Changes

From Amahi Wiki
Jump to: navigation, search

Guacamole (view source)

Revision as of 03:38, 18 June 2017

5,471 bytes added ,  03:38, 18 June 2017
→‎Load Guacamole Data
{{MessageBox|backgroundcolor = #faa|image =Warning.png|heading =WARNING|message =This is recommended only for advanced users, proceed with caution.}}= What is Guacamole? == [https://guacamole.incubator.apache.org/ Guacamole ] is an HTML5 remote desktop gatewaythat can be installed on Amahi 9 (Fedora 23). This guidance may work with other Amahi versions with some modification.
Guacamole provides access to desktop environments using remote desktop protocols like VNC and RDP. A centralized server acts as a tunnel and proxy, allowing access to multiple desktops through a web browser.
No browser plugins are needed, and no client software needs to be installed. The client requires nothing more than a web browser supporting HTML5 and AJAX.
== Installing Guacamole on Amahi ===== Dependencies ===*tomcat6 *libvncserver *freerdp (This is official on the Guacamole siteREF: [http://www. Fedora 14 will not support Freerdp 1tecmint.0 or higher, thus RDP protocol in com/guacamole-access-remote-linux-windows-machines-via-web-browser/ Setting Up Web-Based Guacamole is not available. Leave freerdp out of the code below if you are running Fedora 14.)*libvorbisTool to Access Remote Linux/Windows Machines]
In terminal, = Install Guacamole =<div style="border: 1px solid #A3B1BF; padding: .8em 1em; background-color: #E6F2FF; margin: 0px 1em;">'''WARNING:''' All commands in this tutorial are executed as <code>root, install dependencies </code> (or precede with the following:<code>sudo</code>).</div>
{{Code|
Code = $ su
Password:
# yum install tomcat6 libvncserver freerdp libvorbis
}}
We have created a bash script to make installation simple or you can manually install using the guidance below. You '''MUST''' complete the [[Guacamole#Create Amahi Web App|Create Amahi Web App]] step prior to executing the following: wget <nowiki>https://www.dropbox.com/s/4hadafih8ahuj2n/install-guacamole.sh</nowiki> chmod 755 install-guacamole.sh ./install-guacamole.sh Do NOT use this script on anything less than Amahi 9 / Fedora 23 unless you edit it first to match your systems' requirements. (See [[Guacamole#Install Dependencies|Install Dependencies]] to learn what changes are necessary.) === Preparing Create Amahi =Web App ==Login to your Amahi Dashboard and choose "Set Up" install the Amahi [https://www.amahi.org/apps/web-apps Web Apps] plug-in the upper right.Ensure you '''enable''' [[Advanced Settings]]. 
Now select the "Apps" tab.
Click on "Webapps" and on the page that comes up choose the "New Web App" button at the bottom.
Fill in the name (guacamole) and leave everything else as it is.
Edit ''####-guacamole.conf'' in '''/etc/httpd/conf.d''' (replacing #### with the appropriate number): vi /etc/httpd/conf.d/####-guacamole.conf Right below the ''ServerAlias'' line, add the following: ProxyPass / <nowiki>http://localhost:8080/guacamole/</nowiki> ProxyPassReverse / <nowiki>http://localhost:8080/guacamole/</nowiki> Again, if you use vi for creating this file, press the <i>Esc</i> key to get back in command mode and <i>:wq</i> to write the changes and quit vi. Restart Apache systemctl restart httpd ==Install Dependencies = Downloading =Due to the Fedora 23 ''freerdp'' packages being unstable, we must use the CentOS stable version. (Do not do this if you are installing on Fedora 21 or below) To install, execute the Binary Packages following:<pre>wget https://www.dropbox.com/s/p2uc1rcpckky75v/libxkbfile-1.0.8-5.el7.x86_64.rpmwget https://www.dropbox.com/s/0tjm7q93z9pw0hj/freerdp-libs-1.0.2-6.el7_2.1.x86_64.rpmwget https://www.dropbox.com/s/aysml7coehz0hqi/freerdp-devel-1.0.2-6.el7_2.1.x86_64.rpmrpm -Uvh