{{NeedsUpdate}}MessageBox|backgroundcolor = #faa|image =Warning.png|heading =WARNING|message = This is recommended only for advanced users, proceed with caution.}}= What is Guacamole? == [https://guacamole.incubator.apache.org/ Guacamole ] is an HTML5 remote desktop gatewaythat can be installed on Amahi 9 (Fedora 23). This guidance may work with other Amahi versions with some modification.

REF: [http://www.tecmint.com/guacamole-access-remote-linux-windows-machines-via-web-browser/ Setting Up Web-Based Guacamole Tool to Access Remote Linux/Windows Machines] == Installing Install Guacamole on Amahi ==<div style=== Dependencies ==="border: 1px solid #A3B1BF; padding: .8em 1em; background-color: #E6F2FF; margin: 0px 1em;">The following dependencies '''WARNING:''' All commands in this tutorial are included so as to make executed as many features in Guacamole available to the installer<code>root</code> (or precede with <code>sudo</code>).</div>

For Fedora 21 We have created a bash script to make installation simple or lower{{Codeyou can manually install using the guidance below. You '''MUST''' complete the [[Guacamole#Create Amahi Web App|Create Amahi Web App]] step prior to executing the following:Code = $ suPassword wget <nowiki>https: //www.dropbox.com/s/4hadafih8ahuj2n/install-guacamole.sh</nowiki># sudo yum chmod 755 install tomcat gcc cairo-devel libjpegguacamole.sh ./install-devel libpng-devel uuid-devel freerdp-devel pango-devel libssh2-devel libtelnet-devel libvncserver-devel pulseaudio-libs-devel openssl-devel libvorbis-devel libwebp-devel wget}}guacamole.sh

For Do NOT use this script on anything less than Amahi 9 / Fedora 23 or higher{{Codeunless you edit it first to match your systems' requirements. (See [[Guacamole#Install Dependencies|Code = $ suPassword: # sudo dnf install tomcat gcc cairo-devel libjpeg-devel libpng-devel uuid-devel freerdp-devel pango-devel libssh2-devel libtelnet-devel libvncserver-devel pulseaudio-libs-devel openssl-devel libvorbis-devel libwebp-devel wget}}Install Dependencies]] to learn what changes are necessary.)

Some packages may be already included in == Create Amahi Web App ==Login to your Amahi Dashboard and installthe Amahi [https://www.amahi. If this is so Fedora org/ Amahi will skip that packageapps/web-apps Web Apps] plug-in. Ensure you '''enable''' [[Advanced Settings]].

* NoteEdit ''####-guacamole.conf'' in '''/etc/httpd/conf.d''' (replacing #### with the appropriate number): vi /etc/httpd/conf.d/####-guacamole.conf Right below the ''ServerAlias'' line, add the following: ProxyPass / <nowiki>http://localhost: If 8080/guacamole/</nowiki> ProxyPassReverse / <nowiki>http://localhost:8080/guacamole/</nowiki> Again, if you use vi for creating this file, press the <i>Esc</i> key to get back in command mode and <i>:wq</i> to write the changes and quit vi. Restart Apache systemctl restart httpd == Install Dependencies ==Due to the Fedora 23 ''freerdp'' packages being unstable, we must use the CentOS stable version. (Do not do not see the "Webapps" option under "Apps" then this if you need to activate "Advanced Settings" under are installing on Fedora 21 or below) To install, execute the "Settings" tab of your Amahi dashboardfollowing:<pre>wget https://www.dropbox.com/s/p2uc1rcpckky75v/libxkbfile-1.0.8-5.el7.x86_64.rpmwget https://www.dropbox.com/s/0tjm7q93z9pw0hj/freerdp-libs-1.0.2-6.el7_2.1.x86_64.rpmwget https://www.dropbox.com/s/aysml7coehz0hqi/freerdp-devel-1.0.2-6.el7_2.1.x86_64.rpmrpm -Uvh libxkbfile-1.0.8-5.el7.x86_64.rpmrpm -Uvh freerdp-libs-1.0.2-6.el7_2.1.x86_64.rpmrpm -Uvh freerdp-devel-1.0.2-6.el7_2.1.x86_64.rpm</pre>

