Skip to content

Guacamole with MySQL on Ubuntu

DOCKER VERSION HERE

UPGRADE INSTRUCTIONS FROM 0.9.11 HERE

The following will install Guacamole 0.9.12, Tomcat 8, and MySQL for you. All you have to do is pick a MySQL Root Password and change the guacamole_user password.

UPDATE: I tested this with a fresh install of Ubuntu 16.04 LTS. Everything has been updated to latest versions as of February 02, 2017.

If you would like you can download the “fully scripted” version of this like so:

wget https://raw.githubusercontent.com/MysticRyuujin/guac-install/master/guac-install.sh
chmod +x guac-install.sh
apt-get update
apt-get -y install dos2unix
dos2unix guac-install.sh
./guac-install.sh

Additional Credits to Emilio and Alex for the RDP fix(s) in comments section.

#!/bin/bash
# WORKING ON UBUNTU 16.04 WITH GUAC 0.9.12 AND TOMCAT8

#Install Stuff
apt-get -y install build-essential libcairo2-dev libjpeg-turbo8-dev libpng12-dev libossp-uuid-dev libavcodec-dev libavutil-dev libswscale-dev libfreerdp-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libpulse-dev libssl-dev libvorbis-dev libwebp-dev mysql-server mysql-client mysql-common mysql-utilities tomcat8 freerdp ghostscript jq wget curl

# Add GUACAMOLE_HOME to Tomcat8 ENV
echo "" >> /etc/default/tomcat8
echo "# GUACAMOLE EVN VARIABLE" >> /etc/default/tomcat8
echo "GUACAMOLE_HOME=/etc/guacamole" >> /etc/default/tomcat8

# Get your Preferred Mirror for download from Apache using jq
SERVER=$(curl -s 'https://www.apache.org/dyn/closer.cgi?as_json=1' | jq --raw-output '.preferred|rtrimstr("/")')

# Download Guacamole Files from Preferred Mirror
wget $SERVER/incubator/guacamole/0.9.12-incubating/source/guacamole-server-0.9.12-incubating.tar.gz
wget $SERVER/incubator/guacamole/0.9.12-incubating/binary/guacamole-0.9.12-incubating.war
wget $SERVER/incubator/guacamole/0.9.12-incubating/binary/guacamole-auth-jdbc-0.9.12-incubating.tar.gz

# Download MYSQL Connector
wget https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-5.1.41.tar.gz

#Extract Guacamole and MYSQL Connector
tar -xzf guacamole-server-0.9.12-incubating.tar.gz
tar -xzf guacamole-auth-jdbc-0.9.12-incubating.tar.gz
tar -xzf mysql-connector-java-5.1.41.tar.gz

# MAKE DIRECTORIES
mkdir /etc/guacamole
mkdir /etc/guacamole/lib
mkdir /etc/guacamole/extensions

# Install GUACD
cd guacamole-server-0.9.12-incubating
./configure --with-init-dir=/etc/init.d
make
make install
ldconfig
systemctl enable guacd
cd ..

# Move files to correct locations
mv guacamole-0.9.12-incubating.war /etc/guacamole/guacamole.war
ln -s /etc/guacamole/guacamole.war /var/lib/tomcat8/webapps/
ln -s /usr/local/lib/freerdp/* /usr/lib/x86_64-linux-gnu/freerdp/.
cp mysql-connector-java-5.1.41/mysql-connector-java-5.1.41-bin.jar /etc/guacamole/lib/
cp guacamole-auth-jdbc-0.9.12-incubating/mysql/guacamole-auth-jdbc-mysql-0.9.12-incubating.jar /etc/guacamole/extensions/

# Configure guacamole.properties
echo "mysql-hostname: localhost" >> /etc/guacamole/guacamole.properties
echo "mysql-port: 3306" >> /etc/guacamole/guacamole.properties
echo "mysql-database: guacamole_db" >> /etc/guacamole/guacamole.properties
echo "mysql-username: guacamole_user" >> /etc/guacamole/guacamole.properties

This is where you will want to change “PASSWORD”

echo "mysql-password: PASSWORD" >> /etc/guacamole/guacamole.properties
rm -rf /usr/share/tomcat8/.guacamole
ln -s /etc/guacamole /usr/share/tomcat8/.guacamole

# Restart Tomcat Service
service tomcat8 restart

Setup MySQL, change the MYSQLROOTPASSWORD to whatever you set it to and if you change the guacamaole_user password here be sure to go back and change it in /etc/guacamole/guacamole.properties

mysql -u root -pMYSQLROOTPASSWORD
create database guacamole_db;
create user 'guacamole_user'@'localhost' identified by 'PASSWORD';
GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole_db.* TO 'guacamole_user'@'localhost';
flush privileges;
quit

Populate the database you just created. Again, change the MYSQLROOTPASSWORD

cat guacamole-auth-jdbc-0.9.12-incubating/mysql/schema/*.sql | mysql -u root -pMYSQLROOTPASSWORD guacamole_db

Now just log into your guacamole server using the default “guacadmin/guacadmin” and set it up. If you want you can remove all the downloads (cleanup)

# Cleanup Downloads
rm -rf guacamole-*
rm -rf mysql-connector-java-5.1.41*

I recommend that you restart now to make sure everything sticks and works after reboot.