libxkbfile-1.0.8-5.el7.x86_64.rpmrpm -Uvh freerdp-libs-1.0.2-6.el7_2.1.x86_64.rpmrpm -Uvh freerdp-devel-1.0.2-6.el7_2.1.x86_64.rpm</pre>  Now install the Fedora dependencies:For Fedora 23 or newer (Fedora 21, substitute <code>yum</code> for <code>dnf</code> and add <code>freerdp-devel</code> to the list of dependencies): dnf install tomcat gcc cairo-devel libjpeg-devel libpng-devel uuid-devel pango-devel \ libssh2-devel libtelnet-devel libvncserver-devel pulseaudio-libs-devel openssl-devel \ libvorbis-devel libwebp-devel dejavu-sans-mono-fonts terminus-fonts terminus-fonts-console == Configure MySQL Authentication ===== Install MySQL Authentication Module ===Go to Create a working directory and move there mkdir -p /var/hda/web-apps/guacamole/sqlauth && cd /var/hda/web-apps/guacamole/sqlauth Download Guacamole's authorization module wget <nowiki>http://guacsourceforge.net/projects/guacamole/files/current/extensions/guacamole-auth-jdbc-0.9.9.tar.gz</nowiki> Unpack it tar -zxf guacamole-auth-jdbc-0.9.9.tar.gz Download MySQL and Java Connector wget <nowiki>http://dev.orgmysql.com/get/Downloads/Connector/j/mysql-connector-java-5.1.38.tar.gz</nowiki> Unpack it tar -zxf mysql-connector-java-5.1.38.tar.gz Create directories for the extensions in Tomcat's folders mkdir -p /usr/share/tomcat/.guacamole/{extensions,lib} Move the modules to their respective directories. mv guacamole-auth-jdbc-0.9.9/ mysql/guacamole-auth-jdbc-mysql-0.9.9.jar /usr/share/tomcat/.guacamole/extensions/ mv mysql-connector-java-5.1.38/mysql-connector-java-5.1.38-bin.jar /usr/share/tomcat/.guacamole/lib/  Restart MariaDB systemctl restart mariadb === Create the Database === hda-create-db-and choose from -user guacdb === Configure Database Settings ===Create a directory for the configuration file. mkdir -p /etc/guacamole/ Create a file called "guacamole.properties" in that directory vi /etc/guacamole/guacamole.properties Press the table <i>i</i> key to begin inserting text into the guacamole.properties file and include the binary packages following contents: # MySQL properties mysql-hostname: localhost mysql-port: 3306 mysql-database: guacdb mysql-username: guacdb mysql-password: guacdb # Additional settings mysql-default-max-connections-per-user: 0 mysql-default-max-group-connections-per-user: 0 If you use vi for creating this file, press the <i>Esc</i> key to get back in command mode and <i>:wq</i> to write the changes and quit vi. Now create a symbolic link of this file for Tomcat ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat/.guacamole/ === Load Guacamole Data ===The schema for your systemMySQL was downloaded in the previous process. Just change directories to the files location For cd /var/hda/web-apps/guacamole/sqlauth/guacamole-auth-jdbc-0.9.9/mysql/schema/ and run the following command: cat ./*.sql | mysql -uroot -p guacdb ::'''Fedora 14WARNING:''' Please see [[Database Root Password]] for the appropriate login password. == Install Guacamole Server ==Guacamole uses "guacd", I chose a Guacamole server and a Guacamole Client for users to connect to the '''Fedora 15''' packages and they worked flawlessly"guacd" server. We first install Guacamole Server. Change Directories cd /var/hda/web-apps/guacamole Download Guacamole Server wget <nowiki>https://sourceforge.net/projects/guacamole/files/current/source/guacamole-server-0.9.9.tar.gz</nowiki> Unpackage it tar -xzf guacamole-server-0.9.9.tar.gz
=== Installing Guacamole ===In terminal, change directories Move to where the packages downloaded and execute the following as root:Guacamole source code directory{{Code|Code = # tar -xzf cd guacamole-0.8.0-fedora-15-i386.tar.gz# cd guacamoleserver-0.89.0-fedora-15-i3869/# rpm -i *.rpm}}*Be aware that you may have to adjust the above code to match the file name you downloaded.