=== Setting up MySQL Authentication ======= Creating Now install the Database ====Fedora dependencies:In terminalFor Fedora 23 or newer (Fedora 21, run substitute <code>yum</code> for <code>dnf</code> and add <code>freerdp-devel</code> to the following commandlist of dependencies):{{Code|Code = sudo mysql dnf install tomcat gcc cairo-u root devel libjpeg-p}}devel libpng-devel uuid-devel pango-devel \The password requested is the root user password for MySQL on Amahi; In MariaDB enter the following:libssh2-devel libtelnet-devel libvncserver-devel pulseaudio-libs-devel openssl-devel \{{Code|Code = create database guacdb;}}{{Code|Code = create user 'guacuser'@'localhost' identified by 'guac123';}}{{Code|Code = grant select,insert,update,delete on guacdb.* to 'guacuser'@'localhost';}}{{Code|Code = flush privileges;}}{{Code|Code = quit}} libvorbis-devel libwebp-devel dejavu-sans-mono-fonts terminus-fonts terminus-fonts-console

==Configure MySQL Authentication ==== Installing = Install MySQL Authentication Module ====

 {{Code|Code = sudo mkdir -p /var/hda/web-apps/guacamole/sqlauth && cd /var/hda/web-apps/guacamole/sqlauth}}

{{Code|Code = sudo wget <nowiki>http://sourceforge.net/projects/guacamole/files/current/extensions/guacamole-auth-jdbc-0.9.9.tar.gz}}</nowiki>

{{Code|Code = sudo tar -zxf guacamole-auth-jdbc-0.9.9.tar.gz}}

{{Code|Code = sudo wget <nowiki>http://dev.mysql.com/get/Downloads/Connector/j/mysql-connector-java-5.1.38.tar.gz}}</nowiki>

{{Code|Code = sudo tar -zxf mysql-connector-java-5.1.38.tar.gz}}

{{Code|Code = sudo mkdir -p /usr/share/tomcat/.guacamole/{extensions,lib}}}

{{Code|Code = sudo mv guacamole-auth-jdbc-0.9.9/mysql/guacamole-auth-jdbc-mysql-0.9.9.jar /usr/share/tomcat/.guacamole/extensions/}}{{Code|Code = sudo mv mysql-connector-java-5.1.38/mysql-connector-java-5.1.38-bin.jar /usr/share/tomcat/.guacamole/lib/}}

{{Code| Code = sudo systemctl restart mariadb === Create the Database === hda-create-db-and-user guacdb === Configure Database Settings ===Create a directory for the configuration file. mkdir -p /etc/guacamole/ Create a file called "guacamole.properties" in that directory vi /etc/guacamole/guacamole.service}}properties

Press the <i>i</i> key to begin inserting text into the guacamole.properties file and include the following contents: # MySQL properties mysql-hostname: localhost mysql-port: 3306 mysql-database: guacdb mysql-username: guacdb mysql-password: guacdb # Additional settings mysql-default-max-connections-per-user: 0 mysql-default-max-group-connections-per-user: 0 If you use vi for creating this file, press the <i>Esc</i> key to get back in command mode and <i>:wq</i> to write the changes and quit vi. Now create a symbolic link of this file for Tomcat ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat/.guacamole/ ==== Loading Load Guacamole's schema into the MySQL Tables =Data ===

{{Code|Code = cd /var/hda/web-apps/guacamole/sqlauth/guacamole-auth-jdbc-0.9.9/mysql/schema/ }}

sudo cat ./*.sql | mysql -u root uroot -p guacdbThe above is bash code. I have to format it differently to get all of the code to show on this wiki page.

The password requested is ::'''WARNING:''' Please see [[Database Root Password]] for the root user appropriate login password for MySQL.

=== Installing Install Guacamole Server ===

{{Code|Code = cd /var/hda/web-apps/guacamole}}

{{Code|Code = sudo wget <nowiki>https://sourceforge.net/projects/guacamole/files/current/source/guacamole-server-0.9.9.tar.gz}}</nowiki>

{{Code|Code = tar -xzf guacamole-server-0.9.9.tar.gz}}

{{Code|Code = cd guacamole-server-0.9.9/}}

{{Code|Code = sudo ./configure --with-init-dir=/etc/init.d}}{{Code|Code = sudo make}}{{Code|Code = sudo make install}}{{Code|Code = sudo ldconfig}}

