Guacd is running. I looked at /var/log/messages and encountered the following:
Jan 22 09:09:21 access guacd[1760]: Creating new client for protocol "ssh" Jan 22 09:09:21 access guacd[1760]: Connection ID is "$e25765a1-e06d-4bd7-959c-2e7878839efe" Jan 22 09:09:21 access guacd[30054]: User "@8e09fdad-3f86-4e2c-a85a-2c342e200921" joined connection "$e25765a1-e06d-4bd7-959c-2e7878839efe" (1 users now present) Jan 22 09:09:21 access server: 09:09:21.596 [http-bio-8080-exec-8] INFO o.a.g.tunnel.TunnelRequestService - User "guacadmin" connected to connection "3". Jan 22 09:09:30 access guacd[30054]: SSH handshake failed. Jan 22 09:09:30 access guacd[30054]: User "@8e09fdad-3f86-4e2c-a85a-2c342e200921" disconnected (0 users remain) Jan 22 09:09:30 access guacd[30054]: Last user of connection "$e25765a1-e06d-4bd7-959c-2e7878839efe" disconnected Jan 22 09:09:30 access server: 09:09:30.808 [http-bio-8080-exec-8] INFO o.a.g.tunnel.TunnelRequestService - User "guacadmin" disconnected from connection "3". Duration: 9210 milliseconds Jan 22 09:09:30 access server: Exception in thread "Thread-30" java.lang.IllegalStateException: Message will not be sent because the WebSocket session has been closed Jan 22 09:09:30 access server: at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.writeMessagePart(WsRemoteEndpointImplBase.java:387) Jan 22 09:09:30 access server: at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.startMessage(WsRemoteEndpointImplBase.java:344) Jan 22 09:09:30 access server: at org.apache.tomcat.websocket.WsRemoteEndpointImplBase$TextMessageSendHandler.write(WsRemoteEndpointImplBase.java:788) Jan 22 09:09:30 access server: at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendPartialString(WsRemoteEndpointImplBase.java:252) Jan 22 09:09:30 access server: at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendString(WsRemoteEndpointImplBase.java:195) Jan 22 09:09:30 access server: at org.apache.tomcat.websocket.WsRemoteEndpointBasic.sendText(WsRemoteEndpointBasic.java:37) Jan 22 09:09:30 access server: at org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint$2.run(GuacamoleWebSocketTunnelEndpoint.java:167) Jan 22 09:09:31 access guacd[1760]: Connection "$e25765a1-e06d-4bd7-959c-2e7878839efe" removed. I will say this: late last week, we made all of our servers FIPS-2 compliant due to an IT requirement in our organization. I’m suspecting that, since the server I’m trying to connect to is now FIPS-2 compliant, that’s why the “SSH handshake failed” error is happening. But I don’t see anything in the connection setup to specify what encryption to use for SSH. We also have an RDP connection that is failing too. That doesn’t fall under the FIPS-2 compliance as it’s a Windows box, and we didn’t make any changes to it. Here’s the log entries for that failed connection: Jan 22 09:14:05 access guacd[1760]: Creating new client for protocol "rdp" Jan 22 09:14:05 access guacd[1760]: Connection ID is "$13401d2e-99e0-4700-8194-89a802a5040c" Jan 22 09:14:05 access guacd[30154]: No security mode specified. Defaulting to RDP. Jan 22 09:14:05 access guacd[30154]: Resize method: none Jan 22 09:14:05 access guacd[30154]: User "@4a854582-75d9-4b59-9343-fafc9d226b08" joined connection "$13401d2e-99e0-4700-8194-89a802a5040c" (1 users now present) Jan 22 09:14:05 access server: 09:14:05.604 [http-bio-8080-exec-3] INFO o.a.g.tunnel.TunnelRequestService - User "guacadmin" connected to connection "5". Jan 22 09:14:05 access guacd[30154]: Loading keymap "base" Jan 22 09:14:05 access guacd[30154]: Loading keymap "en-us-qwerty" Jan 22 09:14:05 access guacd[30154]: Failed to load cliprdr plugin. Clipboard will not work. Jan 22 09:14:05 access guacd[30154]: Failed to load guacdr plugin. Drive redirection and printing will not work. Sound MAY not work. Jan 22 09:14:05 access guacd[30154]: Failed to load guacsnd alongside guacdr plugin. Sound will not work. Drive redirection and printing MAY not work. Jan 22 09:14:05 access abrt-hook-ccpp: Process 30154 (guacd) of user 0 killed by SIGABRT - ignoring (repeated crash) Jan 22 09:14:05 access guacd[1760]: Connection "$13401d2e-99e0-4700-8194-89a802a5040c" removed. Jan 22 09:14:10 access server: 09:14:10.539 [Thread-38] INFO o.a.g.tunnel.TunnelRequestService - User "guacadmin" disconnected from connection "5". Duration: 4935 milliseconds Thanks, Harry From: Nick Couchman [mailto:vn...@apache.org] Sent: Monday, January 22, 2018 9:05 AM To: user@guacamole.apache.org Subject: Re: Connection failures On Mon, Jan 22, 2018 at 9:02 AM, <harry.dev...@faa.gov<mailto:harry.dev...@faa.gov>> wrote: Today, when I try to connect to any connection we have in Guacamole (0.9.13), either an SSH or RDP connection, I get the following error: [cid:image001.png@01D39361.5F5F0590] I tried to look in the logs under /var/log/tomcat but didn’t see anything about any errors. What logs should I be looking at to find out what could be going on and fix this? We are hoping to roll our Guacamole implementation out to more users very soon, and we can’t have this type of erroring happening without knowing why and how to fix it. The first thing I would check is to make sure that guacd is still running, and responsive - check /var/log/messages, or journalctl, and make sure there are messages from guacd, in addition to "ps -ef | grep guacd" to make sure it is actually running. If it isn't, restart it. If it is running, take a look at the logs and figure out why it seems to be failing, and make sure you can connect to those systems from other SSH and/or Guacamole clients. -Nick
