NOTE: The GitHub version supports installation on multiple versions of Ubuntu and Debian. The GitHub version is also updated whenever a new Guacamole version is released. This guide is a bit outdated and is only indented to walk you through the basics of installation. I do not intend to continue updating this guide…
If you would like you can download the “fully scripted” and updated version of this and execute it. To do so:
wget https://raw.githubusercontent.com/MysticRyuujin/guac-install/master/guac-install.sh chmod +x guac-install.sh ./guac-install.sh
Additional Credits to Emilio and Alex for the RDP fix(s) in comments section.
UPGRADE INSTRUCTIONS FROM 0.9.x HERE
The following will install Guacamole 0.9.14, Tomcat 7, and MySQL on Ubuntu 16.04 for you. All you have to do is pick a MySQL Root Password and guacamole_user password. (two variables at the top of the script).
NOTE: Ubuntu 17+ uses gcc-7 by default and 0.9.14 does not compile with gcc-7 – the workaround is to install gcc-6 via apt-get then prefix the configure and make commands with CC="gcc-6" E.G. CC="gcc-6" ./configure --with-init-dir=/etc/init.d
#!/bin/bash
# WORKING ON UBUNTU 16.04 WITH GUAC 0.9.14 AND TOMCAT7
# Set these passwords!
mysqlrootpassword=""
guacdbuserpassword = ""
# Version numbers of Guacamole and MySQL Connector/J to download
GUACVERSION="0.9.14"
MCJVERSION="5.1.45"
# Tomcat Version
TOMCAT="tomcat7"
# Set MySQL root password as defined above for apt installer
debconf-set-selections <<< "mysql-server mysql-server/root_password password $mysqlrootpassword"
debconf-set-selections <<< "mysql-server mysql-server/root_password_again password $mysqlrootpassword"
#Install Stuff
apt-get -y install build-essential libcairo2-dev libjpeg-turbo8-dev libpng12-dev libossp-uuid-dev libavcodec-dev libavutil-dev libswscale-dev libfreerdp-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libpulse-dev libssl-dev libvorbis-dev libwebp-dev mysql-server mysql-client mysql-common mysql-utilities ${TOMCAT} freerdp-x11 ghostscript wget dpkg-dev # Set SERVER to be the preferred download server from the Apache CDN SERVER="http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${GUACVERSION}" # Download Guacamole Server wget -O guacamole-server-${GUACVERSION}.tar.gz ${SERVER}/source/guacamole-server-${GUACVERSION}.tar.gz # Download Guacamole Client wget -O guacamole-${GUACVERSION}.war ${SERVER}/binary/guacamole-${GUACVERSION}.war # Download Guacamole authentication extensions wget -O guacamole-auth-jdbc-${GUACVERSION}.tar.gz ${SERVER}/binary/guacamole-auth-jdbc-${GUACVERSION}.tar.gz # Download MySQL Connector-J wget -O mysql-connector-java-${MCJVERSION}.tar.gz https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-${MCJVERSION}.tar.gz # Extract Guacamole files tar -xzf guacamole-server-${GUACVERSION}.tar.gz tar -xzf guacamole-auth-jdbc-${GUACVERSION}.tar.gz tar -xzf mysql-connector-java-${MCJVERSION}.tar.gz # MAKE DIRECTORIES mkdir -p /etc/guacamole/lib mkdir /etc/guacamole/extensions # Install GUACD cd guacamole-server-${GUACVERSION} ./configure --with-init-dir=/etc/init.d make make install ldconfig systemctl enable guacd cd .. # Get build-folder BUILD_FOLDER=$(dpkg-architecture -qDEB_BUILD_GNU_TYPE) # Move files to correct locations mv guacamole-${GUACVERSION}.war /etc/guacamole/guacamole.war ln -s /etc/guacamole/guacamole.war /var/lib/${TOMCAT}/webapps/ ln -s /usr/local/lib/freerdp/guac*.so /usr/lib/${BUILD_FOLDER}/freerdp/ cp mysql-connector-java-${MCJVERSION}/mysql-connector-java-${MCJVERSION}-bin.jar /etc/guacamole/lib/ cp guacamole-auth-jdbc-${GUACVERSION}/mysql/guacamole-auth-jdbc-mysql-${GUACVERSION}.jar /etc/guacamole/extensions/ # Configure guacamole.properties echo "mysql-hostname: localhost" >> /etc/guacamole/guacamole.properties
# Set MySQL settings in guacamole properties file
echo "mysql-port: 3306" >> /etc/guacamole/guacamole.properties
echo "mysql-database: guacamole_db" >> /etc/guacamole/guacamole.properties
echo "mysql-username: guacamole_user" >> /etc/guacamole/guacamole.properties
echo "mysql-password: $guacdbuserpassword" >> /etc/guacamole/guacamole.properties
# Restart Tomcat Service
service ${TOMCAT} restart
# Create guacamole_db and grant guacamole_user permissions to it #
# SQL code
SQLCODE="
create database guacamole_db;
create user 'guacamole_user'@'localhost' identified by "$guacdbuserpassword";
GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole_db.* TO 'guacamole_user'@'localhost';
flush privileges;"
# Execute SQL code
echo $SQLCODE | mysql -u root -p$mysqlrootpassword
# Add Guacamole schema to newly created database
cat guacamole-auth-jdbc-${GUACVERSION}/mysql/schema/*.sql | mysql -u root -p$mysqlrootpassword guacamole_db
# Ensure guacd is started
service guacd start
# Cleanup
rm -rf guacamole-*
rm -rf mysql-connector-java-${MCJVERSION}*
echo -e "Installation Completenhttp://localhost:8080/guacamole/nDefault login guacadmin:guacadminnBe sure to change the password."
I recommend that you restart now to make sure everything sticks and works after reboot.
Hello Chase, this is awesome easy to follow and did not get any errors during the install however I just get a blank whit screen when I go to http://localhost:8080/guacamole, I do see it is getting there as in the browser I see the guacamole icon but just get a white screen, I have installed this several times to make sure I did not miss something,. Any help would be greatly appreciated?
Check the /etc/default/tomcat8 file and make sure you have this line at the bottom:
GUACAMOLE_HOME=/etc/guacamole
Hey Chase, running into the same problem. Did check Tomcat and the last line is indeed:
GUACAMOLE_HOME=/etc/guacamole
Any other suggestions?
Thanks for this guide by the way, very easy to follow for a non-linux user.
I’m also having this problem, I get a 500 internal server error and the white screen.
So, I’m pretty sure the issue is with Tomcat8. My suggestion is to revert to Tomcat7. I have updated the script if that helps…
did you ever get a reply?
I have the same problem using this script & instructions (white screen).
Previously I’ve installed guacamole okay using the website instructions but this didn’t work.
I see several people have this white screen issue and was hoping to avoid duplicating troubleshooting work if someone can post their solution I’d appreciate it.
Brian
I had the same problem. I fixed it by editing the file /etc/guacamole/guacamole.properties and changed the “mysql-password” to the password I had selected earlier. I then restarted the guacd server with “sudo service guacd restart” and the problem was fixed.
Have you try make a VNC connection? in 0.9.7 version i’ve never succeed, do you have any solutions?
In this version is no problem with SSH, Telnet and RDP buat always failed in VNC
No, I have not tried VNC, I would try getting help on the guacamole forms. The dependencies were installed in this script. Can you VNC directly to the machine using a VNC Client?