Published inTech

166 Comments

  1. Thanks Mr Chase for this script and instructions. The script worked very well for me and saved a lot of time. I really appreciate it and like to wish my best for your future works.

  2. Great script but am having issues with Guacamole on Raspberry Pi. Am able to login w/guacadmin until I create a user and RDP connection. Then admin and user connections times out. just after login. Guacd status indicates ” Error connecting to RDP server” . Also failed to load guac

    Script runs to completion with only one error. /usr/lib/x86_64-linux-gnu/freerdp is not created . Manually created and created link to /usr/local/lib/freerdp/ also created link to /usr/lib/arm-linux-gnueabihf/freerdp/. Questions : Where is guacd looking for “RDP” server? Are script mods required for RPI?

    Using Ubuntu-mate 16.04 updated/upgraded on Raspberry Pi

    Thanks

    • Chase Chase

      Please see previous comment answers about RDP. E.G. Have you verified that RDP is working on the client you’re trying to connect to in the first place? Have you set the security mode correctly? Etc.

  3. Thanks Chase for this script and instructions. The script worked very well for me and saved a lot of time. I really appreciate it and like to wish my best for your future works.

  4. Andy Andy

    Hi@all,

    I have installed tomcat and guacamole with the script on a fresh ubuntu 1604 with just a public IP. Tomcat and guacamole was accessable over publicip:8080 immediately after installation. Unfortunately tomcat stopped working after reboot and I can’t figure out why. I have tried to chande port to 80 and also tried to bind it to ipv4 only. But everythimg without sucess.

    Any idea why this could happan?

    • Ben Ben

      I’m having the same issue. Did you find a resolution?

      • Andy Andy

        I think it is because of the new version of guacamole. The script is trying to copy some stuff for 0.9.10 but the version that is installed automaticaly is 0.9.11

        • Chase Chase

          What? The latest RELEASE of Guacamole as of right now is 0.9.10, nothing in my script is targeting 0.9.11 and nothing is installed “automatically” related to Guacamole. Unless you are modifying my script or the components related to it (E.G. Trying to make Tomcat listen on port 80), it works just fine.

          • Andy Andy

            You are surely right. I have tried so much different things, to solve the problem that I once also tried to install guacamole with “git clone https://github.com/apache/incubator-guacamole-server” and this installs the 0.9.11 version.

            My mistake.

            Unfortunately I have no solution for the “after reboot tomcat do not work” problem.

          • Chase Chase

            It’s guessing it’s because you’ve set Tomcat to listen on Port 80 and it cannot do that without extra permissions. Set Tomcat back to 8080 and see if it auto starts. Your problem with Tomcat has nothing to do with Guacamole or this script, your problem is that Tomcat doesn’t auto start, google that. I’m guessing everything works if you start tomcat manually with root permissions because root has permissions to listed on ports below 1023.

          • Andy Andy

            Well actually it does not help to try to start tomcat manualy with “sudo /etc/init.d/tomcat start” or “restart”. The system is showing that tomcat is running, but it is not accessable.

  5. Luke Luke

    Great Work. Thnx 🙂

  6. Just wanted to post a thank you for this. I just ran through this guide front to back and it worked flawlessly.

    I wanted to add the steps I took to get the server to listen on port 80.

    1. Make sure “authbind” is installed.
    2. Edit the “/etc/default/tomcat8” file and un-comment the “AUTHBIND=no” and change it to yes.
    3. Then run the following commands.
    “sudo touch /etc/authbind/byport/80”
    “sudo chmod 500 /etc/authbind/byport/80”
    “sudo chown tomcat8 /etc/authbind/byport/80”
    4. Restart services.

  7. Hello,

    I had also problem with the white blank screen with Ubuntu 16.04. I looked MySQL logs and there was an error about SSL. This is a similar problem http://stackoverflow.com/questions/34189756/warning-about-ssl-connection-when-connecting-to-mysql-database

    I googled for some time, but after awhile decided to try installing PostgreSQL and Guacamole started working. I used this article’s instructions otherwise except installing PostgreSQL. Here’s how I installed PostgreSQL:

    # Download PostgreSQL driver
    wget https://jdbc.postgresql.org/download/postgresql-9.4.1212.jar
    cp postgresql-9.4.1212.jar /etc/guacamole/lib/

    # Download PostgreSQL authentication extension and extract it
    wget http://www-us.apache.org/dist/incubator/guacamole/0.9.10-incubating/binary/guacamole-auth-jdbc-0.9.10-incubating.tar.gz
    tar -xzf guacamole-auth-jdbc-0.9.10-incubating.tar.gz
    cp guacamole-auth-jdbc-postgresql-0.9.10-incubating.jar /etc/guacamole/extensions/

