ref
https://www.raspberrypi.org/forums/viewtopic.php?f=81&t=71166
https://www.raspberrypi.org/forums/viewtopic.php?f=81&t=71166
Configureation UI
enable ssh, vnc on menu "raspberry pi configuration"
Wifi country select GB
ssh pi@192.168.1.3 with raspberry
sudo userdel -r leungric
sudo adduser leungric
sudo nano /etc/sudoers # or sudo visudo
# add line to bottom, must be after $sudo line
leungric ALL=(ALL:ALL) NOPASSWD:ALL
java
sudo apt-get install oracle-java8-jdk
export JAVA_HOME=/usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt
install server
make
sudo make install
sudo ldconfig
sudo update-rc.d guacd defaults
install client war ( 0.9.13 debian 9 2018)
wget --user-agent=Mozilla \ -e robots=off "https://archive.apache.org/dist/guacamole/0.9.13-incubating/source/guacamole-client-0.9.13-incubating.tar.gz" -O guacamole-client-0.9.13-incubating.tar.gz
ssh leungric@192.168.1.3
sudo ls -al /root
sudo ls -al /root
update if have not yet
sudo apt-get update
real-vnc-server is the builtin one
sudo apt-get install realvnc-vnc-server
sudo adduser leungric sudo
sudo vncpasswd -service
enter pw
# pw set in /root/.vnc/config.d/vncserver-x11
sudo adduser leungric sudo
sudo vncpasswd -service
enter pw
# pw set in /root/.vnc/config.d/vncserver-x11
sudo nano /root/.vnc/config.d/vncserver-x11
Authentication=VncAuth
Encryption=AlwaysOff
Password=e0fd0472492935da # foobar
# now Windows TightVncViewer can use password only to vnc raspberry pi
Wifi
sudo raspi-config
Versions
cat /etc/*release
PRETTY_NAME="Raspbian GNU/Linux 9 (stretch)"
NAME="Raspbian GNU/Linux"
VERSION_ID="9"
VERSION="9 (stretch)"
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"
Versions
cat /etc/*release
PRETTY_NAME="Raspbian GNU/Linux 9 (stretch)"
NAME="Raspbian GNU/Linux"
VERSION_ID="9"
VERSION="9 (stretch)"
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"
should be optional
sudo apt-get dist-upgrade
xrdp
sudo apt-get install -y xrdp
sudo apt-get install oracle-java8-jdk
export JAVA_HOME=/usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt
printenv | grep JAVA
JAVA_HOME=/usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt
java -version
java version "1.8.0_65"
Java(TM) SE Runtime Environment (build 1.8.0_65-b17)
Java HotSpot(TM) Client VM (build 25.65-b01, mixed mode)
listen before jetty
sudo netstat -natup
jetty9
sudo apt-get update
sudo apt-get -y upgrade
sudo apt-cache search jetty
sudo apt-get -y install jetty9
sudo nano /etc/default/jetty9
NO_START=0 (make sure)
sudo service jetty9 restart
sudo service jetty9 status
http://192.168.1.3:8080
port after jetty restarted
sudo netstat -natup
Proto Local Address Foreign Address State
tcp 0.0.0.0:5900 0.0.0.0:* LISTEN
tcp 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 127.0.0.1:6010 0.0.0.0:* LISTEN
tcp 127.0.0.1:41864 127.0.0.1:35063 ESTABLISHED
tcp 192.168.31.3:22 192.168.31.4:53842 ESTABLISHED
tcp 192.168.31.3:22 192.168.31.4:53843 ESTABLISHED
tcp 127.0.0.1:35063 127.0.0.1:41864 ESTABLISHED
tcp6 :::5900 :::* LISTEN
tcp6 :::8080 :::* LISTEN
tcp6 :::22 :::* LISTEN
tcp6 ::1:6010 :::* LISTEN
tcp6 ::1:43222 ::1:6010 TIME_WAIT
udp 0.0.0.0:5353 0.0.0.0:*
udp 0.0.0.0:60726 0.0.0.0:*
udp 0.0.0.0:68 0.0.0.0:*
udp6 :::5353 :::*