If i using guacamole 0.9.4 there is no problem to connect to my VNC server, and i also can connect using VNC client to that server, but if i use guacamole 0.9.7 the connaction always failed, thank you
Just wanted to say: Thanks! These are the most straightforward, clear, no-nonsense instructions I’ve seen yet for installing Guacamole on Ubuntu. It works! I’ve been banging away for hours trying to get the guacamole docker images to play nice and finally gave up. Your instructions had me up and running in minutes. Now looking to get SSL/TLS setup on Tomcat8…
Well… it worked briefly. Now I have the same issue as James: blank white page. The browser spins for a couple minutes then settles on the blank white page with the guacamole icon in the browser tab. GUACAMOLE_HOME=/etc/guacamole is indeed at the bottom of /etc/default/tomcat8 . I tried reinstalling on new Ubuntu server 15.04 instances several times and now can never get past the blank white page. This is actually the same issue I was having with the Guacamole Docker images.
And.. now it’s back. Didn’t change anything. No idea.
Hello James, Thanks a lot for this very easy Tuto. No error during install, but I am having the same issue than James and Nate : the blank white page with the guacamole icon in the browser tab. GUACAMOLE_HOME=/etc/guacamole is indeed at the bottom of /etc/default/tomcat8 . I tried reinstalling several times on Ubuntu 15.04 instances and can never get past the blank white page. Your help will be appreciated.
make sure all the correct services are running, mysql, tomcat8, guacd
Double check the permissions of your files and folders.
Check the passwords and configurations for the MySQL database.
I just wanted to say thanks! Everything worked like a charm! I’ve looked for the past couple of days for a proper tutorial and yours just worked right off the bat. I had a speed-bump with mysql but checked the tomcat8 logs to find I had misconfigured the user account! Helps when I don’t forget the ; at the end of statements, LoL.
Thanks for the great tutorial. Everything seems to be working fine except file transfer.
I cannot see a virtual drive on the remote RDP machine. I am able to upload the files on Guacamole by drag/drop but that’s it. I cannot locate the files on the remote machine. I see the following in my logs:
guacd[1435]: INFO: Guacamole proxy daemon (guacd) version 0.9.7 started
guacd[1435]: DEBUG: Unable to bind socket to host ::1, port 4822: Address family not supported by protocol
guacd[1435]: DEBUG: Unable to bind socket to host 127.0.0.1, port 4822: Address already in use
guacd[1435]: ERROR: Unable to bind socket to any addresses.
Is this actually supposed to be working if we follow the instructions above? Or maybe some additional steps are required? Please advise.
You might want to try the new guac 0.9.8 it seems to have a few RDP and file fixes. I’ve never tried file transfer…
No luck..I just installed 0.9.8 following your instructions. Everything works except file transfer. Any other ideas?
Sorry, no. You should open a ticket with the developers.
Nice! Just replace 0.9.7 with 0.9.8 to be up to date with Guacamole. I’ll make my setup connected with the AD now …
That’s one amazing run through, got it working 1st time. Would love you to do one on how to get LDAP auth working for Active directory, cant figure it out for the life of me.
Great article Chase, however I have one issue.
I didnt want to use the default guacadmin account so I created a new Guac user in the web-app itself. I gave the user full permissions and then tried using the connection I originally setup with Guacadmin, I get a “you do not have permission to access this connection” error.
So the next thing I tried was creating a connection under the new account (which I was able to just fine) but I get the same connection permission error. It almost seems like I have full permission to administer the application but not to use any of the connections…
Any ideas?
Thanks in advance…
I guess I’ll add my name those that have installed using the above and ended up with a white screen when I try to get to the guacamole server with my browser.
Any ideas?
Thanks for the great tutorial.
I had the same problem, but found out that I forgot this:
root@debian:~# cat guacamole-auth-jdbc-0.9.7/mysql/schema/*.sql | mysql -u root -pMYSQLROOTPASSWORD guacamole_db
Remember to replace ‘MYSQLROOTPASSWORD’ by the actual password you created for the root user.
i had the same issue once and the solution was to add the at the end of the url like guacamole
BTW, if after restart tomcat you have a loooooong wait time with “awaiting connection…” and white empty screen, that can be caused by entropy pool low watermark issues (google “tomcat entropy”) so tomcat will be blocked until entropy pool will be ready (in non-user-interactive systems that can take up to tens of minutes!) HAVEGED can help as one of workarounds (and no, I do not know is there security flaws or entropy quality worse or better with that):
$~ sudo apt-get install haveged
Instead of installing haveged you can get Java to use /dev/urandom instead, but adding this line to java.security (usually found in a path similar to this : /usr/lib/jvm/java-7-openjdk-i386/jre/lib/security/java.security).
securerandom.source=file:/dev/./urandom
I followed the instructions and I am also having the same issue with the white screen and the FAVICON loading.
What I did notice is that if I comment out GUACAMOLE_HOME in the /etc/default/tomcat8 file then I get the proper login prompt but I can’t log into the site.
So this seems to be the issue.
I checked the permissions and they are working properly as is MySQL. GuacD is running properly also.
Thanks.
Hi there!
For some reason, apt can’t find tomcat 8.
What sources do you have defined for ubuntu?
Cheers!
I have not modified anything for apt… This should work from a fresh install of Ubuntu. There is no space in the package name. “apt-get -y install tomcat8”
@Pete
What Tomcat your distro has depends on Distro & on what release of the Distro.
In older Ubuntu it was Tomcat7
In newer Ubuntu it is now Tomcat8
Check your distro to see which it has as its default in its repositories.
Just spotted on google that this article used to say Ubuntu 15.10 in the title?
That explains it. I was on 14.04.
I got it working with tomcat7, however had some other issues with Ubuntu.
I’ve flattened the lot, and am installing 15.10 now.
Cheers! 😀
Can I add :
Populate the database you just created. Again, change the MYSQLROOTPASSWORD
cat guacamole-auth-jdbc-0.9.9/mysql/schema/*.sql | mysql -u root -pMYSQLROOTPASSWORD guacamole_db
This command needs to be ran from /home/USERNAME
Also, my password breaks the command due to a charachter in it..
In my case I have to do :
Populate the database you just created. Again, change the MYSQLROOTPASSWORD
cat guacamole-auth-jdbc-0.9.9/mysql/schema/*.sql | mysql -u root -p guacamole_db
Then it will ask me for a password. 🙂
I went back to 14.04 and tomcat7.
I could not bear NOT having “eth0” as a network interface.
One issue with this script I have noticed :
“systemctl enable guacd”
“systemctl” is not part of ubuntu, it seems.
I’ll try “update-rc.d guacd defaults” instead
Nice script. I’ve got a similar one on my site for 0.9.9 on Ubuntu 14.04 with Tomcat7. The only differences are that I use debconf-set-properties to pass mysql passwords during install time, and also create the guacamole database inline.
For Virtual machines, I’ve found that /dev/random can take a long time to create entropy, and can even fail. So you can modify java.securitiy to use /dev/urandom instead.
http://chari.titanium.ee/script-to-install-guacamole/
Bharath Chari,
Without any modification to my Ubuntu 15.10 VM I have this:
cat /usr/lib/jvm/java-7-openjdk-amd64/jre/lib/security/java.security | egrep securerandom.source=
securerandom.source=file:/dev/urandom
That’s interesting. I’ll check if it’s an issue specifically related to the 32 bit openjdk. I doubt if it’s distro related.