    # Make database
    sudo su – postgres
    createdb guacamole_db

    # Populate the database
    cd guacamole-auth-jdbc-0.9.10-incubating/postgresql/
    cat schema/*.sql | psql -d guacamole_db -f –

    # Create database user
    $ psql -d guacamole_db
    guacamole=# CREATE USER guacamole_user WITH PASSWORD ‘some_password’;
    CREATE ROLE
    guacamole=# GRANT SELECT,INSERT,UPDATE,DELETE ON ALL TABLES IN SCHEMA public TO guacamole_user;
    GRANT
    guacamole=# GRANT SELECT,USAGE ON ALL SEQUENCES IN SCHEMA public TO guacamole_user;
    GRANT
    guacamole=# \q
    exit

    # I got error “PostgreSQL server: FATAL: no pg_hba.conf entry for host” and fixed it by adding line below to end of file /etc/postgresql/9.5/main/pg_hba.conf
    host all all 0.0.0.0/0 md5

    # guacamole.properties configuration
    postgresql-hostname: localhost
    postgresql-port: 5432
    postgresql-database: guacamole_db
    postgresql-username: guacamole_user
    postgresql-password: some_password

  8. Brian Nickeson Brian Nickeson

    Not sure why, but curl was not installed on my base ubuntu 16.04 container. Added curl to the initial list of the installed packages and the script worked fine again.

    • Chase Chase

      That’s strange but I’d added wget and curl to the apt-get list just in case. Thanks.

  9. Len Boyer Len Boyer

    guacadmin password not working on a fresh install.
    Freshly build Ubuntu 16.04 LTS with only SSH/SAMBA/Utilities
    Installed Webmin
    Applied updates/upgrades
    Ran each line in script as SUDO SU.
    Changed password where instructed.
    Guacamole 0.9.9 loads, but guacadmin/guacadmin does not allow me to connect.
    Any pointers/suggestions/etc appreciated

  10. jokemas jokemas

    thanks, Chase, RDP is working now. But VNC can’t start session. i see error in browser.
    CONNECTION ERROR”
    An error occurred on the server, Remote Desktop and the connection was closed. Please try again later or contact your administrator.”

  11. Jokemas Jokemas

    Hey, Chase,
    good instructions and a script to work out all well and start the server.
    But I have a few problems.

    1. When trying to connect on port 3389 (RDP), you receive the error “An error occurred on the server” in the interface of speaking that, with all the logs approx.
    2. After an attempt at connection port 5900, there is the same error as with the RDP, with ssh connects perfectly.

    logs:
    23:57:13.477 [http-nio-8080-exec-10] INFO o.g.g.net.basic.TunnelRequestService – User “admin” connected to connection “3”.
    23:57:13.626 [http-nio-8080-exec-3] INFO o.g.g.net.basic.TunnelRequestService – User “admin” disconnected from connection “3”. Duration: 149 milliseconds

    There is a connection attempt and reset …

    • Chase Chase

      While I can’t help you diagnose your RDP issues in detail here are a few key points:
      #1. RDP only works on Windows Pro versions are higher, not Home. You can RDP FROM a Home version but not TO a home version.
      #2. You must enable remote desktop on the system you’re trying to connect to.
      #3. You must ensure that the firewall is allowing the RDP connection on the remote system.
      #4. You must ensure that the username and password you are using is allowed to remote to that system.
      #5. If you are using Network Level Authentication, you should probably tell Guacamole to ignore the certificate (unless of course you actually have a certificate trust configured in your network).

      • honer123 honer123

        I would like to add to your information.

        You can RDP to a Home version, but you have to install RDPWrap (https://github.com/stascorp/rdpwrap)

        Guacamole is very finicky with RDP configs. Here’s a few config scenarios I have working

        RDP with NLA enabled on the Target Win 10:
        Security Mode: NLA, Check Ignore Certificates, Fill out Username and Password fields

        RDP with no NLA on Win 10 no credentials pre-entered:
        Security Mode: TLS Encryption, Ignore Certificates, Fill out Username field, i.e. “Enter Username”

        RDP with no NLA on Win 10 with credentials pre-entered:
        Security Mode: Any Encryption, Ignore Certificates, Fill out Username field, and Password Field

        Thanks for all your work making this install easy Chase!!

    • bmullan bmullan

      Did you open those ports on ubuntu firewall?

      sudo ufw permit 3389
      Etc

      • Chase Chase

        As the connection is outgoing this shouldn’t be required unless you’ve altered the standard installation. Unless there’s something I don’t know about the Desktop version (I use Server)?

  12. Roger Greenlaw Roger Greenlaw

    I Just saw this and was wondering if I set up guacamole on a Linux PC, can it be configured to allow a remote user to log in if I don’t know their host name or IP address? I’m looking to provide PC support to Windows users using my Linux box and seeing their screens so I can provide accurate instructions. I’d like to be able to remotely access their screen without them being able to access mine. I provide support for 3 friends but don’t drive any longer, and would like to provide support similar to webex taking over the customer’s screen.