udp6 :::42955 :::*
Java(TM) SE Runtime Environment (build 1.8.0_65-b17)
Java HotSpot(TM) Client VM (build 25.65-b01, mixed mode)
listen before jetty
sudo netstat -natup
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:5900 0.0.0.0:* LISTEN 1109/vncserver-x11-
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1087/sshd
tcp 0 0 192.168.1.3:22 192.168.1.197:49388 ESTABLISHED 1417/sshd: leungric
tcp 0 0 127.0.0.1:53516 127.0.0.1:39569 ESTABLISHED 1109/vncserver-x11-
tcp 0 0 127.0.0.1:39569 127.0.0.1:53516 ESTABLISHED 1133/vncserverui
tcp6 0 0 :::5900 :::* LISTEN 1109/vncserver-x11-
tcp6 0 0 ::1:3350 :::* LISTEN 1934/xrdp-sesman
tcp6 0 0 :::22 :::* LISTEN 1087/sshd
tcp6 0 0 :::3389 :::* LISTEN 1946/xrdp
udp 0 0 0.0.0.0:5353 0.0.0.0:* 389/avahi-daemon: r
udp 0 0 0.0.0.0:36630 0.0.0.0:* 389/avahi-daemon: r
udp 0 0 0.0.0.0:68 0.0.0.0:* 437/dhcpcd
udp6 0 0 :::5353 :::* 389/avahi-daemon: r
udp6 0 0 :::42503 :::* 389/avahi-daemon: r
sudo apt-get update
sudo apt-get -y upgrade
sudo apt-cache search jetty
sudo apt-get -y install jetty9
sudo nano /etc/default/jetty9
NO_START=0 (make sure)
sudo service jetty9 restart
sudo service jetty9 status
http://192.168.1.3:8080
port after jetty restarted
sudo netstat -natup
Proto Local Address Foreign Address State
tcp 0.0.0.0:5900 0.0.0.0:* LISTEN
tcp 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 127.0.0.1:6010 0.0.0.0:* LISTEN
tcp 127.0.0.1:41864 127.0.0.1:35063 ESTABLISHED
tcp 192.168.31.3:22 192.168.31.4:53842 ESTABLISHED
tcp 192.168.31.3:22 192.168.31.4:53843 ESTABLISHED
tcp 127.0.0.1:35063 127.0.0.1:41864 ESTABLISHED
tcp6 :::5900 :::* LISTEN
tcp6 :::8080 :::* LISTEN
tcp6 :::22 :::* LISTEN
tcp6 ::1:6010 :::* LISTEN
tcp6 ::1:43222 ::1:6010 TIME_WAIT
udp 0.0.0.0:5353 0.0.0.0:*
udp 0.0.0.0:60726 0.0.0.0:*
udp 0.0.0.0:68 0.0.0.0:*
udp6 :::5353 :::*
udp6 :::42955 :::*
port after browsed
Send-Q Local Address Foreign Address State
0 0.0.0.0:5900 0.0.0.0:* LISTEN
0 0.0.0.0:22 0.0.0.0:* LISTEN
0 127.0.0.1:6010 0.0.0.0:* LISTEN
0 127.0.0.1:41864 127.0.0.1:35063 ESTABLISHED
108 192.168.31.3:22 192.168.31.4:53842 ESTABLISHED
0 192.168.31.3:22 192.168.31.4:53843 ESTABLISHED
0 127.0.0.1:35063 127.0.0.1:41864 ESTABLISHED
0 :::5900 :::* LISTEN
0 :::8080 :::* LISTEN
0 :::22 :::* LISTEN
0 ::1:6010 :::* LISTEN
0 192.168.31.3:8080 192.168.31.4:53863 ESTABLISHED
0 192.168.31.3:8080 192.168.31.4:53864 ESTABLISHED
0 192.168.31.3:8080 192.168.31.4:53865 ESTABLISHED
0 192.168.31.3:8080 192.168.31.4:53866 ESTABLISHED
0 0.0.0.0:5353 0.0.0.0:*
0 0.0.0.0:60726 0.0.0.0:*
0 0.0.0.0:68 0.0.0.0:*
0 :::5353 :::*
0 :::42955 :::*
basic packages
sudo apt-get install -y
libjpeg62-turbo-dev
libcairo2-dev
libossp-uuid-dev
libjpeg is required for writing jpeg messages
Cairo is required for drawing instructions
The OSSP UUID library is required
then required packages
sudo apt-get install -y
gawk
libssl-dev
libogg-dev
libvorbis-dev
libpulse-dev
libfreerdp-dev
libwebp-dev
libpango1.0-dev
libavcodec-dev
libavutil-dev
libswscale-dev
libswscale-dev
libtelnet-dev
libvncserver-dev
finally required packages
sudo apt-get install -y
libssh-dev
libssh2-1-dev
Recheck for below
./configure --with-init-dir=/etc/init.d
checking for gawk... gawk
Unable to find libssl.