Hi Chase,
I’ve updated my script to include user defined selection of Ubuntu versions and Tomcat.
http://chari.titanium.ee/script-to-install-guacamole/
I’ve tested it on 14.04 and 15.10 (32 and 64 bit.
Nice work Bharath!
I got it installed in the end with minor modifications to chase’s script., however I have bookmarked your script page because I know I will end up setting this up again somewhere else. I can appreciate the awkwardness both of you have to overcome to get your scripts working well, so I appreciate and applaud both of you for your efforts and contributions.
🙂
Thanks Pete,
I noticed earlier on in the thread that you had issues because of special characters in your mysql password. In the event that you do use my script, please enclose the variables in single-quotes if you’re using special characters.
It’s really nice of Chase to allow me to post links to my own script.
hi chase,
i am following your tutorial, do I need to install freerdp server or xrdp server? it is not mentioned above, I am confused here.
thanks!
If you are trying to connect to the server running guacamole then, yeah it needs to run some sort of remote control software. If you are trying to connect to other systems then no, it doesn’t need anything else to work. All dependencies are included to connect to remote systems.
hi chase,
could you give example of what you said of connecting to other system instead of connecting to server running guacamole? i couldn’t figure out what you mean here.
also, i was following one tutorial of installing guacamole and there it is mentioned to create a symbolic link: sudo ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat7/.guacamole
this is not done in your case, he used guacamole-0.9.2 and tomcat7 so I guess this is not mandatory, i guess
thanks!
suman
Guacamole is a web proxy. You create a new “connection” for each sever/host you want to connect to and in the connection form menu put the IP address of “that” server. Of course servers you connect to must have VNC, RDP/XRDP installed/configured on them. Then when in guacamole you create a new user… at the bottom of that screen you check which servers “that” user can choose from later. Of course “that” user also needs a valid user acct on any server they want to connect to.
hi chase,
to run the file transfer with rdp I added this:
mkdir / usr / lib / x86_64-linux-gnu / freerdp
ln -s / usr / local / lib / freerdp / guac * / usr / lib / x86_64-linux-gnu / freerdp /
perhaps it is worthwhile to upgrade your script
thanks for giving me life easier … 🙂
Emilio,
This symlink line has solved a lot of frustration, thanks!
For me (Debian 8, Guac 0.9.9) the freerdp dir was already created, but the files were not linked.
Congratulations, this article is really good and clear.
Would add two details:
1) Castelluccio Emilio’s comment that really works
2) the installation of GhostScript package, which enables printing on RDP.
Greetings and thanks!!!!!
Hi Chase,
Thanks a ton. You saved my day.
I
Hi Chase!
Super Guide!
Can u help me?
I can`t login with guacadmin user and guacadmin password – incorrect?
Why guacadmin incorrect?
i find solution:
sudo nano /etc/guacamole/guacamole.properties
auth-provider: net.sourceforge.guacamole.net.auth.mysql.MySQLAuthenticationProvider
New question:
guacamole-server version 0.9.9
————————————————
Library status:
freerdp …………. yes
pango …………… yes
libssh2 …………. yes
libssl ………….. yes
libtelnet ……….. yes
libVNCServer …….. yes
libvorbis ……….. yes
libpulse ………… yes
libwebp …………. yes
Protocol support:
RDP ……. yes
SSH ……. yes
Telnet …. yes
VNC ……. yes
But trought RDP can`t connect.
OS Ubuntu 14.04
log:
17:55:18.914 [http-bio-8080-exec-7] INFO o.g.g.n.b.r.a.AuthenticationService – User “guacadmin” successfully authenticated from 192.168.1.100.
17:55:27.008 [http-bio-8080-exec-2] ERROR o.g.g.n.b.w.t.GuacamoleWebSocketTunnelServlet – Creation of WebSocket tunnel to guacd failed: End of stream while waiting for “args”.
Where my error?
For 14.04 exist PPA:
https://launchpad.net/~dnjl/+archive/ubuntu/network-build?field.series_filter=trusty
i will be trying it…
I can confirm above instructions still work for Ubuntu 16.04. I had no problem installing Guacamole on 16.04.
After installing admin page can be found at http://server-ip:8080/guacamole
guacadmin account works fine for configuring.
One comment though:
For RDP file transfer support I had to copy /usr/local/lib/freerdp/guacsnd-client.so and /usr/local/lib/freerdp/guacdr-client.so to /usr/lib/x86_64-linux-gnu/freerdp
I tried on Ubuntu Xenian 16.04 default installation.
The script is missing to install wget (used above to download guacamole).
Moreover, I’d add the tomcat-ssl part. Adding a reverse proxy (nginx) is the simplest way.
http://guac-dev.org/doc/gug/proxying-guacamole.html#nginx
This guide is definitely the best guide to install guacamole on Ubuntu. I just tested today on 16.04 and it works perfectly. There is one problem, following your guide everything will work perfectly except for extra features of RDP (remote sound, remote printing, and remote drive).
This can be simple fixed by adding the lines to your script
apt-get install freerdp ghostscript
ln -s /usr/local/lib/freerdp/* /usr/lib/x86_64-linux-gnu/freerdp/.
after that everything should work perfectly
Hello Chase! Thanks for your useful posting!
I love guacamole. You article is very helpful for me!
Now I have some problem.
I’d like to add some functions to default guacamole app.
Guacamole says it is possible.
So could you tell me about it? How can I add?
for example, I’d like to add useremail fields in guacamole_user table.
Hope your answers!
Best regards.
Leonid
Leonid, you’d be better off asking on their official forms or searching Google for a similar blog post. This isn’t something I’ve done myself. Sorry.
Thanks for making such an easy-to-use .SH script. Saves me a LOT of time and effort. Might want to consider putting this on the Guacamole site itself.
Quick question. I’ve dug around for answers but the Google overlords aren’t finding any answers.
Whether I’m creating a new group or a new connection, it doesn’t show up in the list. I have to logout and login again before it shows.
Have you heard of this happening before? I can provide system specs (but needless to say, it’s 16.04.1 updated and using your .SH script).
John,
I literally just re-installed this a few days ago and used my own script to do it. I’m not having that problem. I just created a new connection group and it showed up right away.
Try a different browser? Any extensions blocking anything? Maybe open a ticket with the developers…I don’t know 🙂
Well … I just opened my site in a different browser (IE vs Chrome), created a new 2nd Windows connection, and … still not showing up.
What’s weird is, I decided to use your script at first because my original Guacamole server worked right (new connections would show), but I could never get it to connect. After yours did the same thing, I dug deeper and realized that I hadn’t disabled “proxy_buffering”. Once I did that, the connections worked normally.
I don’t know what I did with yours. Brand-new Ubuntu 16.04.1 server, all updated, nothing customized. Ran your 0.99 .SH script (oh, I had meant to point out the “sed” thing the guy RIGHT AFTER ME pointed out … but forgot to), and had a Guacamole server. But … unlike my earlier one (I deleted it … idiot), this one isn’t showing new connections until I logout.
I went digging through the forums, couldn’t find an instance of this. Was kinda’ hoping you’d have an idea (maybe the SQL server part?)