=== Installing Install Guacamole Client ===

{{Code| Code = sudo mkdir -p /var/lib/guacamole && cd /var/lib/guacamole/}} 

{{Code| Code = sudo wget <nowiki>http://sourceforge.net/projects/guacamole/files/current/binary/guacamole-0.9.9.war -O guacamole.war}}</nowiki> 

{{Code| Code = sudo ln -s /var/lib/guacamole/guacamole.war /var/lib/tomcat/webapps/}}

=== Guacamole's Configuration File =Update Amahi Web App Files ==Create a Symbolic links between guacamole in Tomcat and Amahi's web app directory for the configuration file. ln -s /var/lib/tomcat/webapps/guacamole/* /var/hda/web-apps/guacamole/html

{{Code| Code = sudo mkdir Make sure the owner of all the file is ''apache'' and the group is ''users''. chown -p R apache:users /etcvar/hda/web-apps/guacamole/}}

Create a file called "guacamole.properties" in that directory{{Code| Code = sudo vi /etc/guacamole/guacamole.properties}}and include the following contents # MySQL properties mysql-hostname: localhost mysql-port: 3306 mysql-database: guacdb mysql-username: guacuser mysql-password: guacDBpass # Additional settings mysql-default-max-connections-per-user: 0 mysql-default-max-group-connections-per-user: 0 Now create a symbolic link of this file for Tomcat{{Code| Code = sudo ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat/.guacamole/}} === Starting Start Guacamole Server ===

{{Code| Code = sudo ​service ​systemctl restart tomcat restart​}}

{{Code| Code = sudo /etc/init.d/guacd start}}

{{Code| Code = sudo chkconfig systemctl enable tomcat on # chkconfig guacd on}} = Log In to Guacamole =You can access the web login screen for Guacamole from computers in the network via '''<nowiki>http://****:8080/guacamole</nowiki>''' (Where the ''****'' is the IP address of your Amahi server). The default user name/password is ''guacadmin''/''guacadmin''. You can change your password by editing your own user in the administration screen. = Access Outside the Network =If you want Guacamole's web interface to be accessible outside of your LAN you will have to forward a random, unused port (1111, for example) to port 8080 in your router.  Then when you access Guacamole from outside your LAN you will need to add ''/guacamole'' to the end of your url. (<nowiki>http://servername.yourhda.com:1111/guacamole</nowiki>). If you do not add ''/guacamole'' to your url, you will see a blank page since you did not specify which application in Tomcat you wanted to access. The safest and most secure method to access Guacamole is using [https://www.amahi.org/apps/openvpn OpenVPN] and an [[OpenVPN_clients|OpenVPN client]] from a smart phone, tablet, or computer. = Making Preset Connections in Guacamole = In Guacamole, an administrative User can create Connections that will be available to Guacamole users. == Enabling RDP in Windows Home and Basic Editions =="Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection." ''1'' If you do not have Windows pro or ultimate versions you have to run a patch that activates RDP. RDP Wrapper Library is an option for enabling RDP features. (Use this at your own risk. Please read RDP Wrapper Library literature and follow directions to install. Any problems are to be addressed with RDP Wrapper Library support.) https://github.com/stascorp/rdpwrap/releases

=== Deploying Guacamole ===To deploy GuacamoleIf you have Windows Professional or Ultimate, you must make two symbolic links: one effectively copying the web application will need to "Allow Remote Access to Your Computer." (now located at /var/lib/guacamole/guacamoleA simple Internet search of this phrase with your Windows version offers many tutorials on this.war) into the directory Tomcat monitors for web application deployment, and the other effectively copying the configuration file, guacamole.properties, into the Tomcat's classpath, such that Guacamole can find it once it runs. This must be done as root:{{Code|Code = # ln -s /var/lib/guacamole/guacamole.war /var/lib/tomcat6/webapps# ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat6/lib}}

Start Below are some VERY basic settings for an RDP connection in Guacamole's service{{Code|Code = service guacd start}}:

Now configure Name: whatever you want to call it (One can put "RDP" within the tomcat6 and guacd services name so as to run automaticallydifferentiate between connections types in the list) Location: ROOT Protocol: RDP

== Configuring Guacamole and Amahi ==Create Symbolic links between guacamole in Tomcat and Amahi Host Name: The fixed IP address of the computer to which you wished to connect. (For example 's webapp directory'192.168.1.10'')