    • Chase Chase

      No, you’re better off with TeamViewer.

  13. Denis Denis

    Anybody have the guacd.conf file there ? I think I have missing something

    Thanks in advance
    Denis

  14. denis denis

    Thanks for the answer.

    What i need is to configura a RDP connection in order to connect a VM make it using KWM
    with windows7 (ultimate)

    So I need to configure the RPD protocol
    I still not understand if guacamole need a RDP server or RDP client in order to connect
    to windows 7

    I find on net the xrdp, the freedrp the freerdpx11 and the xfreerdp …witch one is the best
    in my case ?

    Thanks a lot again
    Denis

  15. Denis Denis

    Do you have please some webpage that explain also
    the settings of VNC o RDP in order to use the guacamole ?
    Thanks in advance

    • Chase Chase

      Guacamole isn’t an RDP or VNC Server, it’s a client. So if you’re trying to connect to a Linux or Mac system it will need a VNC server installed and configured on it. Windows Home version doesn’t allow RDP connections TO them but the rest of the versions do, assuming you set it to be allowed and allow it in Windows Firewall (if turned on). As far as Guacamole goes you just need to go to the settings by clicking on the top right, go to the connections tab, click New Connection. Then just configure it as needed…For a Windows RDP session fill in the Name of the computer, change the protocol to RDP, enter the hostname (or IP), enter the username, password, and domain (if you’re not on a domain leave it blank, if that doesn’t work enter the computer name in this field), set security mode to NLA, then click “Ignore server certificate”…that’s all that is required.

  16. Loic Loic

    Hi, i cant connec to the web interface, it show bad login….
    How can i change user & password for this one?

    Thx

    • Chase Chase

      The default username and password for guacamole is “guacadmin” try that.

      • Loic Loic

        I already try this, but it goes wrong.

        How can i change login & password?

        • Chase Chase

          If guacadmin/guacadmin doesn’t work then you didn’t follow the tutorial correctly. Try again, or go to the guacamole forms.

  17. David Lawley David Lawley

    Thank you !

  18. John Shotton John Shotton

    Hey Chase,
    Awesome script, I just made two minor changes.

    I did a fresh install of Ubuntu 16.04 desktop as a virtual box then I went to your blog with firefox, and also opened a terminal window

    I cut and paste the following in the terminal window.

    sudo apt install dos2unix

    wget https://raw.githubusercontent.com/MysticRyuujin/guac-install/master/guac-install.sh
    chmod +x guac-install.sh
    dos2unix guac-install.sh
    sudo ./guac-install.sh

    it was awsome. I went to the http://localhost:8080/guacamole and everything worked. thanks for the awesome script. I just need to add a ssl cert and change the website to be the default.

  19. Tony Tony

    I could not connect to guacamole after running this script. I fixed this by running the following command:
    sudo ufw allow 8080/tcp

  20. Alex Alex

    Hi There,

    I’m trying this on my Ubuntu box but it seems to be failing & giving me this message, do you know what this might be at all?

    ERROR 1045 (28000): Access denied for user ‘root’@’localhost’ (using password: YES)

    • Alex Alex

      I think I figured it already, i tried this twice & changed the password, the original password is letting me in.
      Thanks

  21. Moto Nuke Moto Nuke

    Thanks for this great script!
    I only ran into this small issue: after running the chmod command, executing the script throws an error “/bin/bash^M: bad interpreter: No such file or directory”. After checking the file, it looks like it might not have the proper line feed encoding (saved as Windows versus Unix). I found this command, which converted the line feeds to proper Unix encoding: “sed -i -e ‘s/\r$//’ guac-install.sh”.

    Once that was sorted, the install went perfectly!

    • Chase Chase

      Thanks for letting me know! It is because of the encoding. Ill update. For future reference you can use dos2unix to fix that.

  22. John H John H

    Thanks for making such an easy-to-use .SH script. Saves me a LOT of time and effort. Might want to consider putting this on the Guacamole site itself.

    Quick question. I’ve dug around for answers but the Google overlords aren’t finding any answers.

    Whether I’m creating a new group or a new connection, it doesn’t show up in the list. I have to logout and login again before it shows.

    Have you heard of this happening before? I can provide system specs (but needless to say, it’s 16.04.1 updated and using your .SH script).

    • Chase Chase

      John,

      I literally just re-installed this a few days ago and used my own script to do it. I’m not having that problem. I just created a new connection group and it showed up right away.

      Try a different browser? Any extensions blocking anything? Maybe open a ticket with the developers…I don’t know 🙂

      • John Herrick John Herrick

        Well … I just opened my site in a different browser (IE vs Chrome), created a new 2nd Windows connection, and … still not showing up.