Unable to find libogg / libvorbis / libvorbisenc
Unable to find libpulse
Unable to find libfreerdp-core / libfreerdp
Unable to find libwebp
libssl .............. yes
libvorbis ........... yes
libpulse ............ yes
freerdp ............. yes
libwebp ............. yes
pango ............... yes
libavcodec .......... yes
libavutil ........... yes
libswscale .......... yes
libVNCServer ........ yes
SSH ....... yes
SSH ....... yes
Telnet .... yes
VNC ....... yes
Debian 11 2022 (not Debian 9 2018, not work in Debian 11 2022)
# sudo apt-get install libfreerdp-dev
sudo apt-get install freerdp2-dev
prohibit packages
sudo apt-get install -y
libpng12-dev (this will remove cairo and cause failure)
configure server (0.9.13 working in 2021)
guacamole-server-0.9.13-incubating.tar.gz
guacamole-server-0.9.13-incubating.tar.gz
wget --user-agent=Mozilla \ -e robots=off "https://archive.apache.org/dist/guacamole/0.9.13-incubating/source/guacamole-server-0.9.13-incubating.tar.gz" -O guacamole-server-0.9.13-incubating.tar.gz
tar -xzf guacamole-server-0.9.13-incubating.tar.gz
cd guacamole-server-0.9.13-incubating
./configure --with-init-dir=/etc/init.d
cd guacamole-server-0.9.13-incubating
./configure --with-init-dir=/etc/init.d
configure server (1.0.0 yes work in Debian 9 Stretch in 2022)
wget --user-agent=Mozilla \ -e robots=off "https://apache.org/dyn/closer.cgi?action=download&filename=guacamole/1.0.0/source/guacamole-server-1.0.0.tar.gz" -O guacamole-server-1.0.0.tar.gz
tar -xzf guacamole-server-1.0.0.tar.gz
cd guacamole-server-1.0.0
./configure --with-init-dir=/etc/init.d
configure server (1.4.0 not work in Debian 11 2022)
sudo apt-get install -y libwebsockets-dev libavcodec-dev libavformat-dev libavutil-dev libswsccale-dev
wget --user-agent=Mozilla \ -e robots=off "https://apache.org/dyn/closer.lua/guacamole/1.4.0/source/guacamole-server-1.4.0.tar.gz?action=download" -O guacamole-server-1.4.0.tar.gz
tar -xzf guacamole-server-1.4.0.tar.gz
cd guacamole-server-1.4.0
./configure --with-init-dir=/etc/init.d
guacamole-server version 0.9.13
guacamole-server version 0.9.13-incubating
Library status:
freerdp ............. yes
pango ............... yes
libavcodec .......... yes
libavutil ........... yes
libssh2 ............. yes
libssl .............. yes
libswscale .......... yes
libtelnet ........... yes
libVNCServer ........ yes
libvorbis ........... yes
libpulse ............ yes
libwebp ............. yes
Protocol support:
RDP ....... yes
SSH ....... yes
Telnet .... yes
VNC ....... yes
Services / tools:
guacd ...... yes
guacenc .... yes
Init scripts: /etc/init.d
Type "make" to compile guacamole-server.
