Guacamole 0.3.0 on Ubuntu 10.04
Sometimes in your Linux life, you need to control your servers in the internet with a graphical user interface. This is tedious when you are behind a corporate firewall blocking ssh requests to the public internet. Typical corporate firewalls only allow proxified client access to port 80, 8080 and 443 in the public internet. One way to go is to use a browser to display a Linux desktop. The solution is not, however, to use VNC for a web browser, as it will be blocked by corporate firewalls. The solution is guacamole.
Here is what I did to configure Guacamole on 2011-06-25 using a rackspace server with Ubuntu 10.04 x64:
- install some dependencies
apt-get update apt-get install tomcat6 libvncserver0
- download this package
- unpack it
tar xvzf guacamole-0.3.0-ubuntu-10.04-x86-64.tar.gz
- install the contained software
cd guacamole-0.3.0-ubuntu-10.04-x86-64 dpkg -i *.deb
- put the software to the right place
ln -s /var/lib/guacamole/guacamole.war /var/lib/tomcat6/webapps ln -s /etc/guacamole/guacamole.properties /var/lib/tomcat6/common/classes
- edit /etc/guacamole/user-mapping.xml
<user-mapping> <authorize username="user" password="password"> <protocol>vnc</protocol> <param name="hostname">localhost</param> <param name="port">5901</param> <param name="password">password</param> </authorize> </user-mapping>
- This will allow you to log in as user named user with the password password. A VNC service must be listening on port 5901 configured with the password password.
- install a vnc server
apt-get install tightvncserver
- start the vnc server
- surf to your Linux desktop: http://localhost:8080/guacamole/
Bind it to port 80
Now I want guacamole to be reachable from within a typical corporate network, so I want it to be on port 80. To do this I edit /etc/apache2/sites-enabled/000-default and add a section:
<IfModule mod_proxy.c> <Location /guacamole> ProxyPass http://184.108.40.206:8080/guacamole </Location> </IfModule>
If you are using Apache2 and you have mod_proxy this section will make that any browser request to http://yourserver/guacamole will be served using port 8080 as proxy port.
Get a better desktop environment
If you want to see a desktop environment (rather than gray background), best modify your .vnc/xstartup to be like this:
#!/bin/sh xrdb $HOME/.Xresources xsetroot -solid grey export XKL_XMODMAP_DISABLE=1 gnome-session &
This will start gnome. Several tests have shown KDE will not work. Also, if you use Ubuntu 11.10 or later, the command gnome-session will not start the complete gnome session.