Aller au contenu
Vie du geek le forum entre geek
dokkun

Install Guacamole 0.8.x on Debian 7 Wheezy +SSL+RDP+XFCE4

Messages recommandés

Guacamole donne accès à des environnements de bureau en utilisant des protocoles de bureau à distance comme VNC et RDP. Un serveur centralisé agit comme un tunnel et proxy, permettant l'accès à plusieurs ordinateurs de bureau via un navigateur web.

 

 

Tomcat


 

apt-get install tomcat7

Configure SSL for Tomcat
Generate ssl key:


 

/usr/lib/jvm/java-6-openjdk-amd64/bin/keytool -genkey -validity 1000 -alias guacamole -keypass 'password' -keystore /var/lib/tomcat7/webapps/.keystore -storepass 'password'

Modifier Tomcat config:


 

nano /etc/tomcat7/server.xml

Commenter et ajouter


 

<!--
<Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               URIEncoding="UTF-8"
               redirectPort="8443" />
-->
 
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
             maxThreads="200" scheme="https" secure="true"
             clientAuth="false" sslProtocol="TLS"
             enableLookups="true"
             disableUploadTimeout="true"
             acceptCount="100"
             debug="0"
           keystoreFile="/var/lib/tomcat7/webapps/.keystore"
           keystorePass="password" />

Rediriger défaut page d'accueil Tomcat:


 

nano /var/lib/tomcat7/webapps/ROOT/index.html



 

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
    <title>Guacamole</title>
<META HTTP-EQUIV="refresh" CONTENT="0.1;URL=https://mydomain:8443/guacamole">
</head>
 
<body>
 
</body>
</html>

Fixez tomcat7 en ajoutant "security-constraint" avant la fin


 

nano /etc/tomcat7/web.xml



 

...
<security-constraint>
<web-resource-collection>
<web-resource-name>restricted methods</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint />
</security-constraint>
 
</web-app>


Guacamole

Install guacamole-client



service tomcat7 stop
cd /var/lib/tomcat7/webapps/
wget http://downloads.sourceforge.net/project/guacamole/current/binary/guacamole-0.8.3.war -O guacamole.war
Install guacamole-server:



apt-get install libpng12-dev libcairo2-dev libfreerdp-dev libvncserver-dev libvorbis-dev libpulse-dev libssh-dev libpango1.0-dev
cd /tmp
wget http://downloads.sourceforge.net/project/guacamole/current/source/guacamole-server-0.8.3.tar.gz
tar xvf guacamole-server-0.8.3.tar.gz
cd guacamole-server-0.8.3
./configure --with-init-dir=/etc/init.d
make
make install
ldconfig

Configure autostart


 

apt-get install chkconfig
chkconfig guacd on

Configure Guacamole


 

nano /var/lib/tomcat7/common/classes/guacamole.properties



 

guacd-hostname: localhost
guacd-port:     4822
 
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
basic-user-mapping: /etc/guacamole/user-mapping.xml






mkdir /etc/guacamole



Define md5 password:



echo -n password | md5sum -t






nano /etc/guacamole/user-mapping.xml






<user-mapping>
   <authorize username="username" password="059c2555555d74080e7760fbb6367e8f" encoding="md5">
<!-- First authorized connection -->
        <connection name="xfce4">
           <protocol>rdp</protocol>
         <param name="hostname">localhost</param>
         <param name="port">3389</param>
         <param name="username">user</param>
         <param name="password">password</param>
           <param name="width">1440</param>
           <param name="height">900</param>
          </connection>
 
        <!-- Second authorized connection -->
        <connection name="pc-paul">
           <protocol>rdp</protocol>
          <param name="hostname">pc-paul</param>
          <param name="port">3389</param>
          <param name="domain"></param>
          <param name="username">user</param>
          <param name="password">password</param>
        <param name="server-layout">fr-fr-azerty</param>
          <!-- <param name="initial-program">explorer.exe</param> -->
          <param name="color-depth">16</param><!-- 8,16,24 or 32 -->
          <param name="width">1440</param>
          <param name="height">900</param>
        </connection>
    </authorize>
</user-mapping>






chmod 600 /etc/guacamole/user-mapping.xml &&
chown tomcat7:tomcat7 /etc/guacamole/user-mapping.xml &&
chown tomcat7:tomcat7 /var/lib/tomcat7/common/classes/guacamole.properties



Finally restart daemons:



service tomcat7 restart
service guacd restart



https://mydomain:8443/guacamole/
Bonus RDP+XFCE
Install xfce



apt-get install xfce4



Install X11rdp and xrdp thanks to scarygliders X11RDP-o-Matic.



apt-get install git
git clone -b v3.0 https://github.com/scarygliders/X11RDP-o-Matic.git
cd X11RDP-o-Matic
./X11rdp-o-matic.sh --justdoit
./RDPsesconfig.sh



Select fxce4
https://mydomain:8443/guacamole/

guacamole8.0-300x155.png
xfce-300x168.png

Partager ce message


Lien à poster
Partager sur d’autres sites

Créer un compte ou se connecter pour commenter

Vous devez être membre afin de pouvoir déposer un commentaire

Créer un compte

Créez un compte sur notre communauté. C’est facile !

Créer un nouveau compte

Se connecter

Vous avez déjà un compte ? Connectez-vous ici.

Connectez-vous maintenant

×