Are you using a reverse proxy then? Nginx?
Yeah I am. I also read that guacamole works really well behind a reverse proxy.
Try to bypass it, see if behavior changes. I will post my config later when I get a chance.
server
{
listen 443 ssl;
server_name server.domain.com;
proxy_buffering off;
proxy_redirect off;
proxy_cookie_path /guacamole/ /;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “upgrade”;
location /
{
proxy_pass http://server.domain.local:8080/guacamole/;
}
}
Well, that’s odd.
It suddenly started working … on both sides of the reverse proxy.
Thanks for the profile, though.
Would this code help me enable https for mysite.com:8443/guacamole? I am undable to get 8443 to work. It works fine with http:mysite.com:8080/guacamole..
Could you point me to the correct location?
Thanks
Try to un-comment this config section
Connector port=”8443″ protocol=”org.apache.coyote.http11.Http11NioProtocol”
maxThreads=”150″ SSLEnabled=”true” scheme=”https” secure=”true”
clientAuth=”false” sslProtocol=”TLS”
In
/etc/tomcat8/server.xmlthen restart tomcatservice tomcat8 restartI don’t know if that’ll work or not…maybe?Thanks Chase, I tried that. When that section is not commented out, my guacd landing page just hangs as if it’s trying to load. however when it is commented out, i get the unable to connect page.
Is there anything else I should adjust, such as an SSL = true somewhere?
I appreciate your help on this one.
Cheers
On most installations, I install nginx or apache and reverse proxy guacd. The reason is because at the time I wanted to use lets encrypt and getting it working with tomcat was an exercise in futility whereas more mainstream web servers will always be easy to use. Perhaps this could be a solution for you also? The nginx config I use is below.
# Listen 80
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name guacamoleserver.com;
#bounce everyone to HTTPS using a 301 redirect
return 301 https://$server_name$request_uri;
# Nginx hardening – suppress 401 and 403 messages
error_page 401 403 404 /404.html;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
# Proxy guacamole through nginx
location / {
proxy_pass http://localhost:8080/guacamole/;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
access_log off;
}
}
server {
# SSL Configuration
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
include snippets/ssl-guacamoleserver.com.conf;
include snippets/ssl-params.conf;
# nginx hardening — suppress 401 and 403 messages
error_page 401 403 404 /404.html;
location / {
proxy_pass http://localhost:8080/guacamole/;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
access_log off;
}
}
I already have a post about LetsEncrypt and NGINX and I use Guacamole as an example but this is useful for the comments section too.
Hi Chase,
Can you Help on that i have to enable SSL in my link
Like: https://server
Thanks for this great script!
I only ran into this small issue: after running the chmod command, executing the script throws an error “/bin/bash^M: bad interpreter: No such file or directory”. After checking the file, it looks like it might not have the proper line feed encoding (saved as Windows versus Unix). I found this command, which converted the line feeds to proper Unix encoding: “sed -i -e ‘s/r$//’ guac-install.sh”.
Once that was sorted, the install went perfectly!
Thanks for letting me know! It is because of the encoding. Ill update. For future reference you can use dos2unix to fix that.
Hi There,
I’m trying this on my Ubuntu box but it seems to be failing & giving me this message, do you know what this might be at all?
ERROR 1045 (28000): Access denied for user ‘root’@’localhost’ (using password: YES)
I think I figured it already, i tried this twice & changed the password, the original password is letting me in.
Thanks
I could not connect to guacamole after running this script. I fixed this by running the following command:
sudo ufw allow 8080/tcp
Hey Chase,
Awesome script, I just made two minor changes.
I did a fresh install of Ubuntu 16.04 desktop as a virtual box then I went to your blog with firefox, and also opened a terminal window
I cut and paste the following in the terminal window.
sudo apt install dos2unix
wget https://raw.githubusercontent.com/MysticRyuujin/guac-install/master/guac-install.sh
chmod +x guac-install.sh
dos2unix guac-install.sh
sudo ./guac-install.sh
it was awsome. I went to the http://localhost:8080/guacamole and everything worked. thanks for the awesome script. I just need to add a ssl cert and change the website to be the default.
Thank you !
Hi, i cant connec to the web interface, it show bad login….
How can i change user & password for this one?
Thx
The default username and password for guacamole is “guacadmin” try that.
I already try this, but it goes wrong.
How can i change login & password?
If guacadmin/guacadmin doesn’t work then you didn’t follow the tutorial correctly. Try again, or go to the guacamole forms.
Do you have please some webpage that explain also
the settings of VNC o RDP in order to use the guacamole ?
Thanks in advance
Guacamole isn’t an RDP or VNC Server, it’s a client. So if you’re trying to connect to a Linux or Mac system it will need a VNC server installed and configured on it. Windows Home version doesn’t allow RDP connections TO them but the rest of the versions do, assuming you set it to be allowed and allow it in Windows Firewall (if turned on). As far as Guacamole goes you just need to go to the settings by clicking on the top right, go to the connections tab, click New Connection. Then just configure it as needed…For a Windows RDP session fill in the Name of the computer, change the protocol to RDP, enter the hostname (or IP), enter the username, password, and domain (if you’re not on a domain leave it blank, if that doesn’t work enter the computer name in this field), set security mode to NLA, then click “Ignore server certificate”…that’s all that is required.
Thanks for the answer.
What i need is to configura a RDP connection in order to connect a VM make it using KWM
with windows7 (ultimate)
So I need to configure the RPD protocol
I still not understand if guacamole need a RDP server or RDP client in order to connect
to windows 7
I find on net the xrdp, the freedrp the freerdpx11 and the xfreerdp …witch one is the best
in my case ?
Thanks a lot again
Denis
Anybody have the guacd.conf file there ? I think I have missing something
Thanks in advance
Denis
I too have this issue….where’s guacd.conf?
I Just saw this and was wondering if I set up guacamole on a Linux PC, can it be configured to allow a remote user to log in if I don’t know their host name or IP address? I’m looking to provide PC support to Windows users using my Linux box and seeing their screens so I can provide accurate instructions. I’d like to be able to remotely access their screen without them being able to access mine. I provide support for 3 friends but don’t drive any longer, and would like to provide support similar to webex taking over the customer’s screen.
No, you’re better off with TeamViewer.
Hey, Chase,
good instructions and a script to work out all well and start the server.
But I have a few problems.
1. When trying to connect on port 3389 (RDP), you receive the error “An error occurred on the server” in the interface of speaking that, with all the logs approx.
2. After an attempt at connection port 5900, there is the same error as with the RDP, with ssh connects perfectly.
logs:
23:57:13.477 [http-nio-8080-exec-10] INFO o.g.g.net.basic.TunnelRequestService – User “admin” connected to connection “3”.
23:57:13.626 [http-nio-8080-exec-3] INFO o.g.g.net.basic.TunnelRequestService – User “admin” disconnected from connection “3”. Duration: 149 milliseconds
There is a connection attempt and reset …
While I can’t help you diagnose your RDP issues in detail here are a few key points:
#1. RDP only works on Windows Pro versions are higher, not Home. You can RDP FROM a Home version but not TO a home version.
#2. You must enable remote desktop on the system you’re trying to connect to.
#3. You must ensure that the firewall is allowing the RDP connection on the remote system.
#4. You must ensure that the username and password you are using is allowed to remote to that system.
