guacd and guac-client in different hosts
Hi, I guess it's possible to have them in different machine and I assume I'm missing something. I set guacd in 1 host, set accordingly the hostname (bind_hosts) in /etc/guacamole/guacd.conf. In the other host (running tomcat10 under debian12), I deployed the war file (1.5.5) in /var/lib/tomcat10/webapps. Tomcat deployed automatically the war file and I set the name of the guacd server in /etc/guacamole/guacamole.properties . At this point if I go to http://mytomcat:8080/guacamole , I get a http 404 error ... What did I miss please? -- Willy Manga - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Re: guacd and guac-client in different hosts
On 20/04/2024 10:25, Alessandro Sironi wrote: Hi, Tomcat 10 is the issue, ti is not supported, you can go with T9 or T8 Regards, Alessandro Ouch.. I was not careful on the requirements. THank you. With tomcat9, it's working. -- Willy Manga - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Re: Installing Guacamole 1.5.5 tomcat listener failed to start
Hi, On 21/04/2024 06:47, My Data Belongs to Me! wrote: Hello, I am running Alma 8, and followed the these instructions to get Guacamole installed and running: https://guacamole.apache.org/doc/gug/installing-guacamole.html when things were not working (guacd would run and exit, tomcat would not unpack any wars at all), I then reviewed these https://idroot.us/install-apache-tomcat-almalinux-8/ https://idroot.us/install-apache-guacamole-almalinux-8/ Funny. I just learnt in my last thread that guacamole does not work on tomcat10. Check work in progress here [1][2] . I doubt this documentation is right. 1. https://issues.apache.org/jira/browse/GUACAMOLE-1325 2. https://github.com/apache/guacamole-client/pull/972 and I have gotten to the point where tomcat is running and reachable, the war unpacks, guacd is running, but catalina.out still reports: " 21-Apr-2024 02:29:31.065 SEVERE [main] org.apache.catalina.core.StandardContext.startInternal One or more listeners failed to start. Full details will be found in the appropriate container log file 21-Apr-2024 02:29:31.088 SEVERE [main] org.apache.catalina.core.StandardContext.startInternal Context [/guacamole] startup failed due to previous errors " I tried syslog, but this VPS doesn't appear to have that. I guess you are using systemd. Thus, you can check the logs with journalctl --system -- Willy Manga - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Remove or hide the "recent connections" section
Hi, Is it possible to remove or at least hide the "recent connections" section? -- Willy Manga - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Failed to connect to repo.maven.apache.org when building guacamole-client
Hi, I want to be sure I am not missing anything and it is a network issue on my side. I want to build guacamole-client . Here is my environment: - maven 3.6.3-5 (running on debian 11) - IPv6-only with a NAT64 gateway in the network. Question: do I need specific packages in addition to maven? Here is the error [1] The most obvious error I see is the transfer failed from repo.maven.apache.org but I don't understand why. I was able to retrieve manually build-helper-maven-plugin-3.2.0.pom using wget. Any help appreciated. 1. http://paste.debian.net/1318665/ -- Willy Manga - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Re: Failed to connect to repo.maven.apache.org when building guacamole-client
Hi, On 31/05/2024 14:41, Nick Couchman wrote: On Thu, May 30, 2024 at 10:05 PM Willy Manga wrote: Hi, I want to be sure I am not missing anything and it is a network issue on my side. I want to build guacamole-client . Here is my environment: - maven 3.6.3-5 (running on debian 11) - IPv6-only with a NAT64 gateway in the network. Question: do I need specific packages in addition to maven? Here is the error [1] The most obvious error I see is the transfer failed from repo.maven.apache.org but I don't understand why. I was able to retrieve manually build-helper-maven-plugin-3.2.0.pom using wget. Any help appreciated. 1. http://paste.debian.net/1318665/ Yeah, the root of the error is here: Caused by: java.net.SocketException: Network is unreachable (connect failed) at java.net.PlainSocketImpl.socketConnect (Native Method) at java.net.AbstractPlainSocketImpl.doConnect (AbstractPlainSocketImpl.java:412) at java.net.AbstractPlainSocketImpl.connectToAddress (AbstractPlainSocketImpl.java:255) at java.net.AbstractPlainSocketImpl.connect (AbstractPlainSocketImpl.java:237) at java.net.SocksSocketImpl.connect (SocksSocketImpl.java:392) at java.net.Socket.connect (Socket.java:609) So, the Maven utility is unable to connect to the host repo.maven.apache.org via HTTPS to retrieve the artifacts. This is nothing specific to Guacamole, this is some issue with Maven and your network setup. I suspect it has something to do with the IPv6 + NAT64 configuration and perhaps some Java incompatibility with that, but I don't know that or sure - you might want to look around the Maven website and see if it has any information on this particular error or on IPv6-only configurations. Problem solved. I had to explicitely instruct java to to prefer IPv6. I invoked maven like this: MAVEN_OPTS="-Djava.net.preferIPv6Addresses=true" mvn package -X as someone explained in the maven mailing-list [1] and it was okay. I now have a compilation failure but I will start a new thread if I don't figure it out myself. 