[TriLUG] Remote Desktop Woes

Ron Kelley via TriLUG trilug at trilug.org
Mon Jan 9 14:34:55 EST 2017 

You can get the install instructions for guacamole off the web (ie: https://www.chasewright.com/guacamole-with-mysql-on-ubuntu <https://www.chasewright.com/guacamole-with-mysql-on-ubuntu>, http://www.tecmint.com/guacamole-access-remote-linux-windows-machines-via-web-browser, etc).  

Once installed, you need to edit two files:

/etc/guacamole/guacamole.properties
-------------------------------------
guacd-hostname: localhost
guacd-port:     4822
guacd-ssl: false
log_level: debug
-------------------------------------

/etc/guacamole/user-mapping.xml
-------------------------------------
<user-mapping>
     <authorize username=“Bob" password="<md5_password_for_user_account>" encoding="md5">

        <connection name="RDP - Windows Server">
          <protocol>rdp</protocol>
          <param name="hostname">10.30.20.32</param>
          <param name="port">3389</param>
          <param name="username”>Bob</param>
          <param name="security">tls</param>
         </connection>

        <connection name="VNC - Linux Server">
           <protocol>vnc</protocol>
           <param name="hostname">10.30.20.34</param>
           <param name="port">5901</param>
           <param name="password”>myvncpassword</param>
         </connection>

        <connection name="SSH - Linux Server">
          <protocol>ssh</protocol>
          <param name="hostname">10.30.20.24</param>
          </connection>

    </authorize>
 </user-mapping>
-------------------------------------

You will need to create an MD5 value for the user account (“Bob” in this case) and put it in the “md5_password...” field listed above.  Then, just add your resources as necessary.  If I recall correctly, you can have multiple users in the user-mapping.xml file - each with their own resources.  Just add a new <user-mapping> section for each user.  Finally, don’t forget you need to install both the guacamole server and client package (versions must match).

I use nginx reverse-proxy on the front-end so I can access my resources via the ‘net on port 443.  I send send that info as well if you need it.

-Ron


On Jan 9, 2017, at 2:19 PM, Dewey Hylton <plug at hyltown.com> wrote:

i'd definitely be interested in seeing the config files ... i have this on my
to-look-at list, just haven't gotten around to it yet.

----- On Jan 9, 2017, at 2:02 PM, Triangle Linux Users Group General Discussion trilug at trilug.org wrote:

> Matt,
> 
> Any chance of installing “guacamole” on your Linux box to see if that would
> work?  http://guacamole.incubator.apache.org
> <http://guacamole.incubator.apache.org/>
> 
> It only takes a few minutes to setup (I can send you my config files).  I use it
> to launch MS RDP sessions, Linux CLI sessions, and Linux VNC Sessions.  Best of
> all, it is done over HTML-5 browser (chrome).
> 
> 
> 
> 
> On Jan 9, 2017, at 12:05 PM, Matt Flyer via TriLUG <trilug at trilug.org> wrote:
> 
> Considering the recent weather event, I decided that today would be a good
> day to try to work remotely.  For the last several hours, I have been
> attempting to establish a remote desktop session and have been running
> into a real head scratcher.
> 
> The linux box that I want to remote into is running Centos 7 and is
> integrated into (joined) an Active Directory domain. It successfully
> performs AD authentication and when I am at my workstation on the LAN
> running Ubuntu, Remmina will establish a remote desktop connection just
> fine.
> 
> Working remotely from home, I am connected via the VPN. I can "hit" the
> machine on the network, but I can't seem to get a remote desktop
> connection directly to it.
> 
> What DOES work is that I am able to establish a remote desktop connection
> to one of the Windows servers and from there use the (windows) Remote
> Desktop Client to pull up the Centos 7 desktop and authenticate using my
> AD credentials just fine.  I just can't go directly from the Linux box
> over the VPN.
> 
> I have tried KRDC, Remmina, and Vinagre, all of which simply fail with a
> generic error message; except KRDC first asks for a user and then a
> password, but it always fails (the password is correct).
> 
> I am not sure how to even troubleshoot or log the issue.  All I get is a
> "that did not work" message, which is very windows-esque.
> 
> Any thoughts or suggestions?
> --
> This message was sent to: Ron Kelley <rkelleyrtp at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web	:
> http://www.trilug.org/mailman/options/trilug/rkelleyrtp%40gmail.com
> Welcome to TriLUG: http://trilug.org/welcome
> 
> --
> This message was sent to: Dewey Hylton <plug at hyltown.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web	:
> http://www.trilug.org/mailman/options/trilug/plug%40hyltown.com
> Welcome to TriLUG: http://trilug.org/welcome

More information about the TriLUG mailing list