#5. If you are using Network Level Authentication, you should probably tell Guacamole to ignore the certificate (unless of course you actually have a certificate trust configured in your network).
I would like to add to your information.
You can RDP to a Home version, but you have to install RDPWrap (https://github.com/stascorp/rdpwrap)
Guacamole is very finicky with RDP configs. Here’s a few config scenarios I have working
RDP with NLA enabled on the Target Win 10:
Security Mode: NLA, Check Ignore Certificates, Fill out Username and Password fields
RDP with no NLA on Win 10 no credentials pre-entered:
Security Mode: TLS Encryption, Ignore Certificates, Fill out Username field, i.e. “Enter Username”
RDP with no NLA on Win 10 with credentials pre-entered:
Security Mode: Any Encryption, Ignore Certificates, Fill out Username field, and Password Field
Thanks for all your work making this install easy Chase!!
Did you open those ports on ubuntu firewall?
sudo ufw permit 3389
Etc
As the connection is outgoing this shouldn’t be required unless you’ve altered the standard installation. Unless there’s something I don’t know about the Desktop version (I use Server)?
thanks, Chase, RDP is working now. But VNC can’t start session. i see error in browser.
CONNECTION ERROR”
An error occurred on the server, Remote Desktop and the connection was closed. Please try again later or contact your administrator.”
guacadmin password not working on a fresh install.
Freshly build Ubuntu 16.04 LTS with only SSH/SAMBA/Utilities
Installed Webmin
Applied updates/upgrades
Ran each line in script as SUDO SU.
Changed password where instructed.
Guacamole 0.9.9 loads, but guacadmin/guacadmin does not allow me to connect.
Any pointers/suggestions/etc appreciated
Not sure why, but curl was not installed on my base ubuntu 16.04 container. Added curl to the initial list of the installed packages and the script worked fine again.
That’s strange but I’d added wget and curl to the apt-get list just in case. Thanks.
Hello,
I had also problem with the white blank screen with Ubuntu 16.04. I looked MySQL logs and there was an error about SSL. This is a similar problem http://stackoverflow.com/questions/34189756/warning-about-ssl-connection-when-connecting-to-mysql-database
I googled for some time, but after awhile decided to try installing PostgreSQL and Guacamole started working. I used this article’s instructions otherwise except installing PostgreSQL. Here’s how I installed PostgreSQL:
# Download PostgreSQL driver
wget https://jdbc.postgresql.org/download/postgresql-9.4.1212.jar
cp postgresql-9.4.1212.jar /etc/guacamole/lib/
# Download PostgreSQL authentication extension and extract it
wget http://www-us.apache.org/dist/incubator/guacamole/0.9.10-incubating/binary/guacamole-auth-jdbc-0.9.10-incubating.tar.gz
tar -xzf guacamole-auth-jdbc-0.9.10-incubating.tar.gz
cp guacamole-auth-jdbc-postgresql-0.9.10-incubating.jar /etc/guacamole/extensions/
# Make database
sudo su – postgres
createdb guacamole_db
# Populate the database
cd guacamole-auth-jdbc-0.9.10-incubating/postgresql/
cat schema/*.sql | psql -d guacamole_db -f –
# Create database user
$ psql -d guacamole_db
guacamole=# CREATE USER guacamole_user WITH PASSWORD ‘some_password’;
CREATE ROLE
guacamole=# GRANT SELECT,INSERT,UPDATE,DELETE ON ALL TABLES IN SCHEMA public TO guacamole_user;
GRANT
guacamole=# GRANT SELECT,USAGE ON ALL SEQUENCES IN SCHEMA public TO guacamole_user;
GRANT
guacamole=# q
exit
# I got error “PostgreSQL server: FATAL: no pg_hba.conf entry for host” and fixed it by adding line below to end of file /etc/postgresql/9.5/main/pg_hba.conf
host all all 0.0.0.0/0 md5
# guacamole.properties configuration
postgresql-hostname: localhost
postgresql-port: 5432
postgresql-database: guacamole_db
postgresql-username: guacamole_user
postgresql-password: some_password
Just wanted to post a thank you for this. I just ran through this guide front to back and it worked flawlessly.
I wanted to add the steps I took to get the server to listen on port 80.
1. Make sure “authbind” is installed.
2. Edit the “/etc/default/tomcat8” file and un-comment the “AUTHBIND=no” and change it to yes.
3. Then run the following commands.
“sudo touch /etc/authbind/byport/80”
“sudo chmod 500 /etc/authbind/byport/80”
“sudo chown tomcat8 /etc/authbind/byport/80”
4. Restart services.
Great Work. Thnx 🙂
Hi@all,
I have installed tomcat and guacamole with the script on a fresh ubuntu 1604 with just a public IP. Tomcat and guacamole was accessable over publicip:8080 immediately after installation. Unfortunately tomcat stopped working after reboot and I can’t figure out why. I have tried to chande port to 80 and also tried to bind it to ipv4 only. But everythimg without sucess.
Any idea why this could happan?
I’m having the same issue. Did you find a resolution?
I think it is because of the new version of guacamole. The script is trying to copy some stuff for 0.9.10 but the version that is installed automaticaly is 0.9.11
What? The latest RELEASE of Guacamole as of right now is 0.9.10, nothing in my script is targeting 0.9.11 and nothing is installed “automatically” related to Guacamole. Unless you are modifying my script or the components related to it (E.G. Trying to make Tomcat listen on port 80), it works just fine.
You are surely right. I have tried so much different things, to solve the problem that I once also tried to install guacamole with “git clone https://github.com/apache/incubator-guacamole-server” and this installs the 0.9.11 version.
My mistake.
Unfortunately I have no solution for the “after reboot tomcat do not work” problem.
It’s guessing it’s because you’ve set Tomcat to listen on Port 80 and it cannot do that without extra permissions. Set Tomcat back to 8080 and see if it auto starts. Your problem with Tomcat has nothing to do with Guacamole or this script, your problem is that Tomcat doesn’t auto start, google that. I’m guessing everything works if you start tomcat manually with root permissions because root has permissions to listed on ports below 1023.
Well actually it does not help to try to start tomcat manualy with “sudo /etc/init.d/tomcat start” or “restart”. The system is showing that tomcat is running, but it is not accessable.
Thanks Chase for this script and instructions. The script worked very well for me and saved a lot of time. I really appreciate it and like to wish my best for your future works.
Great script but am having issues with Guacamole on Raspberry Pi. Am able to login w/guacadmin until I create a user and RDP connection. Then admin and user connections times out. just after login. Guacd status indicates ” Error connecting to RDP server” . Also failed to load guac
Script runs to completion with only one error. /usr/lib/x86_64-linux-gnu/freerdp is not created . Manually created and created link to /usr/local/lib/freerdp/ also created link to /usr/lib/arm-linux-gnueabihf/freerdp/. Questions : Where is guacd looking for “RDP” server? Are script mods required for RPI?
Using Ubuntu-mate 16.04 updated/upgraded on Raspberry Pi
Thanks
Please see previous comment answers about RDP. E.G. Have you verified that RDP is working on the client you’re trying to connect to in the first place? Have you set the security mode correctly? Etc.
Thanks Mr Chase for this script and instructions. The script worked very well for me and saved a lot of time. I really appreciate it and like to wish my best for your future works.