        What’s weird is, I decided to use your script at first because my original Guacamole server worked right (new connections would show), but I could never get it to connect. After yours did the same thing, I dug deeper and realized that I hadn’t disabled “proxy_buffering”. Once I did that, the connections worked normally.

        I don’t know what I did with yours. Brand-new Ubuntu 16.04.1 server, all updated, nothing customized. Ran your 0.99 .SH script (oh, I had meant to point out the “sed” thing the guy RIGHT AFTER ME pointed out … but forgot to), and had a Guacamole server. But … unlike my earlier one (I deleted it … idiot), this one isn’t showing new connections until I logout.

        I went digging through the forums, couldn’t find an instance of this. Was kinda’ hoping you’d have an idea (maybe the SQL server part?)

        • Chase Chase

          Are you using a reverse proxy then? Nginx?

          • John Herrick John Herrick

            Yeah I am. I also read that guacamole works really well behind a reverse proxy.

          • Chase Chase

            Try to bypass it, see if behavior changes. I will post my config later when I get a chance.

    • Chase Chase

      server
      {
      listen 443 ssl;
      server_name server.domain.com;
      proxy_buffering off;
      proxy_redirect off;
      proxy_cookie_path /guacamole/ /;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection “upgrade”;
      location /
      {
      proxy_pass http://server.domain.local:8080/guacamole/;
      }
      }

      • John Herrick John Herrick

        Well, that’s odd.

        It suddenly started working … on both sides of the reverse proxy.

        Thanks for the profile, though.

      • Len Boyer Len Boyer

        Would this code help me enable https for mysite.com:8443/guacamole? I am undable to get 8443 to work. It works fine with http:mysite.com:8080/guacamole..

        Could you point me to the correct location?

        Thanks

        • Chase Chase

          Try to un-comment this config section

          Connector port=”8443″ protocol=”org.apache.coyote.http11.Http11NioProtocol”
          maxThreads=”150″ SSLEnabled=”true” scheme=”https” secure=”true”
          clientAuth=”false” sslProtocol=”TLS”

          In /etc/tomcat8/server.xml then restart tomcat service tomcat8 restart I don’t know if that’ll work or not…maybe?

          • Len Boyer Len Boyer

            Thanks Chase, I tried that. When that section is not commented out, my guacd landing page just hangs as if it’s trying to load. however when it is commented out, i get the unable to connect page.

            Is there anything else I should adjust, such as an SSL = true somewhere?

            I appreciate your help on this one.

            Cheers

        • Amit P Amit P

          On most installations, I install nginx or apache and reverse proxy guacd. The reason is because at the time I wanted to use lets encrypt and getting it working with tomcat was an exercise in futility whereas more mainstream web servers will always be easy to use. Perhaps this could be a solution for you also? The nginx config I use is below.

          # Listen 80
          server {
          listen 80 default_server;
          listen [::]:80 default_server;

          server_name guacamoleserver.com;
          #bounce everyone to HTTPS using a 301 redirect
          return 301 https://$server_name$request_uri;
          # Nginx hardening – suppress 401 and 403 messages
          error_page 401 403 404 /404.html;

          root /var/www/html;

          # Add index.php to the list if you are using PHP
          index index.html index.htm index.nginx-debian.html;

          # Proxy guacamole through nginx
          location / {
          proxy_pass http://localhost:8080/guacamole/;
          proxy_buffering off;
          proxy_http_version 1.1;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection $http_connection;
          access_log off;
          }

          }

          server {
          # SSL Configuration
          listen 443 ssl default_server;
          listen [::]:443 ssl default_server;
          include snippets/ssl-guacamoleserver.com.conf;
          include snippets/ssl-params.conf;
          # nginx hardening — suppress 401 and 403 messages
          error_page 401 403 404 /404.html;

          location / {
          proxy_pass http://localhost:8080/guacamole/;
          proxy_buffering off;
          proxy_http_version 1.1;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection $http_connection;
          access_log off;
          }

          }

          • Chase Chase

            I already have a post about LetsEncrypt and NGINX and I use Guacamole as an example but this is useful for the comments section too.

  23. Leonid Leonid

    Hello Chase! Thanks for your useful posting!
    I love guacamole. You article is very helpful for me!

    Now I have some problem.
    I’d like to add some functions to default guacamole app.

    Guacamole says it is possible.

    So could you tell me about it? How can I add?
    for example, I’d like to add useremail fields in guacamole_user table.

    Hope your answers!
    Best regards.
    Leonid

    • Chase Chase

      Leonid, you’d be better off asking on their official forms or searching Google for a similar blog post. This isn’t something I’ve done myself. Sorry.

  24. Alex Alex

    This guide is definitely the best guide to install guacamole on Ubuntu. I just tested today on 16.04 and it works perfectly. There is one problem, following your guide everything will work perfectly except for extra features of RDP (remote sound, remote printing, and remote drive).