1. https://lists.apache.org/thread/f5q9z2mrg88jn77hr2gdykkbxo8rsmsl -- Willy Manga - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Re: Failed to connect to repo.maven.apache.org when building guacamole-client
For reference purpose, On 31/05/2024 17:56, Willy Manga wrote: Hi, [...] Problem solved. I had to explicitely instruct java to to prefer IPv6. I invoked maven like this: MAVEN_OPTS="-Djava.net.preferIPv6Addresses=true" mvn package -X java.net.preferIPv6Addresses=system is even better. You let the OS handle that part. -- Willy Manga - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Re: How can I access the Linux desktop?
On 19/06/2024 10:49, Jimmy wrote: Hi Dark, Because the Apache guacamole supports the VNC protocol, you can access your Linux desktop using it. For that, you need to configure the Apache guacamole according to https://guacamole.apache.org/doc/0.9.1/gug/configuring-guacamole.html#vnc. I think https://guacamole.apache.org/doc/gug/configuring-guacamole.html#vnc is even better because it's related to the latest stable version. -- Willy Manga - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Re: Guacamole CLIENT on Debian 12 bookworm and Tomcat10
Hi , On 07/08/2024 15:25, mxdog wrote: Hi All, I can not get the guacamole client to work on my system I followed the instructions in the manual for native install and a couple of other walk-through,even gave the docker version a shot. guacd compiles and runs fine (native) but the client will not start version 1.5.5. My system specifics : Debian 12/bookworm 6.1.0-23-amd64 Tomcat 10.1.6 Debian You can't stop here. It's not yet possible with tomcat 10. You need to rely on tomcat 9 for now. Check work in progress here [1][2] . 1. https://issues.apache.org/jira/browse/GUACAMOLE-1325 2. https://github.com/apache/guacamole-client/pull/972 -- Willy Manga - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Re: Guacamole CLIENT on Debian 12 bookworm and Tomcat10
On 07/08/2024 15:33, Willy Manga wrote: Hi , On 07/08/2024 15:25, mxdog wrote: Hi All, I can not get the guacamole client to work on my system I followed the instructions in the manual for native install and a couple of other walk-through,even gave the docker version a shot. guacd compiles and runs fine (native) but the client will not start version 1.5.5. My system specifics : Debian 12/bookworm 6.1.0-23-amd64 Tomcat 10.1.6 Debian You can't stop here. It's not yet possible with tomcat 10. You need to rely on tomcat 9 for now. Light typo. Sorry. Of course I meant you *can* stop here... Guacamole is not yet compatible with tomcat 10. -- Willy Manga - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Re: RE : ssh problem
Hi Hugues, On 08/08/2024 16:51, Hugues BLAKIME wrote: I see thank you very much. Is there at least one way to limit the commands entered by the user? Or at least put restrictions on it? From guacamole perspective, one thing you can do is specify the command to execute in the session/environment for that particular "connection". Of course from the remote host itself, you can restrict the available commands in the ~/.ssh/authorized_keys file . Kindly consult the authorized_keys manual. -- Willy Manga - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
How to allow "WebSocket | HTTP tunnel request" with IPv6?
Hi, I have installed guacamole and got the following errors [1] after a successful authentication. I'm aware of [2] where the solution was to set bind_host to 127.0.0.1 [3]. My question is how to allow that tunnel request in an IPv6-only environment? The 'Connection refused' seems like an issue with a service not allowed in IPv6 somewhere within tomcat In my setup, I use debian 11, guacamole 1.4 ... I'm planning to use v4 address only on the nginx proxy. 1. https://paste.debian.net/1238366/ 2. https://lists.apache.org/thread/ttv4sc6jlbso1pfwpd1yo43ssk0rnwoz 3. https://lists.apache.org/thread/dm3coj38x3fhco0gxnyw0k22lwcp5wwy -- Willy Manga @ongolaboy https://ongola.blogspot.com/ OpenPGP_signature Description: OpenPGP digital signature
Re: How to allow "WebSocket | HTTP tunnel request" with IPv6?