Was able to get Guacamole working on both a RPI3 and Intel Core Dual using scripts. Learned a couple of lessons in the process.
1) Minimum fields for a RDP connection: connection name, Hostname, Port, username, password, security mode (ANY), ignore server certificate checked
2) If Home button does not appear on failed connection for admin user, server can be recovered by entering mysql and deleting offending row from guacamole_connection table. (Suggest developers add * to indicate required fields.)
3) RPI3 w/ Ubuntu-Mate worked but slower than Core Dual and was not satisfactory for video over local connections.
Reynold
Port is not required if default and security mode is dependent on Windows settings. Ignore Server Certificate should always be checked UNLESS you actually have a Certificate Authority with appropriate client/server setup.
I use guacamole to access servers that host business applications, users access these applications through the browser using guacamole per base. We basically use windows server 2012r2 for RDS. Version 0.99 had the numlock key bug and did not allow paste copying through the browser plug-in.
Thinking about it, I waited anxiously for 0.9.10, but when it came, I discovered two bugs that prevented it from being deployed: Printing did not work properly and file copying via the remote drive sometimes failed when files larger than 10mb. About the print was easy to validate, because the test page print windows no longer worked, the strangest thing is that use the wordpad to test printing normally. Adobe Acrobat did not go, so some company applications did not work for printing and others did.
Have you checked if this happens in your environment?
I tested it with ubuntu 16.04 / 14.04 / 15.10 and nothing. Same problem.
I followed your scheme both using the full script version and using step by step to the older versions of Ubuntu.
Please help me. I need to update my environment because of the numlock bug and the copy + paste of 0.9.10.
If you go check out the official website and click on JIRA you can track the progress of the printing bugs. I believe it is scheduled to be fixed in 0.9.12, if you need support immediately you’ll probably have to build from github source which I have not attempted.
I tried this (build from source), but without success.
In your ambient this error occur to?
You can try to simulate the error for me?
Try to print a self-test page with a printer of guacamole.
Hi Chase,
Your guide is very well writted! Thanks a lot for your efforts.
I have one problem on guacamole and tried a lot of things but nothing worked.
The printing doesn´t work well on guacamole 0.9.10. If I print a self test page doesn´t print. But in wordpad is ok. Acrobat reader doesn´t work.
Awesome work. Have you developed any automation around reverse proxying port 80 to 8080/guacamole to help with more locked down environments?
I have another blog post about Let’s Encrypt and NGINX. In it I reverse proxy Guacamole. You can use that as a starting point.
It was working fine; I updated my ubuntu to 16.04.1 and it doesn’t work no more. How can I uninstall it and reinstall it
I guess it depends on how you installed it originally? Probably broken dependencies? Try running the “apt-get -y install” command and see if new dependencies are installed. If they are it’s a good indication that you need to re-build the guacamole-server, following the instructions to do the ./configure, make, and make install should overwrite your old install on the server side. The client side is just the .war file so there shouldn’t be any problem there…but double check that tomcat8 is installed and working and ensure that your authentication method is working, if using mysql verify it’s still up and running…
Hello,
Thanks a lot for your script !
I’m a newbie with TomCat …so after the installation script, it’s only say “it’s work” on myip:8080 ,
what is the port to use guacamole ?
Thanks a lot
/guacamole/
This is great stuff. Using your instructions I have nginx with let’s enrypt pointing to my guac server using mysql and duo. 2FA Sweet!
Thanks so much!
Hello! Great script, thank you! But what about to enable default ssl encryption, like here https://sourceforge.net/projects/guacamoleinstallscript/ ?
The intent of my script is to get Guacamole installed and working, not to provide customization to the install. I do have instructions on getting NGINX to reverse proxy, which in my opinion is a much more elegant and flexible solution. NGINX is also supported directly via Guacamole’s documentation.
Hello,
Thanks a lot for your script !
everything is now ok (I “RTFM” between my last mail and this one 😉 …)
Thanks for the great install script having one issue. Trying to create the MS-SQL user and I’m getting an error.
Command:
create user ‘guacamole_user’@’%’ identified by ‘PASSWORD’;
Error:
ERROR 1396 (HY000): Operation CREATE USER failed for ‘guacamole_user’@’%’
Not sure why.
Sorry it should be localhost not %, % is for the Docker Version, I updated incorrectly. Try it now. Also, if you don’t want to use MySQL then don’t…authentication can be controlled via the guacamole.properties file
Thanks for the update but I still get an error. I substitute my password
create user ‘guacamole_user’@’localhost’ identified by ‘PASSWORD’;
ERROR 1396 (HY000): Operation CREATE USER failed for ‘guacamole_user’@’localhost’
User already exist?
I don’t think so because the next line has be grant permissions to the user and that fails claiming no user.
mysql -u root -pPASSORD
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 7
Server version: 5.7.17-0ubuntu0.16.04.1 (Ubuntu)
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type ‘help;’ or ‘h’ for help. Type ‘c’ to clear the current input statement.
mysql> create database guacamole_db;
ERROR 1007 (HY000): Can’t create database ‘guacamole_db’; database exists
mysql> create user ‘guacamole_user’@’localhost’ identified by ‘PASSWORD’;
ERROR 1396 (HY000): Operation CREATE USER failed for ‘guacamole_user’@’localhost’
mysql> GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole_db.* TO ‘guacamole_user’@’localhost’;
Query OK, 0 rows affected (0.00 sec)
In the interest of full disclosure. I’ll admit that I’m not a genius at the CLI in linux (Ubuntu Server in this case). I will say that running:
“wget https://raw.githubusercontent.com/MysticRyuujin/guac-install/master/guac-install.sh && chmod +x guac-install.sh && apt-get -y install dos2unix && dos2unix guac-install.sh && ./guac-install.sh”
Gets me a server that works and I can login with guacadmin/guacadmin. But I’m trying to understand more about how the MY-SQL part works.
Thanks,
Doug
This isn’t a troubleshooting forum. Your output shows that you’ve already ran the commands…to see if a user exists use:
SELECT User FROM mysql.user;
I understand, but I’m a little confused as to what purpose the portion of your original post serves from the “This is where you will want to change “PASSWORD”” on down.
Thanks for you help,
Doug
OK so starting above that with:
# Configure guacamole.properties
guacamole.properties is what controls authentication and other aspects of the guacamole client. The entire point of modifying that file is to tell guacamole where/how to authenticate. In that I’m telling guacamole to use MySQL, connect to the local database “guacamole_db” with the username “guacamole_user” and the password “PASSWORD”
If you don’t want to use MySQL you can ignore all 5 lines that are echo’d into the guacamole.properties file, just do the rm and ls commands and restart tomcat and you’re kind of done with the exception that you still need to edit guacamole.properties in whatever manner you want…to which my only recommendation is to read the manual from the website.
I’m having the same blank page problem and I just don’t know what to do…
im getting the same problem…here is the log of tomcat8
http://pastebin.com/HEDMdLgj
16:26:35.149 [http-nio-8097-exec-4] DEBUG o.a.i.t.jdbc.JdbcTransaction – Opening JDBC Connection
16:26:35.417 [http-nio-8097-exec-4] ERROR o.a.g.rest.RESTExceptionWrapper – Unexpected internal error:
### Error querying database. Cause: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure
Looks like you’re having issues with your MySQL instance OR the connector
yeah, but i dont know how to fix it…all i get is a white page as well
It works when i use user-mapping.xml.