    This can be simple fixed by adding the lines to your script

    apt-get install freerdp ghostscript
    ln -s /usr/local/lib/freerdp/* /usr/lib/x86_64-linux-gnu/freerdp/.

    after that everything should work perfectly

  25. Dyon Dyon

    I can confirm above instructions still work for Ubuntu 16.04. I had no problem installing Guacamole on 16.04.
    After installing admin page can be found at http://server-ip:8080/guacamole
    guacadmin account works fine for configuring.

    One comment though:
    For RDP file transfer support I had to copy /usr/local/lib/freerdp/guacsnd-client.so and /usr/local/lib/freerdp/guacdr-client.so to /usr/lib/x86_64-linux-gnu/freerdp

  26. yoshi yoshi

    New question:
    guacamole-server version 0.9.9
    ————————————————

    Library status:

    freerdp …………. yes
    pango …………… yes
    libssh2 …………. yes
    libssl ………….. yes
    libtelnet ……….. yes
    libVNCServer …….. yes
    libvorbis ……….. yes
    libpulse ………… yes
    libwebp …………. yes

    Protocol support:

    RDP ……. yes
    SSH ……. yes
    Telnet …. yes
    VNC ……. yes

    But trought RDP can`t connect.
    OS Ubuntu 14.04
    log:
    17:55:18.914 [http-bio-8080-exec-7] INFO o.g.g.n.b.r.a.AuthenticationService – User “guacadmin” successfully authenticated from 192.168.1.100.
    17:55:27.008 [http-bio-8080-exec-2] ERROR o.g.g.n.b.w.t.GuacamoleWebSocketTunnelServlet – Creation of WebSocket tunnel to guacd failed: End of stream while waiting for “args”.

    Where my error?

  27. yoshi yoshi

    Hi Chase!

    Super Guide!

    Can u help me?

    I can`t login with guacadmin user and guacadmin password – incorrect?
    Why guacadmin incorrect?

    • yoshi yoshi

      i find solution:
      sudo nano /etc/guacamole/guacamole.properties
      auth-provider: net.sourceforge.guacamole.net.auth.mysql.MySQLAuthenticationProvider

  28. sqavenky sqavenky

    Hi Chase,
    Thanks a ton. You saved my day.
    I

  29. Congratulations, this article is really good and clear.

    Would add two details:
    1) Castelluccio Emilio’s comment that really works
    2) the installation of GhostScript package, which enables printing on RDP.

    Greetings and thanks!!!!!

  30. Emilio Castelluccio Emilio Castelluccio

    hi chase,
    to run the file transfer with rdp I added this:
    mkdir / usr / lib / x86_64-linux-gnu / freerdp
    ln -s / usr / local / lib / freerdp / guac * / usr / lib / x86_64-linux-gnu / freerdp /
    perhaps it is worthwhile to upgrade your script
    thanks for giving me life easier … 🙂

    • Pilcheck Pilcheck

      Emilio,
      This symlink line has solved a lot of frustration, thanks!
      For me (Debian 8, Guac 0.9.9) the freerdp dir was already created, but the files were not linked.

  31. suman suman

    hi chase,

    i am following your tutorial, do I need to install freerdp server or xrdp server? it is not mentioned above, I am confused here.

    thanks!

    • Chase Chase

      If you are trying to connect to the server running guacamole then, yeah it needs to run some sort of remote control software. If you are trying to connect to other systems then no, it doesn’t need anything else to work. All dependencies are included to connect to remote systems.

      • suman suman

        hi chase,

        could you give example of what you said of connecting to other system instead of connecting to server running guacamole? i couldn’t figure out what you mean here.

        also, i was following one tutorial of installing guacamole and there it is mentioned to create a symbolic link: sudo ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat7/.guacamole

        this is not done in your case, he used guacamole-0.9.2 and tomcat7 so I guess this is not mandatory, i guess

        thanks!
        suman

        • Brian mullan Brian mullan

          Guacamole is a web proxy. You create a new “connection” for each sever/host you want to connect to and in the connection form menu put the IP address of “that” server. Of course servers you connect to must have VNC, RDP/XRDP installed/configured on them. Then when in guacamole you create a new user… at the bottom of that screen you check which servers “that” user can choose from later. Of course “that” user also needs a valid user acct on any server they want to connect to.

  32. Pete Pete

    Nice work Bharath!

    I got it installed in the end with minor modifications to chase’s script., however I have bookmarked your script page because I know I will end up setting this up again somewhere else. I can appreciate the awkwardness both of you have to overcome to get your scripts working well, so I appreciate and applaud both of you for your efforts and contributions.

    🙂

    • Thanks Pete,

      I noticed earlier on in the thread that you had issues because of special characters in your mysql password. In the event that you do use my script, please enclose the variables in single-quotes if you’re using special characters.
      It’s really nice of Chase to allow me to post links to my own script.

  33. Nice script. I’ve got a similar one on my site for 0.9.9 on Ubuntu 14.04 with Tomcat7. The only differences are that I use debconf-set-properties to pass mysql passwords during install time, and also create the guacamole database inline.

