Guacamole

Apache Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH.

Home: https://guacamole.apache.org/  

• Access your computers from anywhere
  Because the Guacamole client is an HTML5 web application, use of your computers is not tied to any one device or location. As long as you have access to a web browser, you have access to your machines.
• Keep your desktop in the cloud
  Desktops accessed through Guacamole need not physically exist. With both Guacamole and a desktop operating system hosted in the cloud, you can combine the convenience of Guacamole with the resilience and flexibility of cloud computing.
• Free and open source
  Apache Guacamole is and will always be free and open source software. It is licensed under the Apache License, Version 2.0, and is actively maintained by a community of developers that use Guacamole to access their own development environments.
  We feel this sets us apart from other remote desktop solutions, and gives us a distinct advantage.
• Built on a well-documented API
  Apache Guacamole is built on its own stack of core APIs which are thoroughly documented, including basic tutorials and conceptual overviews in the online manual. These APIs allow Guacamole to be tightly integrated into other applications, whether they be open source or proprietary.

Installation

With Docker

docker-compose.yml:

version: "3"
services:
  guacamole:
    image: jwetzell/guacamole
    container_name: guacamole
    volumes:
      - ./postgres:/config
    ports:
      - 8880:8080
volumes:
  postgres:
    driver: local

Login with the default credentials of:

• username: guacadmin
• password: guacadmin

More available extensions:

• auth-ldap -  LDAP Authentication
• auth-duo -  Duo two-factor authentication
• auth-header -  HTTP header authentication
• auth-cas -  CAS Authentication
• auth-openid -  OpenID Connect authentication
• auth-totp -  TOTP two-factor authentication
• auth-quickconnect -  Ad-hoc connections extension

Usage:

docker run \
-p 8080:8080 \
-v </path/to/config>:/config \
-e "EXTENSIONS=auth-ldap,auth-duo" \
jwetzell/guacamole

Authentications

Google two-factor

With docker-compose

version: "3"
services:
  guacamole:
...
    environment:
      - EXTENSIONS=auth-totp
...

SSH

 SSH-Key Authentication

# Generate the private key and public key
# NOTE: -m PEM is required for Guacamole
ssh-keygen -t rsa -b 4096 -f ~/.ssh/root＠guacamole -C "root＠guacamole" -m PEM

 

Learning

• Access Your Computer From Anywhere Via Web Browser using Apache Guacamole
• Install and Use Guacamole Remote Desktop on CentOS 8
• [Video] Guacamole Remote Desktop - Open Source, Self Hosted remote access to your machines in the browser!
• [Video] Meet Guacamole, Your Remote Access Gateway
• [Video] Securely Access any PC or VM Remotely using only a Web Browser with Guacamole