Leaving theses nos
Line 16: checking whether we are cross compiling... no
Line 20: checking for gcc option to accept ISO C89... none needed
Line 38: checking for dlltool... no
Line 45: checking for sysroot... no
Line 49: checking if mt is a manifest tool... no
Line 63: checking if gcc supports -fno-rtti -fno-exceptions... no
Line 70: checking whether -lc should be explicitly linked in... no
Line 73: checking for shl_load... no
Line 74: checking for shl_load in -ldld... no
Line 75: checking for dlopen... no
Line 78: checking whether a statically linked program can dlopen itself... no
Line 89: checking for gcc option to accept ISO C99... none needed
Line 111: checking pngstruct.h usability... no
Line 112: checking pngstruct.h presence... no
Line 113: checking for pngstruct.h... no
Line 124: checking for CU_run_test in -lcunit... no
Line 125: checking for main in -lwsock32... no
Line 146: checking whether DSA_SIG_get0 is declared... no
Line 147: checking whether DSA_get0_pqg is declared... no
Line 148: checking whether DSA_get0_key is declared... no
Line 149: checking whether RSA_get0_key is declared... no
Line 169: checking whether freerdp_convert_gdi_order_color is declared... no
Line 170: checking whether freerdp_color_convert_drawing_order_color_to_gdi_color is declared... no
Line 171: checking for rdpSvcPlugin.interval_ms... no
Line 183: checking for rdpSettings.SupportDisplayControl... no
Line 197: checking for rdpSettings.Width... no
Line 198: checking for rdpSettings.Height... no
Line 203: checking for CHANNEL_ENTRY_POINTS_FREERDP... no
Line 208: checking whether IWTSVirtualChannelCallback.OnDataReceived() uses a wStream... no
Line 209: checking whether interleaved_decompress() accepts an additional palette parameter... no
Line 210: checking whether planar_decompress() can flip... no
Line 211: checking for rdpContext.codecs... no
Line 217: checking for gcry_control in -lssh2... no
guacamole-server version 1.4.0 (may work in Debian 11 2022)
------------------------------------------------
guacamole-server version 1.4.0
------------------------------------------------
Library status:
freerdp2 ............ yes
pango ............... yes
libavcodec .......... yes
libavformat.......... yes
libavutil ........... yes
libssh2 ............. yes
libssl .............. yes
libswscale .......... yes
libtelnet ........... yes
libVNCServer ........ yes
libvorbis ........... yes
libpulse ............ yes
libwebsockets ....... yes
libwebp ............. yes
wsock32 ............. no
Protocol support:
Kubernetes .... yes
RDP ........... yes
SSH ........... yes
Telnet ........ yes
VNC ........... yes
Services / tools:
guacd ...... yes
guacenc .... yes
guaclog .... yes
FreeRDP plugins: /usr/lib/arm-linux-gnueabihf/freerdp2
Init scripts: /etc/init.d
Systemd units: no
Type "make" to compile guacamole-server.
install server
make
sudo make install
sudo ldconfig
sudo update-rc.d guacd defaults
sudo /etc/init.d/guacd restart
sudo /etc/init.d/guacd status
guacd is running with PID=27937.
