Skip to main content

Guacamole

Apache Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH.

Home: https://guacamole.apache.org/ 

  • Access your computers from anywhere
    Because the Guacamole client is an HTML5 web application, use of your computers is not tied to any one device or location. As long as you have access to a web browser, you have access to your machines.
  • Keep your desktop in the cloud
    Desktops accessed through Guacamole need not physically exist. With both Guacamole and a desktop operating system hosted in the cloud, you can combine the convenience of Guacamole with the resilience and flexibility of cloud computing.
  • Free and open source
    Apache Guacamole is and will always be free and open source software. It is licensed under the Apache License, Version 2.0, and is actively maintained by a community of developers that use Guacamole to access their own development environments.
    We feel this sets us apart from other remote desktop solutions, and gives us a distinct advantage.
  • Built on a well-documented API
    Apache Guacamole is built on its own stack of core APIs which are thoroughly documented, including basic tutorials and conceptual overviews in the online manual. These APIs allow Guacamole to be tightly integrated into other applications, whether they be open source or proprietary.

Installation

With Docker

docker-compose.yml:

version: "3"
services:
  guacamole:
    image: jwetzell/guacamole
    container_name: guacamole
    volumes:
      - ./postgres:/config
    ports:
      - 8880:8080
volumes:
  postgres:
    driver: local

Login with the default credentials of:

  • username: guacadmin
  • password: guacadmin

More available extensions:

Usage:

docker run \
-p 8080:8080 \
-v </path/to/config>:/config \
-e "EXTENSIONS=auth-ldap,auth-duo" \
jwetzell/guacamole

Authentications

Google two-factor

With docker-compose

version: "3"
services:
  guacamole:
...
    environment:
      - EXTENSIONS=auth-totp
...

SSH

SSH-Key Authentication

# Generate the private key and public key
# NOTE: -m PEM is required for Guacamole
ssh-keygen -t rsa -b 4096 -f ~/.ssh/root@guacamole -C "root@guacamole" -m PEM

複製與貼上

預設環境遠端主機的文字可以複製,然後在本地端作貼上;不過,本地端文字無法複製後在遠端主機作貼上,解決方法如下:

在遠端主機的畫面,按下 Ctrl + Alt + Shift,會彈出 Guacamole 選單,將本地端文字貼在選單裡的 Clipboard,回到遠端主機,直接執行貼上即可。

 

Learning