:///++++++++++++++++++++//:-.' ./hMMMMN' -MMMMMMMmy+-.''''.---::::::::::--..''''.:ohNMMMMMMy sNMMMMMMMMMmdhs+/:--..........--:/oyhmNMMMMMMMMMd- .+dNMMMMMMMMMMMMMMNNmmmmmmmNNNMMMMMMMMMMMMMMmy:' ./sdNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMNmho:' ' .:+shmmNNMMMMMMMMMMMMMMMMNNmdyo/-' .o:. '.-::/+ossssssso++/:-.' '-/' .ymh+-.' ''./ydy. /dMMNdyo/-.'''' ''''.-:+shmMNh: :yNMMMMMMNmdhhyyyyyyyhhdmNNMMMMMNy: ':sdNNMMMMMMMMMMMMMMMMMMMNNds:' '-/+syhdmNNNNNNmdhyo/-' Installation Menu Guacamole Remote Desktop Gateway 0.9.9 Enter the root password for MariaDB: centos Enter the Guacamole DB name: guadb Enter the Guacamole DB username: guauser Enter the Guacamole DB password: centos Enter the Java KeyStore password (least 6 characters): centos Do you wish to Install the Proxy feature (Nginx)?: Yes Enter the Guacamole Server IP addres or hostame (default localhost): 192.168.1.150 Enter the URI path (default guacamole):
Now, the installer script will start to download all necessary software to setup the remote desktop gateway. This will take a while depending upon the Internet speed.
After a few minutes, you will asked to complete the wizard for Java KeyStore. Answer them accordingly and type Yes to continue.
What is your first and last name? [Unknown]: What is the name of your organizational unit? [Unknown]: ostechnix What is the name of your organization? [Unknown]: ostechnix What is the name of your City or Locality? [Unknown]: Erode What is the name of your State or Province? [Unknown]: Tamilnadu What is the two-letter country code for this unit? [Unknown]: 91 Is CN=Unknown, OU=ostechnix, O=ostechnix, L=Erode, ST=Tamilnadu, C=91 correct? [no]: yes
Next, It will ask you to enter some details to create a self-signed SSL certificate. Answer the questions and hit ENTER to continue.
Please complete the Wizard for the Self-Signed SSL Certificate... Generating a 2048 bit RSA private key ........................................................................+++ ......................+++ writing new private key to '/etc/nginx/guacamole.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:IN State or Province Name (full name) []:Tamilnadu Locality Name (eg, city) [Default City]:Erode Organization Name (eg, company) [Default Company Ltd]:OSTechNix Organizational Unit Name (eg, section) []:Support Common Name (eg, your name or your server's hostname) []:server Email Address []:sk@ostechnix.com
Finally, you will see the end of installation message. Note down the Guacamole management URL. You will need it to log in to the management console to access the remote systems.
Finished Successfully You can check the log file /root/guacamole-0.9.9.10-17-Jan.log Your firewall backup file /root/guacamole-0.9.9.10-17-Jan.firewall.bkp To manage the Guacamole GW via proxy go to http://<IP>/guacamole/ or https://<IP>/guacamole/ To manage the Guacamole GW go to http://<IP>:8080/guacamole/ or https://<IP>:8443/guacamole/ The username and password is: guacadmin If you have any suggestions please write to: correo@nacimientohernan.com.ar
Access Guacamole Dashboard
Open up your web browser and type http://<IP>:8080/guacamole/ or https://<IP>:8443/guacamole/ in the address bar. You will see the following welcome screen. Enter the username and password to access the Guacamole web interface. The default username and password is: guacadmin
Here it is how Guacamole dashboard looks like.
As you see, we haven't created any remote desktop connections yet. The first thing you must do is to change the default user guacadmin's password. To do so, go to Settings page of guacadmin.
Go to the Preferences link. Enter your current password and update the new password.
Make new Connections
Now, let us create new remote desktop connection. To do so, go to guacadmin -> Settings -> Connections. And then, Click New Connection.
Enter your remote system details such as name, IP address or hostname, port number, username and password of the remote system details. Also, you need to select the type of protocol from the Protocol drop-down menu.
Similarly, you can create other connections by selecting different protocols such as RDP, VNC and telnet etc.
Once you created the new connection, you can launch it from the guacadmin drop-down menu at the top right corner.
Here is my Ubuntu 16.04 system's active SSH session in browser.
Once you done with your remote system, you can disconnect from it from Guacamole menu.
The Guacamole menu is a sidebar which is hidden until explicitly shown. To bring up this menu, you need to press CTRL+ALT+SHIFT key combination on a desktop. To close/hide this menu, just press CTRL+ALT+SHIFT again. On mobiles devices, you can bring up this menu by swiping right from the left edge of the screen. To hide the menu, swipe left across the screen.
Like I said, this script will only work on CentOS 6/7 systems. We will post the installation instructions for other Linux distributions in the days to come. Until then, please refer the official installation document to setup Guacamole in other Linux distributions like Ubuntu, SUSE, Debian etc.
This script made Guacamole installation much easier than the official method. If you wanted to setup a remote desktop gateway in CentOS, you can use this script. I hope the author will make a common installer script to all Linux systems.
Resources:
6 comments
Unable to run the script
https://uploads.disquscdn.com/images/ae1032ac320df6df9a727759d6f4256338545f46ccd473b186cfe7d6353acc83.png
You cannot run this install script on a mac. It attempts to install packages(rpms) for a Linux distro.
All is successful but when going to open the page getting This site can’t be reached
103.83.131.81 refused to connect.
Accessing remote servers through ip address works smoothly, but if i access the same IP through domain name the Operating system
performance is too bad
May i know what is the problem?
Thank you for the excellent guide and script. Saved me a lot of time in getting started. Can you please advise how i might replace the letsencrypt cert with my own/new authoritative cert? This would be the public facing cert.
Thanks in advance for the help!
Chris
Hi, I never installed or replaced LetsEncrypt on my own. Please post your question in LetsEncrypt forum. Someone might help.