sudo service guacd status
ps -ef | grep guacd
root 27937 1 0 02:25 ? 00:00:00 /usr/local/sbin/guacd -p /var/run/guacd.pid
leungric 27952 912 0 02:25 pts/0 00:00:00 grep --color=auto guacd
# sudo systemctl status guacd # Active: inactive (dead) # no need to use systemctl
Maven
sudo apt-get install -y maven
wget --user-agent=Mozilla \ -e robots=off "https://archive.apache.org/dist/guacamole/0.9.13-incubating/source/guacamole-client-0.9.13-incubating.tar.gz" -O guacamole-client-0.9.13-incubating.tar.gz
tar -xzf guacamole-client-0.9.13-incubating.tar.gz
cd guacamole-client-0.9.13-incubating/
mvn package (very long time on 1.2GHz Quad Core, take a break, 15-30mins)
mvn package (very long time on 1.2GHz Quad Core, take a break, 15-30mins)
cd guacamole/target/
ls guacamole-0.9.13-incubating.war
sudo mv guacamole-0.9.13-incubating.war /usr/share/jetty9/webapps/guacamole.war
sudo service jetty9 restart
http://192.168.1.3:8080/guacamole
ls guacamole-0.9.13-incubating.war
sudo mv guacamole-0.9.13-incubating.war /usr/share/jetty9/webapps/guacamole.war
sudo service jetty9 restart
http://192.168.1.3:8080/guacamole
install client war (1.0.0 yes work in debian 9 2022)
wget --user-agent=Mozilla \ -e robots=off "https://archive.apache.org/dist/guacamole/1.0.0/source/guacamole-client-1.0.0.tar.gz" -O guacamole-client-1.0.0.tar.gz
wget --user-agent=Mozilla \ -e robots=off "https://archive.apache.org/dist/guacamole/1.0.0/source/guacamole-client-1.0.0.tar.gz" -O guacamole-client-1.0.0.tar.gz
tar -xzf guacamole-client-1.0.0.tar.gz
cd guacamole-client-1.0.0
mvn package (very long time on 1.2GHz Quad Core, take a break, 15-30mins)
cd guacamole/target/
ls guacamole-1.0.0.war
sudo mv guacamole-1.0.0.war /usr/share/jetty9/webapps/guacamole.war
sudo service jetty9 restart
http://192.168.1.3:8080/guacamole
ls guacamole-1.0.0.war
sudo mv guacamole-1.0.0.war /usr/share/jetty9/webapps/guacamole.war
sudo service jetty9 restart
http://192.168.1.3:8080/guacamole
install client war (1.4.0 debian 11 2022)
wget --user-agent=Mozilla \ -e robots=off "https://apache.org/dyn/closer.lua/guacamole/1.4.0/binary/guacamole-1.4.0.war?action=download" -O guacamole-1.4.0.war
wget --user-agent=Mozilla \ -e robots=off "https://apache.org/dyn/closer.lua/guacamole/1.4.0/binary/guacamole-1.4.0.war?action=download" -O guacamole-1.4.0.war
ls guacamole-1.4.0.war
sudo mv guacamole-1.4.0.war /usr/share/jetty9/webapps/guacamole.war
sudo service jetty9 restart
http://192.168.1.3:8080/guacamole
sudo mv guacamole-1.4.0.war /usr/share/jetty9/webapps/guacamole.war
sudo service jetty9 restart
http://192.168.1.3:8080/guacamole
configure
sudo mkdir /usr/share/jetty9/.guacamole
cd /usr/share/jetty9/.guacamole
sudo nano guacamole.properties
# Hostname and port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822
# Location to read extra .jar's from
lib-directory: /usr/share/jetty9/.guacamole
# Authentication provider class
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
# Properties used by BasicFileAuthenticationProvider
basic-user-mapping: /usr/share/jetty9/.guacamole/user-mapping.xml
cd /usr/share/jetty9/.guacamole
sudo nano guacamole.properties
# Hostname and port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822
# Location to read extra .jar's from
lib-directory: /usr/share/jetty9/.guacamole
# Authentication provider class
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
# Properties used by BasicFileAuthenticationProvider
basic-user-mapping: /usr/share/jetty9/.guacamole/user-mapping.xml
sudo nano /usr/share/jetty9/.guacamole/user-mapping.xml
<user-mapping>
<authorize username="leungric" password="2d4b6753d3e94ef39a1de5cddef6aa44" encoding="md5">
<connection name="pi 192.168.1.3 rdp">
<protocol>rdp</protocol>
<param name="hostname">192.168.1.3</param>
<param name="port">3389</param>
</connection>
<connection name="pi 192.168.1.3 ssh">
<protocol>ssh</protocol>
<param name="hostname">192.168.1.3</param>
<param name="port">22</param>
</connection>
<connection name="pi 192.168.1.3 vnc">
<protocol>vnc</protocol>
<param name="hostname">192.168.1.3</param>
<param name="port">5900</param>
<param name="password">Tin.netS1....</param>
</connection>
</authorize>
</user-mapping>
http://192.168.1.3:8080/guacamole
leungric
....
