redhat:guacamole-redhat:glyptodon-enterprise-redhat 

# vim /etc/yum.repos.d/glyptodon.repo

[glyptodon-1]
name=Glyptodon Enterprise 1.x
baseurl=https://michaelreber-xoP4PNdh:omMCnWdQ8eM8kpms9EPDz9go@enterprise.glyptodon.com/release/1/el7/$basearch/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://enterprise.glyptodon.com/release/RPM-GPG-KEY-glyptodon-release


# yum install epel-release
# yum install tomcat glyptodon-guacamole glyptodon-guacd glyptodon-libguac-client-rdp glyptodon-libguac-client-ssh

# usermod -aG guacamole tomcat
# ln -s /usr/share/guacamole/guacamole.war /var/lib/tomcat/webapps/

# systemctl start guacd tomcat
# systemctl enable guacd tomcat

# yum install glyptodon-guacamole-auth-jdbc-mysql mariadb-server
# openssl rand -base64 30 > /root/.mariadb-root-pw && cat /root/.mariadb-root-pw
# systemctl start mariadb.service
# systemctl enable mariadb.service

# mysql_secure_installation
# mysql -u root --password=$(cat /root/.mariadb-root-pw)
CREATE DATABASE blg_guacamole_DB;
EXIT

# cat /usr/share/guacamole-auth-jdbc-mysql/schema/*.sql | mysql -u root --password=$(cat /root/.mariadb-root-pw) blg_guacamole_DB

# openssl rand -base64 30 > /root/.mariadb-guacamole-pw && cat /root/.mariadb-guacamole-pw
# mysql -u root --password=$(cat /root/.mariadb-root-pw)
CREATE USER 'blg_guaca_user' IDENTIFIED BY 'guacamole_password';
GRANT SELECT,INSERT,UPDATE,DELETE ON blg_guacamole_DB.* TO 'blg_guaca_user';
FLUSH PRIVILEGES;
EXIT

# sed -i "s/#mysql-hostname: localhost/mysql-hostname: localhost/" /etc/guacamole/guacamole.properties
# sed -i "s/#mysql-port:     3306/mysql-port:     3306/" /etc/guacamole/guacamole.properties
# sed -i "s/#mysql-database: guacamole_db/mysql-database: blg_guacamole_DB/" /etc/guacamole/guacamole.properties
# sed -i "s/#mysql-username: guacamole_user/mysql-username: blg_guaca_user/" /etc/guacamole/guacamole.properties
# sed -i "s/#mysql-password: some_password/mysql-password: $(cat /root/.mariadb-guacamole-pw)/" /etc/guacamole/guacamole.properties

# less /etc/guacamole/guacamole.properties

# firewall-cmd --zone=public --add-port=8080/tcp --permanent
# firewall-cmd --reload

# setsebool -P tomcat_can_network_connect_db on

# systemctl restart tomcat
# netstat -tulpn

Setup DuoProtectet Admin User here!! → Create it in Guacamole. 

# yum install glyptodon-guacamole-auth-duo
# vim /etc/guacamole/guacamole.properties

The relevant properties can be found in the “DUO-1” and “DUO-2” section: 

##
## [DUO-1] Duo application integration details
##
## The API hostname, integration key, and secret key provided for you by Duo
## when you registered Guacamole in Duo's "Admin" panel. Each of these values
## is required and is generated by Duo.
##

#duo-api-hostname:    XXXXXXXX.duosecurity.com
#duo-integration-key: 0123456789ABCDEF0123
#duo-secret-key:      0123456789ABCDEF0123

##
## [DUO-2] Duo application key
##
## An arbitrary and random key to use when communicating with the Duo service.
## This key MUST be manually generated, and MUST BE AT LEAST 40 CHARACTERS.
##

#duo-application-key: abcdefghijklmnopqrstuvwxyz0123456789ABCD


# systemctl restart tomcat
  • redhat/guacamole-redhat/glyptodon-enterprise-redhat.txt
  • Last modified: 2018/12/17 10:58
  • by michael