    For Virtual machines, I’ve found that /dev/random can take a long time to create entropy, and can even fail. So you can modify java.securitiy to use /dev/urandom instead.
    http://chari.titanium.ee/script-to-install-guacamole/

    • Chase Chase

      Bharath Chari,

      Without any modification to my Ubuntu 15.10 VM I have this:
      cat /usr/lib/jvm/java-7-openjdk-amd64/jre/lib/security/java.security | egrep securerandom.source=
      securerandom.source=file:/dev/urandom

  34. Pete Pete

    I went back to 14.04 and tomcat7.

    I could not bear NOT having “eth0” as a network interface.

    One issue with this script I have noticed :

    “systemctl enable guacd”

    “systemctl” is not part of ubuntu, it seems.

    I’ll try “update-rc.d guacd defaults” instead

  35. Pete Pete

    Can I add :

    Populate the database you just created. Again, change the MYSQLROOTPASSWORD

    cat guacamole-auth-jdbc-0.9.9/mysql/schema/*.sql | mysql -u root -pMYSQLROOTPASSWORD guacamole_db

    This command needs to be ran from /home/USERNAME

    Also, my password breaks the command due to a charachter in it..

    In my case I have to do :

    Populate the database you just created. Again, change the MYSQLROOTPASSWORD

    cat guacamole-auth-jdbc-0.9.9/mysql/schema/*.sql | mysql -u root -p guacamole_db

    Then it will ask me for a password. 🙂

  36. Pete Pete

    Hi there!

    For some reason, apt can’t find tomcat 8.

    What sources do you have defined for ubuntu?

    Cheers!

    • Chase Chase

      I have not modified anything for apt… This should work from a fresh install of Ubuntu. There is no space in the package name. “apt-get -y install tomcat8”

    • bmullan bmullan

      @Pete

      What Tomcat your distro has depends on Distro & on what release of the Distro.

      In older Ubuntu it was Tomcat7
      In newer Ubuntu it is now Tomcat8

      Check your distro to see which it has as its default in its repositories.

      • Pete Pete

        Just spotted on google that this article used to say Ubuntu 15.10 in the title?

        That explains it. I was on 14.04.

        I got it working with tomcat7, however had some other issues with Ubuntu.

        I’ve flattened the lot, and am installing 15.10 now.

        Cheers! 😀

  37. Jdoe Jdoe

    I followed the instructions and I am also having the same issue with the white screen and the FAVICON loading.

    What I did notice is that if I comment out GUACAMOLE_HOME in the /etc/default/tomcat8 file then I get the proper login prompt but I can’t log into the site.

    So this seems to be the issue.

    I checked the permissions and they are working properly as is MySQL. GuacD is running properly also.

    Thanks.

  38. olegkrutov olegkrutov

    BTW, if after restart tomcat you have a loooooong wait time with “awaiting connection…” and white empty screen, that can be caused by entropy pool low watermark issues (google “tomcat entropy”) so tomcat will be blocked until entropy pool will be ready (in non-user-interactive systems that can take up to tens of minutes!) HAVEGED can help as one of workarounds (and no, I do not know is there security flaws or entropy quality worse or better with that):

    $~ sudo apt-get install haveged

    • Instead of installing haveged you can get Java to use /dev/urandom instead, but adding this line to java.security (usually found in a path similar to this : /usr/lib/jvm/java-7-openjdk-i386/jre/lib/security/java.security).
      securerandom.source=file:/dev/./urandom

  39. bmullan bmullan

    I guess I’ll add my name those that have installed using the above and ended up with a white screen when I try to get to the guacamole server with my browser.

    Any ideas?

    • Matthias Matthias

      Thanks for the great tutorial.
      I had the same problem, but found out that I forgot this:
      root@debian:~# cat guacamole-auth-jdbc-0.9.7/mysql/schema/*.sql | mysql -u root -pMYSQLROOTPASSWORD guacamole_db
      Remember to replace ‘MYSQLROOTPASSWORD’ by the actual password you created for the root user.

    • c121812 c121812

      i had the same issue once and the solution was to add the \ at the end of the url like guacamole\

  40. Great article Chase, however I have one issue.

    I didnt want to use the default guacadmin account so I created a new Guac user in the web-app itself. I gave the user full permissions and then tried using the connection I originally setup with Guacadmin, I get a “you do not have permission to access this connection” error.
    So the next thing I tried was creating a connection under the new account (which I was able to just fine) but I get the same connection permission error. It almost seems like I have full permission to administer the application but not to use any of the connections…

    Any ideas?

    Thanks in advance…

  41. Richard Nightingale Richard Nightingale

    That’s one amazing run through, got it working 1st time. Would love you to do one on how to get LDAP auth working for Active directory, cant figure it out for the life of me.

