Guacamole + Ubuntu Maverick: Step by step

February 14 2011, 8:48 AM  by Caleb Eggensperger

VNC server

  1. Install a VNC server. I suggest vnc4server.
    sudo apt-get install vnc4server
     
  2. Create the file ~/.vnc/xstartup. Paste in the following (this will set up the x server and start gnome-session to give you your desktop and panels and such):
    #!/bin/sh

    xrdb $home/.xresources
    xsetroot -solid black
    gnome-session &

  3. Start the vnc server. Change the resolution if necessary; this is what I used so it would display nicely on my Cr-48:
    vnc4server -geometry 1260x650 -depth 24
     It will prompt you for a password the first time if you have never run vnc before. You should set one up, especially if you're not firewalling port 5900-5910. Remember what screen it says it has started on for later. It's usually screen 1.

Tomcat

Don't use the version of tomcat in the Ubuntu repos. It is very broken.
  1. Download Tomcat 6.x from the website. Get the .tar.gz file under "Core".
  2. Untar the file.
    tar xvzf apache-tomcat-6.0.32.tar.gz
     
  3. Move it to someplace nice. I used /opt/tomcat. It's whatever you want though.
    sudo mv apache-tomcat-6.0.32/ /opt/tomcat
     
  4. Generate SSL keys for tomcat. More info here.
    keytool -genkey -alias tomcat -keyalg RSA

    This will ask you several questions. It will also prompt you for a password. You won't have to memorize this password, so you can use a random one. Use the same password for the keystore and the key. You'll enter it in the next step...
  5. Edit the /opt/tomcat/conf/server.xml with your favorite text editor. Add to the bottom (and change the bolded things to be correct):
    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" keystoreFile="/home/username/.keystore" keystorePass="keystore password" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" />

Guacamole

  1. Download Guacamole. (The .tar.gz, if there are choices)
  2. Untar it:
    tar xvzf guacamole-0.2.6.tar.gz
     
  3. Spread the files through your system:
    cd guacamole-0.2.6
    sudo mkdir /var/lib/guacamole/
    sudo mv guacamole.war /var/lib/guacamole/
    mv guacamole-users.xml /opt/tomcat/conf/
    mv guacamole.xml /opt/tomcat/conf/Catalina/localhost/

  4. Edit the username and password in /opt/tomcat/conf/guacamole-users.xml. You'll use these to log in later, so use something you know.
  5. Edit /opt/tomcat/conf/Catalina/localhost/guacamole.xml. Change the port from 5900 to 5900 + screen number (from before) (so probably 5901). Uncomment the line with the password tag and add in your password.
  6. Start tomcat.
    /opt/tomcat/bin/startup.sh
     
  7. Go to http://localhost:8443/guacamole in your favorite modern browser.

That should do it. You'll have to re run the vnc server and tomcat startup script if you ever reboot. Getting those to run automatically on startup is left as an exercise to the reader.

Tags

code

5951 views and 8 responses

  • Feb 25 2011, 3:49 PM
    saltcushy responded:
    step 6 I don't undertand
  • Feb 25 2011, 3:51 PM
    saltcushy responded:
    ubu@ubu-System-Product-Name:~$ /opt/tomcat/bin/startup.sh
    Using CATALINA_BASE: /opt/tomcat
    Using CATALINA_HOME: /opt/tomcat
    Using CATALINA_TMPDIR: /opt/tomcat/temp
    Using JRE_HOME: /usr
    Using CLASSPATH: /opt/tomcat/bin/bootstrap.jar
  • Feb 28 2011, 7:57 AM
    Caleb Eggensperger responded:
    That looks like the correct output for the startup script. What problem are you having? Is it not running?
  • Feb 28 2011, 2:36 PM
    saltcushy responded:
    I think so, that my vnc server running but without in broswer(guacamole)
    my ubuntu 10.10
  • Feb 28 2011, 3:35 PM
    saltcushy responded:
    When i open in all broswers 192.168.1.3:5902/guacamole
    I see RFB 003.008.
  • Feb 28 2011, 3:42 PM
    saltcushy responded:
    after forward port see info in website:Too many security failures
  • Mar 7 2011, 2:00 PM
    Craig responded:
    I have found this guide very useful. I have been trying to implement VNC access with Guacamole for my CR-48 as opposed to alternative strategies such as remote access virtual box sessions (see php_virtualbox which is on google code) to determine which will give me a better client user experience (and less server load). I highly suspect that the VNC access will be much more responsive.

    I have gotten tomcat and guacamole installed and working on a standard port from my LAN, but I cannot seem to get the SSL access to work. Whenever I try to access http://localhost:8443/guacamole in a browser, the browser tries to download a file. WIth the same browser I can access guacamole via http://localhost:8080/guacamole if I modify the server.xml file and comment out the SSL protocol section.

    I am reluctant to open ports to make this work (for a non-SSL port) and do not want to have to tunnel via ssh since that eliminates the point of simple browser access.

    Do you have any suggestions?

  • Jan 4 2012, 2:24 PM
    Anna responded:
    Thank you for your post. I almost got things workng but ran into this error. Thank you very much.

    Jan 4, 2012 4:53:03 PM org.slf4j.impl.JCLLoggerAdapter error
    SEVERE: Error getting authentication provider from properties.
    net.sourceforge.guacamole.GuacamoleException: Error reading guacamole.properties

    Best Regards,
    Anna