All the files are in there proper location
mysql-connector-java-5.1.40-bin.jar is in /etc/guacamole/lib
guacamole-auth-jdbc-mysql-0.9.11-incubating.jar is in /etc/guacamole/extensions
I recreated the DB and user and made sure the password matches the guacamole.properties file
my mysql is :
Server: Localhost via UNIX socket
Server type: MariaDB
Server version: 10.1.20-MariaDB-1~xenial – mariadb.org binary distribution
Protocol version: 10
User: root@localhost
Server charset: UTF-8 Unicode (utf8)
This part is important as well:
cat guacamole-auth-jdbc-0.9.11-incubating/mysql/schema/*.sql | mysql -u root -pMYSQLROOTPASSWORD guacamole_dbThat ensures that the shema is installed into the database. Just creating the database isn’t enough, you must populate it with the required tables, which that command does.
cat guacamole-auth-jdbc-0.9.11-incubating/mysql/schema/*.sql | mysql -u root -pMYSQLROOTPASSWORD guacamole_db
was done as well
https://snag.gy/Epv7k5.jpg
figured it out…it was the bind in my.cnf
it needed to be 127.0.0.1 or 0.0.0.0
Command “systemctl enable guacd” seems not working:
“guacd.service is not a native service, redirecting to systemd-sysv-install
Executing /lib/systemd/systemd-sysv-install enable guacd”
I did “service guacd start”t o offset this problem.
Hey Chase this is super helpful and I followed the instructions with great success.
Do you know of a way to customize the logo on guacamole login?
That question has been asked & answered many times on the guacamole email alias. You shoul go sesrch thru those
Thanks @brian. By email alias do you mean email list? I found this link: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/ is there anywhere else I should (also) be looking? Thanks!
Yes
Hi all,
Great tutorial Chase!
I was wondering if anyone could help me!
I´m trying to connect using RDP. I´ve already changed the authentication methods in my win7, I´m not using NLA, and in my guacamole I ´ve tried all types of authentication (none, any, rdp, nla), but I still receive the same message in syslog:
Mar 29 17:54:01 guacamole-server guacd[1352]: Creating new client for protocol “rdp”
Mar 29 17:54:01 guacamole-server guacd[1352]: Connection ID is “$6eab2d7b-7a12-494e-b809-a2346ab47916”
Mar 29 17:54:01 guacamole-server guacd[1628]: Security mode: RDP
Mar 29 17:54:01 guacamole-server guacd[1628]: Resize method: none
Mar 29 17:54:01 guacamole-server guacd[1628]: User “@c9cf4158-c4a4-4f71-a92d-fcde39d7bfd0” joined connection “$6eab2d7b-7a12-494e-b809-a2346ab47916” (1 users now present)
Mar 29 17:54:01 guacamole-server guacd[1628]: Loading keymap “base”
Mar 29 17:54:01 guacamole-server guacd[1628]: Loading keymap “en-us-qwerty”
Mar 29 17:54:02 guacamole-server kernel: [ 204.693118] traps: guacd[1642] general protection ip:7f5ee7875c69 sp:7f5ee5f8bc98 error:0 in libguac.so.5.0.0[7f5ee7871000+d000]
Mar 29 17:54:02 guacamole-server guacd[1352]: Connection “$6eab2d7b-7a12-494e-b809-a2346ab47916” removed.
and in catalina.out:
17:54:01.716 [http-nio-8080-exec-4] INFO o.a.g.tunnel.TunnelRequestService – User “guacadmin” connected to connection “2”.
17:54:03.260 [Thread-4] INFO o.a.g.tunnel.TunnelRequestService – User “guacadmin” disconnected from connection “2”. Duration: 1529 milliseconds
All I can suggest is read all of the RDP related posts already in the thread here and go from there…
I´ve done that already!
Thanks for replying anyway!
After some research I’ve find out what the problem is,
Uninstall whatever package provides “/usr/lib/x86_64-linux-gnu/libguac.so.5”. This lib comes installed from Ubuntu 16.04 distribution’s packages and will not be compatible with the version 0.9.11 that I was trying to build, and will likely conflict.
So I just removed libguac5 package and left libguac12 installed.
This is what I get when I run the script – fresh ubuntu 16.04
Any thoughts?
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now
tar (child): guacamole-auth-jdbc-0.9.11-incubating.tar.gz: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now
./guac-install.sh: line 49: cd: guacamole-server-0.9.11-incubating: No such file or directory
./guac-install.sh: line 50: ./configure: No such file or directory
make: *** No targets specified and no makefile found. Stop.
make: *** No rule to make target ‘install’. Stop.
Failed to execute operation: No such file or directory
mv: cannot stat ‘guacamole-0.9.11-incubating.war’: No such file or directory
cp: cannot stat ‘mysql-connector-java-5.1.41/mysql-connector-java-5.1.41-bin.jar’: No such file or directory
cp: cannot stat ‘guacamole-auth-jdbc-0.9.11-incubating/mysql/guacamole-auth-jdbc-mysql-0.9.11-incubating.jar’: No such file or directory
mysql: [Warning] Using a password on the command line interface can be insecure.
cat: ‘guacamole-auth-jdbc-0.9.11-incubating/mysql/schema/*.sql’: No such file or directory
mysql: [Warning] Using a password on the command line interface can be insecure.
guac@ubuntuguac:~$
“No such file or directory” – Your downloads are failing…
Create script! Is it possible to edit your script and also install Nginx and https?
There is already another script on my blog about configuring NGINX for Guacamole, it includes Let’s Encrypt instructions as well but really
apt-get -y install nginxand then just check out my other post for guidance on how to configure NGINX for Guacamole.Hi Chase,
Thanks for the instructions. There is a project called turnkey linux – Do you think these instructions would work with Debian 8?
Here are some people that were trying to getting a guacamole appliance going.
https://www.turnkeylinux.org/forum/general/20140609/guacamole-91-appliance
You could always try it yourself…
Mr. Wright. Thank you for the great script you wrote. It worked exactly as you explained after a complete emptied and fresh installation of Ubuntu 16.04. Just one little detail but it is maybe even too small to mention.
After the installation (with or without restarting the system) you have to open the client with this link : http://:8080/guacamole/>
Just another little think but not really important too : Some people maybe like the idea of using phpMyAdmin and maybe it is a nice addition to you really awesome script!
Again thank you. It saved a lot of time, and for sure I will use it again. Maybe a bit early but for now please enjoy your weekend!
Hi, if you put the script on github I can improve that for raspberry
https://github.com/MysticRyuujin/guac-install
Thank you!! Will test and report back if its working right!!
Great script and guide.
Got setup in a Hyper-V vm.
Just installed Guac 0.9.11 on our DMZ using MySQL on a machine that is on the corporate LAN. Guacamole communicates with the DB backend through standard Cisco firewall rules.
When we set it up this way there are “backend time outs” written to the logs on the Guac server and the Guac server refuses to take new connections. Both Guac and Tomcat8 need to be rebooted before the application responds. This was also true for 0.9.9.
If the DB is local to the Guac server there are no problems.
Is there something inherent in the Guac code that makes this setup unworkable? Are we missing something?
We have other apps on our DMZ that communicat to DB’s LAN and there are are no issues like this. I don’t think it’s a firewall problem — but it might be.
