Guacamole on FreeBSD

This describes how to install Guacamole on FreeBSD, including the NoAuth extension and adhoc sessions.

Installation

1. Installing plain Guacamole on FreeBSD 10.3 or 11.0 is pretty easy:

   # cd /usr/ports/www/guacamole-client
   # make install client
   

2. If you didn't change the default options, then net/guacamole-server and www/tomcat8 have also been installed. Enable both at system boot time:

   # echo 'guacd_enable="YES"' >> /etc/rc.conf
   # echo 'tomcat8_enable="YES"' >> /etc/rc.conf
   

3. Create /usr/local/etc/guacamole-client/guacamole.properties:

   guacd-host: localhost
   guacd-port: 4822
   auth-provider: org.apache.guacamole.auth.noauth.NoAuthenticationProvider
   noauth-config: /usr/local/etc/guacamole-client/noauth-config.xml
   

4. Create an empty noauth-config.xml, which is writeable by the Tomcat user:

   # touch /usr/local/etc/guacamole-client/noauth-config.xml
   # chown www /usr/local/etc/guacamole-client/noauth-config.xml
   

5. Create the directory /usr/local/etc/guacamole-client/extensions
6. Download the latest guacamole-auth-noauth-*.tar.gz from http://guacamole.incubator.apache.org/releases/
7. Extract that archive, and copy the .jar file to /usr/local/etc/guacamole-client/extensions/
8. No longer needed: Create /usr/local/apache-tomcat-8.0/bin/setenv.sh:

   #!/bin/sh
   
   export GUACAMOLE_HOME="/usr/local/etc/guacamole"
   

9. Add both roles admin-gui and manager-gui to /usr/local/apache-tomcat-8.0/conf/tomcat-users.xml, and assign them to a user
10. Start guacd and Tomcat:

    # /usr/local/etc/rc.d/guacd start
    # /usr/local/etc/rc.d/tomcat8 start
    

11. Download guaca.war, and deploy it on your Tomcat, e.g. by browsing to http://localhost:8080/manager/html
12. Now you can connect to any host without logging into Guacamole and without the need to configure the connection a priori, just by surfing to http://localhost:8080/guaca?hostname=SOMEHOST&protocol=ssh. Optionally, you may add username or port to the URL
13. Please note that all connections are added to noauth-config.xml automatically, including optional passwords given in the URL! Also, no user has to authenticate to Guacamole in this setup. That might be a security risk.

Downloads

Bleeding edge: https://github.com/felixjogris/guaca

• guaca.war (released 2018-10-28)
• guaca.war.20170305 (released 2017-03-05)