=== Setting up MySQL Authentication ======= Making the Directory ====As rootConfigure, create the "classpath" directorymake and install it.{{Code|Code ./configure --with-init-dir= mkdir /varetc/lib/guacamole/classpathinit.d make make install}} ldconfig
==== Installing MySQL Authentication Module ==Install Guacamole Client ==Download the MySQL Authentication ModuleCreate a new directory and move to it.http:/ mkdir -p /sourceforge.netvar/projectslib/guacamole&& cd /files/currentvar/extensionslib/guacamole-auth-mysql-0.8.0.tar.gz/download
Move to the directory containing the download and unpack the downloadDownload Guacamole Client. wget <nowiki>http://sourceforge.net/projects/guacamole/files/current/binary/guacamole-0.9.9.war -O guacamole.war</nowiki>
{{Code|Code = # tar Create a symbolic link of the file for Tomcat. ln -xzf s /var/lib/guacamole/guacamole-auth-mysql-0.8.0.tar.gz}}*Be aware that you may have to adjust the above code to match the file name you downloaded.war /var/lib/tomcat/webapps/
Copy all of the ".jar" files == Update Amahi Web App Files ==Create Symbolic links between guacamole in the /lib of the downloaded file to the classpath Tomcat and Amahi's web app directory you created.{{Code|Code = cp ln -r s /whereevervar/youlib/downloadedtomcat/itwebapps/guacamole-auth-mysql-0.8.0/lib/*.jar /var/libhda/web-apps/guacamole/classpath}}html
You need one more ".jar" Make sure the owner of all the file that is not included (MySQL Connector-J)''apache'' and the group is ''users''. You can get it here: httpchown -R apache:users /var/dev.mysql.comhda/downloads/connector/jweb-apps/guacamole
Move to the directory containing the download and unpack the download== Start Guacamole Server ==Restart Tomcat. ​systemctl restart tomcat
{{Code|Code = # tar -xzf mysql-connector-java-5Start Guacamole Server.1.25.tar.gz}}*Be aware that you may have to adjust the above code to match the file name you downloaded /etc/init.d/guacd start
Configure Guacamole Server to start at boot.
systemctl enable tomcat
chkconfig guacd on
Copy mysql-connector-java-5.1.23-bin.jar = Log In to Guacamole =You can access the classpath directory you created.{{Code|Code = cp -r web login screen for Guacamole from computers in the network via '''<nowiki>http:/whereever/you****:8080/downloadedguacamole</it/mysql-connector-java-5.1nowiki>''' (Where the ''****'' is the IP address of your Amahi server).25/mysql-connector-java-5.1.23-bin.jar /var/lib/guacamole/classpath}}
==== Making the MySQL Tables ====Now we need to create a MySQL Table that Guacamole The default user name/password is ''guacadmin''/''guacadmin''. You can use{{Code|Code = $ mysql -u root -pEnter change your password: default for Amahi is hdamysql> CREATE DATABASE guacamole;Query OK, 1 row affected (0by editing your own user in the administration screen.00 sec)
mysql> CREATE USER 'guacamole'@'localhost' IDENTIFIED BY 'some_password= Access Outside the Network =If you want Guacamole';Query OKs web interface to be accessible outside of your LAN you will have to forward a random, 0 rows affected unused port (01111, for example) to port 8080 in your router.00 sec)
mysql> GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole.* TO Then when you access Guacamole from outside your LAN you will need to add ''/guacamole'@'localhost';Query OK, 0 rows affected to the end of your url. (0<nowiki>http://servername.00 secyourhda.com:1111/guacamole</nowiki>).
mysql> FLUSH PRIVILEGES;Query OKIf you do not add ''/guacamole'' to your url, 0 rows affected (0you will see a blank page since you did not specify which application in Tomcat you wanted to access.02 sec)
mysql> quitBye}}The database safest and user can be named whatever you like, but these instructions will refer most secure method to both as "guacamole"access Guacamole is using [https://www. Naturallyamahi.org/apps/openvpn OpenVPN] and an [[OpenVPN_clients|OpenVPN client]] from a smart phone, you should choose a real password for your user rather than the string "some_password" shown abovetablet, or computer.