  42. Steff Steff

    Nice! Just replace 0.9.7 with 0.9.8 to be up to date with Guacamole. I’ll make my setup connected with the AD now …

  43. Arda Savran Arda Savran

    Thanks for the great tutorial. Everything seems to be working fine except file transfer.

    I cannot see a virtual drive on the remote RDP machine. I am able to upload the files on Guacamole by drag/drop but that’s it. I cannot locate the files on the remote machine. I see the following in my logs:

    guacd[1435]: INFO: Guacamole proxy daemon (guacd) version 0.9.7 started
    guacd[1435]: DEBUG: Unable to bind socket to host ::1, port 4822: Address family not supported by protocol
    guacd[1435]: DEBUG: Unable to bind socket to host 127.0.0.1, port 4822: Address already in use
    guacd[1435]: ERROR: Unable to bind socket to any addresses.

    Is this actually supposed to be working if we follow the instructions above? Or maybe some additional steps are required? Please advise.

    • Chase Chase

      You might want to try the new guac 0.9.8 it seems to have a few RDP and file fixes. I’ve never tried file transfer…

      • arda arda

        No luck..I just installed 0.9.8 following your instructions. Everything works except file transfer. Any other ideas?

        • Chase Chase

          Sorry, no. You should open a ticket with the developers.

  44. I just wanted to say thanks! Everything worked like a charm! I’ve looked for the past couple of days for a proper tutorial and yours just worked right off the bat. I had a speed-bump with mysql but checked the tomcat8 logs to find I had misconfigured the user account! Helps when I don’t forget the ; at the end of statements, LoL.

  45. Max Max

    Hello James, Thanks a lot for this very easy Tuto. No error during install, but I am having the same issue than James and Nate : the blank white page with the guacamole icon in the browser tab. GUACAMOLE_HOME=/etc/guacamole is indeed at the bottom of /etc/default/tomcat8 . I tried reinstalling several times on Ubuntu 15.04 instances and can never get past the blank white page. Your help will be appreciated.

    • Chase Chase

      make sure all the correct services are running, mysql, tomcat8, guacd

      Double check the permissions of your files and folders.

      Check the passwords and configurations for the MySQL database.

  46. Nate Nate

    Just wanted to say: Thanks! These are the most straightforward, clear, no-nonsense instructions I’ve seen yet for installing Guacamole on Ubuntu. It works! I’ve been banging away for hours trying to get the guacamole docker images to play nice and finally gave up. Your instructions had me up and running in minutes. Now looking to get SSL/TLS setup on Tomcat8…

    • Nate Nate

      Well… it worked briefly. Now I have the same issue as James: blank white page. The browser spins for a couple minutes then settles on the blank white page with the guacamole icon in the browser tab. GUACAMOLE_HOME=/etc/guacamole is indeed at the bottom of /etc/default/tomcat8 . I tried reinstalling on new Ubuntu server 15.04 instances several times and now can never get past the blank white page. This is actually the same issue I was having with the Guacamole Docker images.

      • Nate Nate

        And.. now it’s back. Didn’t change anything. No idea.

  47. Flavio Flavio

    Have you try make a VNC connection? in 0.9.7 version i’ve never succeed, do you have any solutions?
    In this version is no problem with SSH, Telnet and RDP buat always failed in VNC

    • Chase Chase

      No, I have not tried VNC, I would try getting help on the guacamole forms. The dependencies were installed in this script. Can you VNC directly to the machine using a VNC Client?

      • Flavio Flavio

        If i using guacamole 0.9.4 there is no problem to connect to my VNC server, and i also can connect using VNC client to that server, but if i use guacamole 0.9.7 the connaction always failed, thank you

  48. James James

    Hello Chase, this is awesome easy to follow and did not get any errors during the install however I just get a blank whit screen when I go to http://localhost:8080/guacamole, I do see it is getting there as in the browser I see the guacamole icon but just get a white screen, I have installed this several times to make sure I did not miss something,. Any help would be greatly appreciated?

    • Chase Chase

      Check the /etc/default/tomcat8 file and make sure you have this line at the bottom:
      GUACAMOLE_HOME=/etc/guacamole

      • Joe Meyer Joe Meyer

        Hey Chase, running into the same problem. Did check Tomcat and the last line is indeed:

        GUACAMOLE_HOME=/etc/guacamole

        Any other suggestions?

        Thanks for this guide by the way, very easy to follow for a non-linux user.

    • bmullan bmullan

      did you ever get a reply?

      I have the same problem using this script & instructions (white screen).

      Previously I’ve installed guacamole okay using the website instructions but this didn’t work.

      I see several people have this white screen issue and was hoping to avoid duplicating troubleshooting work if someone can post their solution I’d appreciate it.

      Brian

    • Brian Nickeson Brian Nickeson

      I had the same problem. I fixed it by editing the file /etc/guacamole/guacamole.properties and changed the “mysql-password” to the password I had selected earlier. I then restarted the guacd server with “sudo service guacd restart” and the problem was fixed.

Leave a Reply

Your email address will not be published. Required fields are marked *