Note: Using RDP, only one device at a time can be logged in under a specific user. If you are logging into a Windows computer by the user "Fred" by RDP using Guacamole, any other device signed in as "Fred" will be logged out. The side effect is that, when using RDP, a technician (using Guacamole) and client (on their Window computer) cannot see the same active desktop simultaneously. As roota workaround, create one can set up a VNC and an RDP connection for each Windows computer.htaccess file in /var/hda/web-apps/guacamole/html{{Code|Code = # vi /var/hda/web-apps/guacamole/html/RDP can be quicker and more fluid so use RDP when working alone and VNC when one needs to see what is currently happening on a Users computer under their account.htaccess}}

This is Special Note: Once settings are in place, users can click on their User Name in the upper right corner and choose "Home" from the text for drop-down menu to return to the home screen and use pre-configured connections.htaccess file: RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule (.*) http://%{HTTP_HOST}:8080/guacamole [R,L]

Make sure == Guacamole VNC Connections to Computers =="In computing, Virtual Network Computing (VNC) is a graphical desktop sharing system that uses the owner of all Remote Frame Buffer protocol (RFB) to remotely control another computer. It transmits the file is apache keyboard and mouse events from one computer to another, relaying the graphical screen updates back in the group is usersother direction, over a network.{{Code|Code = sudo chown -R apache:users /var/hda/web-apps/guacamole}}"''2''

Restart ApacheIn order to connect through Guacamole to a client device by VNC, one needs to install VNC client software on the device and configure it to the user's desired specifications. In this publication, we will use a Windows based client and UltraVNC software, though this is by no means prescriptive for everyone.{{Code| Code ===Guacamole VNC Connections to Windows Computers =======UltraVNC Settings for Windows==== sudo Be sure to install UltraVNC to run as a service httpd restart}}on the client system. Once UltraVNC is installed on the Windows computer, right-click on the system tray icon and choose "Admin Properties" from the menu that comes up. Set the following values:  Display Number or Ports to use: Select Ports and set Main and Http so something specific (e.g. 5904, 5804) Authentication: Set both the VNC Password and the View-Only Password. (Write them down. You will need it later.) Click "OK" and then give permission for the program to make changes to your system. ====Guacamole Settings to Connect to the Windows client====After logging in to Guacamole click on your login name in the upper right . In the drop-down menu choose "Settings." Click on the Connections tab on the settings page. Click the "New Connection" button.  Below are some VERY basic settings for a VNC connection in Guacamole:  Name: whatever you want to call it (One can put "VNC" within the name so as to differentiate between connections types in the list) Location: ROOT Protocol: VNC  Maximum number of connections: 2 Maximum number of connections per user:2

== Logging In Host Name: The fixed IP address of the computer to which you wished to Guacamole ==connect. (For example ''192.168.1.10'')You can access the web login screen for Guacamole from Port: The Main port number which was set in the server at http://127Windows UltraVNC client software (e.0g.05904).1 Password:8080/guacamoleThe VNC Password set earlier in the Windows UltraVNC client software.

From All the other computers in the network you can access Guacamole by http://****:8080/guacamole (Where the "****" is the ip address of your Amahi server)settings are left either blank or as they were.

The default user is "guacadmin"Special Note: Once settings are in place, with users can click on their User Name in the default password of upper right corner and choose "guacadminHome". You can change your password by editing your own user in from the drop-down menu to return to the administration home screenand use pre-configured connections.

With everything configured correctly you should be able to access the web login screen through Amahi at http== References ==''1'' https://guacamoleen.yourhdanamewikipedia.com:8080org/guacamolewiki/Remote_Desktop_Protocol

== Port Forwarding ==If you want Guacamole's web interface to be accessible outside of your LAN you will have to forward a random'2'' Richardson, T.; Stafford-Fraser, Q.; Wood, K. R.; Hopper, unused port A. (1111, for example1998) to port 8080 in your router. Then when you access Guacamole from outside your LAN you will need to add "/guacamoleVirtual network computing" to the end of your url(PDF). (serverblahblahIEEE Internet Computing.yourhda2: 33.comdoi:111110.1109/guacamole) If you do not add "/guacamole" to your url, you will see a blank page since you did not specify which application in Tomcat you wanted to access4236.656066.