==== Running the SQL scripts ===Making Preset Connections in Guacamole =
The SQL scripts In Guacamole, an administrative User can create Connections that create the database schema and default administrator user are included in the guacamole-auth-mysql-0.8.0 archive you downloaded within the schema/ directory. Change directories will be available to the guacamole-auth-mysql-0.8.0 archive.{{Code|Code = cd /whereever/you/downloaded/it/guacamole-auth-mysql-0.8Guacamole users.0/schema}}
The scripts are named such that they can be run == Enabling RDP in order with one command:{{Code|Code Windows Home and Basic Editions == $ cat schema/*.sql | mysql -u root -p guacamoleEnter password: default for Amahi "Remote Desktop Protocol (RDP) is hda$}}a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection." ''1''
==== Configuring Guacamole If you do not have Windows pro or ultimate versions you have to Use MySQL Authentication ====You will need to edit /etc/guacamole/guacamolerun a patch that activates RDP.properties
Start RDP Wrapper Library is an option for enabling RDP features. (Use this at the line "# Hostname your own risk. Please read RDP Wrapper Library literature and port of guacamole proxy" and replace everything below it follow directions to install. Any problems are to be addressed with thisRDP Wrapper Library support.) https://github.com/stascorp/rdpwrap/releases
If you have Windows Professional or Ultimate, you will need to "Allow Remote Access to Your Computer." guacd-hostname: localhost(A simple Internet search of this phrase with your Windows version offers many tutorials on this.) guacd-port: 4822 == Guacamole RDP Connections to Windows Computers == # Auth provider class (authenticates user/pass combination, needed if using After you have login to Guacamole click on your login name in the provided login screen)upper right . authIn the drop-provider: netdown menu choose "Settings.sourceforge" Click on the Connections tab on the settings page.guacamoleClick the "New Connection" button.net.auth.mysql.MySQLAuthenticationProvider Below are some VERY basic-user-mappingsettings for an RDP connection in Guacamole: /etc/guacamole/user-mapping.xml # Location Name: whatever you want to call it (One can put "RDP" within the name so as to read extra .jar's fromdifferentiate between connections types in the list) lib-directoryLocation: /var/lib/guacamole/classpathROOT Protocol: RDP # MySQL properties mysql-hostnameMaximum number of connections: localhost2 mysql-portMaximum number of connections per user: 33062  mysql-databaseHost Name: guacamoleThe fixed IP address of the computer to which you wished to connect. (For example ''192.168.1.10'') All the other settings are left either blank or as they were. Note: Using RDP, only one device at a time can be logged in under a specific user. If you are logging into a Windows computer by the user "Fred" by RDP using Guacamole, any other device signed in as "Fred" will be logged out. mysql-username: guacamoleThe side effect is that, when using RDP, a technician (using Guacamole) and client (on their Window computer) cannot see the same active desktop simultaneously. mysql-password: some_passwordAs a workaround, one can set up a VNC and an RDP connection for each Windows computer. RDP can be quicker and more fluid so use RDP when working alone and VNC when one needs to see what is currently happening on a Users computer under their account.
Use the real password you chose when creating the MySQL database for the Guacamole database Special Note: Once settings are in place of , users can click on their User Name in the string upper right corner and choose "some_passwordHome" as shown abovefrom the drop-down menu to return to the home screen and use pre-configured connections.
Restart Tomcat service== Guacamole VNC Connections to Computers =={{Code|Code = service tomcat6 restart}}"In computing, Virtual Network Computing (VNC) is a graphical desktop sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer. It transmits the keyboard and mouse events from one computer to another, relaying the graphical screen updates back in the other direction, over a network."''2''
The default user is "guacadmin"In order to connect through Guacamole to a client device by VNC, with one needs to install VNC client software on the default password of "guacadmin"device and configure it to the user's desired specifications. You can change your password In this publication, we will use a Windows based client and UltraVNC software, though this is by editing your own user in the administration screenno means prescriptive for everyone.
=== Deploying Guacamole VNC Connections to Windows Computers ===To deploy Guacamole, you must make two symbolic links: one effectively copying ====UltraVNC Settings for Windows====Be sure to install UltraVNC to run as a service on the web application (now located at /var/lib/guacamole/guacamoleclient system.war) into Once UltraVNC is installed on the directory Tomcat monitors for web application deploymentWindows computer, right-click on the system tray icon and choose "Admin Properties" from the other effectively copying the configuration file, guacamolemenu that comes up.properties, into Set the Tomcat's classpath, such that Guacamole can find it once it runs. This must be done as rootfollowing values:{{Code|Code = # ln -s /var/lib/guacamole/guacamole.war /var/lib/tomcat6/webapps# ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat6/lib}}
Restart Tomcat Display Number or Ports to use: Select Ports and set Main and Http so something specific (e.g. 5904, 5804){{Code|Code = service tomcat6 restart}} Authentication: Set both the VNC Password and the View-Only Password. (Write them down. You will need it later.)
