Apache Guacamole Setup

This document contains steps to install Guacamole using a script. This works in Ubuntu v18.04


  1. Ubuntu v20.04 or later

  2. openjdk v11 or later

Once you have installed Ubuntu 22.04, you'll need to install java. Please run the command below.

$ sudo apt install openjdk-17-jdk

Once you're Set the environmental variables for ubuntu in the ~/.bashrc file. Enter into the file (nano ~/.bashrc) add the following lines at the end of the file enough, save the world:

export JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64
export PATH=$PATH:HOME/bin:$JAVA_HOME/bin

Save the file by pressing ctrl + o and exit from the nano editor by pressing ctrl + x and run the command to refresh the environmental variables

source ~/.bashrc

Move to the root folder by using “su –“. If you are new, set the root password by using the command “sudo passwd”

Move the Automated script in current location to the root folder by using the command “mv CloudAssert-InstallGuacamole1-0-0.sh /root/”

Run the following script by using the command “sh CloudAssert-InstallGuacamole1-0-0.sh"

Guacamole Setup

If you are unable to download the above CloudAssert-InstallGuacamole1-0-0.sh, Please copy paste this script on your shell and execute.

Port access: Guac uses 8080 port as part of Tomcat server. If you enable SSL (https) for tomcat. Please make sure to allow the port 443 in guac server.

The default guac portal cred is set as admin in authorize tag at line# 45. Please feel free to change it before you run.

ufw enable

ufw allow 22

ufw allow 8080

eval "apt-get update"

eval "apt-get install git -y"

eval "apt-get install autoconf -y"

eval "apt-get install libavcodec-dev -y"

eval "apt-get install libavcodec-extra -y"

eval "apt-get install libtool-bin -y"

eval "apt-get install fail2ban build-essential htop libcairo2-dev libjpeg62-dev libossp-uuid-dev tomcat8 -y"

eval "apt-get install libfreerdp-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libpulse-dev libssl-dev libvorbis-dev -y"

eval "wget https://downloads.apache.org/guacamole/1.0.0/source/guacamole-server-1.0.0.tar.gz"

eval "git clone https://github.com/cloudassert/guacamole-client"

eval "tar -xzf guacamole-server-1.0.0.tar.gz"

eval "tar -xzf guacamole-client-1.0.0.tar.gz"

eval "apt-get install tomcat8 -y"

cd guacamole-server-1.0.0

eval "autoreconf -fi"

eval "./configure --with-init-dir=/etc/init.d && make && make install"

eval "ldconfig &&  update-rc.d guacd defaults"

eval "mkdir /etc/guacamole"

echo "guacd-hostname: localhost\nguacd-port: 4822\nuser-mapping: /etc/guacamole/user-mapping.xml\nauth-provider: com.aiden0z.guacamole.net.jwt.JwtAuthenticationProvider\nbasic-user-mapping: /etc/guacamole/user-mapping.xml\nsecret-key: secure string for encryption needs to be high" | sudo tee -a /etc/guacamole/guacamole.properties 

echo "<user-mapping>\n<authorize username='admin'  password='admin'>\n<connection name='RDP Connection'>\n<protocol>rdp</protocol>\n<param name='hostname'></param>\n<param name='port'>3389</param>\n</connection>\n<connection name='SSH Connection'>\n<protocol>ssh</protocol>\n<param name='hostname'></param>\n<param name='port'>22</param>\n</connection>\n</authorize>\n</user-mapping>" | sudo tee -a /etc/guacamole/user-mapping.xml

eval "mkdir /usr/share/tomcat8/.guacamole"

eval "ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat8/.guacamole"


eval "sudo apt install openjdk-17-jdk -y"

eval "JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64"

eval "PATH=$PATH:$HOME/bin:$JAVA_HOME/bin"

eval "export JAVA_HOME"

eval "export PATH"

eval "sudo apt install maven -y"

cd guacamole-client-1.0.0

eval "mvn install"

eval "cp guacamole/target/guacamole-1.0.0.war /var/lib/tomcat8/webapps/guacamole.war"

eval "sudo chmod 600 /etc/guacamole/user-mapping.xml"

eval "sudo chown tomcat8:tomcat8 /etc/guacamole/user-mapping.xml"

eval "chown -R tomcat8:tomcat8 /etc/guacamole/"

eval "sudo ln -s /etc/guacamole/user-mapping.xml /usr/share/tomcat8/.guacamole/"

echo "guacamole.home=/etc/guacamole" | sudo tee -a /etc/tomcat8/catalina.properties

cd /etc/guacamole/

mkdir extensions

cd /etc/guacamole/extensions

eval "wget https://cadownloads.blob.core.windows.net/plugins/guacamole-auth-jwt-1.0.0.jar"

cd /etc/guacamole/

mkdir lib

cd /etc/guacamole/lib

eval "wget https://repository.liferay.com/nexus/content/groups/public/com/fasterxml/jackson/core/jackson-annotations/2.8.0/jackson-annotations-2.8.0.jar"

eval "wget https://repo1.maven.org/maven2/com/fasterxml/jackson/core/jackson-databind/2.8.2/jackson-databind-2.8.2.jar"

eval "wget https://repository.liferay.com/nexus/content/groups/public/com/fasterxml/jackson/core/jackson-core/2.8.2/jackson-core-2.8.2.jar"

eval "wget https://repository.mulesoft.org/nexus/content/groups/public/io/jsonwebtoken/jjwt/0.7.0/jjwt-0.7.0.jar"

cd /etc/guacamole/

echo "<configuration>\n\t<appender name='GUAC-DEBUG' class='ch.qos.logback.core.FileAppender'>\n\t<file>/etc/guacamole/GuacamoleLog.log</file>\n\t<encoder>\n\t\t<pattern>%date %level [%thread] %logger{10} [file:%line] %msg%n</pattern>\n\t</encoder>\n\t</appender>\n\t<root level='debug'>\n\t\t<appender-ref ref='GUAC-DEBUG' />\n\t</root>\n</configuration>" | sudo tee -a /etc/guacamole/logback.xml

Last updated