Usage Instructions
Introduction
Apache Guacamole is a clientless remote desktop gateway that supports standard protocols like VNC, RDP, and SSH. Because it is clientless, no plugins or client software are required — access is via a web browser. Guacamole enables users to access their desktops securely from anywhere with just a browser and internet connection. It is designed for ease of deployment, scalability, and secure remote access.
Apache Guacamole is distributed under the Apache License, Version 2.0, a permissive open-source license that allows broad use including commercial applications, fostering flexibility and collaboration.
Getting started
- Launch the product via 1-Click
- Use a web browser to access the console application at http://[ec2-ip]:8080/guacamole where [ec2-ip] is the public ip provided by Amazon for your instance.
- Log in using the following credentials:
- Username: guacadmin
- Password: The instance_id of the EC2 instance
You can also access your instance EC2 via SSH using the username and your Amazon private key.
The username depends on the operative system:
- Amazon Linux: 'ec2-user'
- Ubuntu: 'ubuntu'
- Rocky Linux: 'rocky'
- AlmaLinux: 'ec2-user'
- CentOS Stream: 'ec2-user'
Installation details
Apache Guacamole is compiled natively and runnning on APache Tomcat 9, with OpenJDK 11 and MySQL 8.
The project location is /etc/guacamole ($GUACAMOLE_HOME) where configuration files are stored. The extensions are in $GUACAMOLE_HOME/extensions and the libraries in $GUACAMOLE_HOME/lib
Tomcat server is installed in /opt/java/apache-tomcat-[version] directory, which is linked to /usr/java/apache-tomcat, defined in $CATALINA_HOME.
The Apache Guacamole WAR is deployed at $CATALINA_HOME/webapps.
Services are configured with systemd.
(*) If the client wants to use other kind of authentication, project and libraries are provided at $HOME/software/guacamole directory
Authentication methods
MySQL
It uses the authentication module through MySQL database thanks to the library guacamole-auth-jdbc-mysql-x.x.x.jar, in $GUACAMOLE_HOME/extensions directory, the JDBC driver of MySQL, mysql-connector-java-x.x.x.jar, in $GUACAMOLE_HOME/lib directory and the database configuration provided in the file: $GUACAMOLE_HOME/guacamole.properties
PostgreSQL
It uses the authentication module through PostgreSQL database thanks to the library guacamole-auth-jdbc-postgresql-x.x.x.jar, in $GUACAMOLE_HOME/extensions directory, the JDBC driver of PostgreSQL, postgresql-x.x.x.jar, in $GUACAMOLE_HOME/lib directory and the database configuration provided in the file: $GUACAMOLE_HOME/guacamole.properties
Tomcat
View status of service:
$ sudo systemctl status tomcat
Stop service:
$ sudo systemctl stop tomcat
Start service:
$ sudo systemctl start tomcat
Guacamole
View status of service:
$ sudo systemctl status guacd
Stop service:
$ sudo systemctl stop guacd
Start service:
$ sudo systemctl start guacd
MySQL
View status of service:
$ sudo systemctl status mysqld
Stop service:
$ sudo systemctl stop mysqld
Start service:
$ sudo systemctl start mysqld
Access to MysQL console:
$ sudo mysql
PostgreSQL
View status of service:
$ sudo systemctl status postgresql
Stop service:
$ sudo systemctl stop postgresql
Start service:
$ sudo systemctl start postgresql
Access to MysQL console:
sudo -u postgres psql
Other useful data
Location of sensitive information
There is no sensitive data
Encryption configuration
There is no encrypted data.
Changing system credentials
To change the Guacamole credentials you have to go to the right menu, click "Settings" button, users section, select user guacadmin and complete the form.
Instructions on how the user interacts with Guacamole to decrypt necessary data
You can use the Guacamole management console to view all necessary data.
How to assess and monitor the health and proper function of the application.
- Navigate to your Amazon EC2 console and verify that you're in the correct region.
- Choose Instance and select your launched instance.
- Select the server to display your metadata page and choose the Status checks tab at the bottom of the page to review if your status checks passed or failed.
List of AMIs provisioned by Neodoo
| Apache Guacamole with MySQL | Apache Guacamole with PostgreSQL | |
|---|---|---|
| Ubuntu Linux 22.04 LTS | ✔ View | ✔ View |
| Ubuntu Linux 24.04 LTS | ✔ View | ✔ View |