Start Guacamole's service{{Code|Code = service guacd start}}Click "OK" and then give permission for the program to make changes to your system.
Now configure ====Guacamole Settings to Connect to the tomcat6 and guacd services Windows client====After logging in to run automaticallyGuacamole click on your login name in the upper right . In the drop-down menu choose "Settings." Click on the Connections tab on the settings page. Click the "New Connection" button.
{{Code|Code = # chkconfig tomcat6 on# # chkconfig guacd on}}Below are some VERY basic settings for a VNC connection in Guacamole:
== Configuring Guacamole and Amahi ==Create Symbolic links Name: whatever you want to call it (One can put "VNC" within the name so as to differentiate between guacamole connections types in Tomcat and Amahi's webapp directorythe list) Location: ROOT Protocol: VNC
{{Code| Maximum number of connections: 2Code = # ln -s /var/lib/tomcat6/webapps/guacamole/admin.xhtml /var/hda/web-apps/guacamole/html# ln -s /var/lib/tomcat6/webapps/guacamole/agpl-3.0-standalone.html /var/hda/web-apps/guacamole/html# ln -s /var/lib/tomcat6/webapps/guacamole/client.xhtml /var/hda/web-apps/guacamole/html# ln -s /var/lib/tomcat6/webapps/guacamole/guacamole-common-js /var/hda/web-apps/guacamole/html# ln -s /var/lib/tomcat6/webapps/guacamole/images /var/hda/web-apps/guacamole/html# ln -s /var/lib/tomcat6/webapps/guacamole/index.xhtml /var/hda/web-apps/guacamole/html# ln -s /var/lib/tomcat6/webapps/guacamole/layouts /var/hda/web-apps/guacamole/html# ln -s /var/lib/tomcat6/webapps/guacamole/META-INF /var/hda/web-apps/guacamole/html# ln -s /var/lib/tomcat6/webapps/guacamole/scripts /var/hda/web-apps/guacamole/html# ln -s /var/lib/tomcat6/webapps/guacamole/styles /var/hda/web-apps/guacamole/html# ln -s /var/lib/tomcat6/webapps/guacamole/WEB-INF /var/hda/web-apps/guacamole/html}} Maximum number of connections per user:2
Create Host Name: The fixed IP address of the computer to which you wished to connect.htaccess file (For example ''192.168.1.10'') Port: The Main port number which was set in /var/hda/web-apps/guacamole/htmlthe Windows UltraVNC client software (e.g. 5904).{{Code|Code = # cd /var/hda/web-apps/guacamole/html# gedit Password: The VNC Password set earlier in the Windows UltraVNC client software.htaccess}}
This is All the text for the .htaccess file: RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule (other settings are left either blank or as they were.*) http://%{HTTP_HOST}:8080/guacamole [R,L]
Make sure Special Note: Once settings are in place, users can click on their User Name in the upper right corner and choose "Home" from the owner of drop-down menu to return to the file is apache home screen and the group is users.{{Code|Code = # chown apache .htaccess# chgrp users use pre-configured connections.htaccess}}
In == References ==''1'' https:/etc/httpden.wikipedia.org/conf.dwiki/####-guacamole.conf, change "AllowOverride AuthConfig" to "AllowOverride FileInfo Limit Options Indexes"Remote_Desktop_Protocol
== Port Forwarding ==If you want Guacamole's web interface to be accessible outside of your LAN you will have to forward a random'2'' Richardson, T.; Stafford-Fraser, Q.; Wood, K. R.; Hopper, unused port A. (1111, for example1998) to port 8080 in your router. Then when you access Guacamole from outside your LAN you will need to add "/guacamoleVirtual network computing" to the end of your url(PDF). (serverblahblahIEEE Internet Computing.yourhda2: 33.comdoi:111110.1109/guacamole) If you do not add "/guacamole" to your url, you will see a blank page since you did not specify which application in Tomcat you wanted to access4236.656066.
Bigfoot65
Trusted, Bureaucrats, Administrators
12,424

edits

Retrieved from "https://wiki.amahi.org/index.php/Special:MobileDiff/70388...108736"