Hope someone can help.
Thanks
Mark
Sorry for posting my request here. I now see the forum is not meant for troubleshooting,
To the best of my knowledge having a remote MySQL Server is not an issue…but yeah, there are support options available. I mean if there is crazy latency or poor database performance or lots of packet loss then I imagine you’d have issues but “network issues” aside I don’t see why it wouldn’t work.
Hello Chase,
I used your updated script to install Guacamole on a Ubuntu 16.04.1 LTS Mate image on a Raspberry Pi 2. It installed perfectly and works flawlessly.
Thank you very much for all of your efforts!!
I am trying to get this up and running, I ran the following command:
# Get your Preferred Mirror for download from Apache using jq
SERVER=$(curl -s ‘https://www.apache.org/dyn/closer.cgi?as_json=1’ | jq –raw-output ‘.preferred|rtrimstr(“/”)’)
Then when i try to run the commands below to download, I get an error saying scheme missing.
# Download Guacamole Files from Preferred Mirror
wget $SERVER/incubator/guacamole/0.9.12-incubating/source/guacamole-server-0.9.12-incubating.tar.gz
wget $SERVER/incubator/guacamole/0.9.12-incubating/binary/guacamole-0.9.12-incubating.war
wget $SERVER/incubator/guacamole/0.9.12-incubating/binary/guacamole-auth-jdbc-0.9.12-incubating.tar.gz
The script seems to have an issue with this line:
wget https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-${MCJVERSION}.tar.gz
wget return a 404 error. Downloaded the jar separately and added it to /etc/guacamole/lib and restarted guacd and tomcat.
Fixed it. Sorry. I had a space in the variable set at the top of the script. Thanks!
Seems to be another issue:
it doesnt appears to be creating the guacamole directories and isnt accessing the .war or .jar files.
You’re gonna have to be a lot more specific… if you think there’s a problem with the script you can open an issue on github
Thank You!
One question, how can i get audio working over RDP?
For older Guacamole, it worked, but after deploying a new Guacamole, with this script, audio doesnt work.
Hello, Anyone know how to use the new feature “In-browser playback of screen recordings”?
I have the same question. Can someone help, please?
It’s failing on
cat guacamole-auth-jdbc-0.9.13-incubating/mysql/schema/*.sql | mysql -u root -pMYSQLROOTPASSWORD guacamole_db
for me.
Says that the file can’t be found. 🙁
Thanks for this script and guide. Install went smoothly on a fresh Ubuntu 16.04.3 server. I’m able to login as guacadmin and add connections..but none of the connections I’ve tried work. (RDP, SSH).
If I try the RDP or SSH connection, I will just get “CONNECTION ERROR” with error saying…
“An internal error has occurred within the Guacamole server, and the connection has been terminated. If the problem persists, please notify your system administrator, or check your system logs….”
I’ve made sure guacd and tomcat8 are running already. Anyone have any ideas what’s causing the issue? Do I need to install some additional packages?
TIA,
Chris
Well I have no idea what you’re trying to RDP or SSH to? Off the top of my head just make sure you’re configuring the connections correctly, and make sure there are no firewalls blocking the connection from the Guacamole server to your intended targets. For RDP you’ll probably need to tell it to ignore client certificates.
I ended up starting over with a new server and re-ran the install script but used Tomcat 7 instead. (i.e. uncommmented #TOMCAT=”” and changed to TOMCAT=”tomcat7″.
It worked without any issues after using Tomcat 7, and was able to connect to machines via SSH and RDP. Don’t know what the issue was with tomcat 8 but I am happy it’s working with tomcat 7.
Thanks, I’m pretty sure the issue others are having is due to Tomcat8 as well.
Odd. I’m not sure it’s tomcat causing that issue though. I ran this script a few weeks back when it was using Tomcat 8 to make a Guacamole VM. Worked great, but we had issues uploading it to where we wanted to run it from, so today I made a new one on AWS, using the Ubuntu 16.04 LTS server from the AWS Marketplace and I ran into that exact issue mentioned above – “connection error – an internal error has occurred” I had to restart the instance and it was fine afterwards however I’m seeing issues I didn’t see when I had v8. If I add users or connections they don’t show till I logout and back in (refresh doesn’t help). Also now i’m seeing more odd things – I added 3 users and 1 connection. I made an admin user for someone and another for myself and disconnected both of them from the 1 available connection, however when I log in as that admin user it’s still connecting to the RDP connection, but i’m sure it wasn’t doing that an hour ago.
[…] The installation documentation on the official site is comprehensive but I was able to set up the system without too much difficulty thanks to Chase Wright’s post here. […]
I have added 3 users and 1 connection. I made an admin user for someone and another for myself however when I log in as that admin user it’s still connecting to the RDP connection.
This Problem is resolved Thanks Chase it’s great guide
Fantastic instructions, thank you so much.
Just one question, how can we get a UK keyboard layout in Guacamole?
Thanks, Steve
That’s a good question. I don’t know. Maybe ask the developers? I see under the connection options there is a Keyboard Layout dropdown menu but yeah, I don’t see UK as an option.
Hi,
That script not working proper. got error
Failed to download guacamole-server-0.9.13-incubating.tar.gz
I literally just fixed the GitHub / Fully Scripted Version, check it out, I’ll update the website soon.
Instructions Updated, the download location was changed on me 🙂
hi i have a problem connecting to another system after loggin into guacamole it is showing
“An internal error has occured within guacamole server and connection has been terminated” and suggesting to check logs and in
system logs : “Guacamole handshake failed: Timed out”
catalina.out:”org.apache.coyote.AbstractProtocol$AbstractConnectionHandler process
SEVERE: Error reading request, ignored java.lang.NullPointerException at org.apache.guacamole.protocol.GuacamoleInstruction.toString(GuacamoleInstruction.java:121)
andin localhost_access log:getting 500 response for” “POST /guacamole-0.9.13-incubating/tunnel?connect HTTP/1.1″ 500 2753”
iamunable to understand the problem….please help
me too. Trying to find a solution. Missing library or wrong version of a library perhaps?
Hello , i have this error 500 Internal Server Error nginx/1.12.2
Can you help
Well it would suggest you have NGINX installed somewhere in your environment…seeing how this script does not install NGINX, I would start looking there, possibly a misconfiguration in NGINX?
I just tried copy file from local pc to Guacamole remote desktop but it’s not working for me.
Please help Me on that
Fantastic instructions, thank you so much.
Just one question,
how to change http://localhost:8080/guacamole to http://localhost:8080/siswanto
Thanks, siswanto
you can install an apache server and create a redirect from the configuration file
I am getting a blank page on accessing the url. Any ideas?
Tomcat is working fine.
Thank you
Thank you for the awesome script. I installed it perfectly with no issues. After install was complete, and i log in as user: guacadmin password: guacadmin, i created another full privilege administrator account, verified i can log in and delete the default “guacadmin” account created by your script. Again thank you!
Hi Chase,
Thanks for this wonderful script.
Just a request. Can you guide me in doing an install of LDAP authentication extension for users logging in? Currently we have an existing MS AD.
Thanks!
Wow! after a lot of time and banging my head on trying to customize on Centos6, Centos7, and Debian, I finally found this HowTo and man oh man it just works on Debian 8.11 !
Thanks so very much Chase!!!