Hi Alves, On 19/04/2022 15:32, Henri Alves de Godoy wrote: Hi Willy, Assuming that your server where the tomcat/guacd daemon is is dual-stack and your internal environment is IPv6-only What if I want to avoid any IPv4 config .. Here's what I want +--+ | Network of hosts | | using IPv6-only | +--+ | | | (IPv6) | +-+ |Guacamole/Tomcat | +-+ | | | (IPv6) | +-+ | Nginx | +-+ | | (IPv4) | (IPv6) | +-+ | Internet | +-+ In the host configuration, put the IPv6 of the remote machine you want to access. I don't have any issue accessing v6 hosts provided by guacamole. You can also change in guacd to bind the v6 address of localhost ::1 Here is my issue. By default, when you build from scratch guacamole 1.4 on debian 11, it will listen to ::1 . That setup will not work unless I missed something. I had to tell guacd to bind to 127.0.0.1 :( Otherwise I got this Apr 21 10:29:12 guac2 tomcat9[1811]: 10:29:12.870 [http-nio-8080-exec-6] INFO o.a.g.r.auth.AuthenticationService - User "gogo" successfully authenticated from 2001:db8:43:cafe::1. Apr 21 10:29:14 guac2 tomcat9[1811]: 10:29:14.423 [http-nio-8080-exec-9] ERROR o.a.g.w.GuacamoleWebSocketTunnelEndpoint - Creation of WebSocket tunnel to guacd failed: java.net.ConnectException: Connection refused (Connection refused) Apr 21 10:29:15 guac2 tomcat9[1811]: 10:29:15.369 [http-nio-8080-exec-1] ERROR o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: java.net.ConnectException: Connection refused (Connection refused) -- Willy Manga @ongolaboy https://ongola.blogspot.com/ OpenPGP_signature Description: OpenPGP digital signature
What is the right format to import ssh private key in user-mapping.xml (guacamole 1.4)
Hello, I certainly miss something, but I don't see what. I want to use authentication via ssh key. Here is what my user-mapping.xml looks like http://paste.debian.net/1238561/ ( I have just removed the actual content) When I try to connect to the remote host, I'm prompted to enter a key passphrase on the screen even though it was blank in my case. If I hit "ENTER", I have this message in the log: "Auth key import failed: (null)" Are there spaces I should remove, carriage return? -- Willy Manga @ongolaboy https://ongola.blogspot.com/ OpenPGP_signature Description: OpenPGP digital signature
Re: What is the right format to import ssh private key in user-mapping.xml (guacamole 1.4)
. On 27/04/2022 06:41, Michael Jumper wrote: On Thu, Apr 21, 2022, 05:29 Willy Manga wrote: [...] There are two main issues: 1) You should remove the newline before the key header, so the key header starts immediately after the "param" tag. Noted. 2) Version 1.4.0 does not support the newer OpenSSH-specific format of private key. You'll need to use an RSA key in PEM format, or try building from git (support for the OpenSSH format was recently added but is not yet released). I will wait the next release. :) When possible, I'd also recommend moving away from using user-mapping.xml and use one of the supported databases. That'll give you a full web-based UI for managing connections, users, and user groups. In the meantime I have created a RSA key in PEM format and use mysql instead. So far so good. Thank you. -- Willy Manga @ongolaboy https://ongola.blogspot.com/ OpenPGP_signature Description: OpenPGP digital signature
Re: ERROR - Parsing IPV6 in guacamole
Hi, On 09/07/2025 13:44, Savinder Kaur wrote: Hi Team , I have updated the guacd configuration to support *IPv6*, as it was using *IPv4 by default*. After the changes, I can now confirm via the guacd logs that it is successfully listening on *IPv6 interfaces*. However, when attempting to establish an *SSH connection to the server using IPv6*, I encountered the following error: image.png image.png Could you please help ? Thanks , Savinder Based on the errors "Name does not resolve" I guess, something (most likely a fully qualified domain name) is not either well written or you don't have a record for that resource in your zone file. -- Willy Manga - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