need sudo service jetty9 restart # not sudo /etc/init.d/guacd restart
ssh 8443 optional (unsuccessful, dont use, verify after 2021, working 2022)
# https://stackoverflow.com/questions/4008837/configure-ssl-on-jetty
cd /usr/share/jetty9
sudo openssl genrsa -des3 -out jetty.key
# enter 8 char pw
sudo openssl req -new -x509 -key jetty.key -out jetty.crt
sudo openssl genrsa -des3 -out jetty.key
# enter 8 char pw
sudo openssl req -new -x509 -key jetty.key -out jetty.crt
# enter 8 char pw
# many default enter
sudo keytool -keystore keystore -import -alias jetty -file jetty.crt -trustcacerts
# enter 8 char pw
# trust? yes, cert added keystore
# try skip this line # sudo openssl req -new -key jetty.key -out jetty.csr
sudo openssl pkcs12 -inkey jetty.key -in jetty.crt -export -out jetty.pkcs12
# enter 8 char pw 3 times
sudo keytool -importkeystore -srckeystore jetty.pkcs12 -srcstoretype PKCS12 -destkeystore keystore
# enter 8 char pw
# 1 successfully imported
HTTPS/SSL (working 2022 with 0.9.13 and also 1.0.0)
# many default enter
sudo keytool -keystore keystore -import -alias jetty -file jetty.crt -trustcacerts
# enter 8 char pw
# trust? yes, cert added keystore
# try skip this line # sudo openssl req -new -key jetty.key -out jetty.csr
sudo openssl pkcs12 -inkey jetty.key -in jetty.crt -export -out jetty.pkcs12
# enter 8 char pw 3 times
sudo keytool -importkeystore -srckeystore jetty.pkcs12 -srcstoretype PKCS12 -destkeystore keystore
# enter 8 char pw
# 1 successfully imported
HTTPS/SSL (working 2022 with 0.9.13 and also 1.0.0)
cd /usr/share/jetty9
ls /usr/share/jetty9/start.jar
sudo java -jar /usr/share/jetty9/start.jar --add-to-startd=ssl,https
# many initialised, enabled in start.ini
# many initialised, enabled in start.ini
sudo nano /usr/share/jetty9/start.d/https.ini
# https.port=8443, exit
# https.port=8443, exit
sudo nano /usr/share/jetty9/start.d/ssl.ini
# jetty.secure.port=8443, exit
# jetty.secure.port=8443, exit
sudo service jetty9 restart
sudo service jetty9 status
sudo netstat -natup | grep -E "8080|8443"
# :::8443 :::8080 :::* LISTEN 3828/java
sudo ss -natup | grep -E "8080|8443"
sudo netstat -natup | grep -E "8080|8443"
# :::8443 :::8080 :::* LISTEN 3828/java
sudo ss -natup | grep -E "8080|8443"
https://192.168.1.3:8443/
https://192.168.1.3:8443/guacamole
https://192.168.1.3:8443/guacamole
RDP to Windows 10 and 11 (2022)
# https://stackoverflow.com/questions/44039126/guacamole-windows-10-rdp-failed
# https://stackoverflow.com/questions/44039126/guacamole-windows-10-rdp-failed
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]
Change “SecurityLayer” value to 1 (from possibly value 2)
Verify “UserAuthentication” value is 0
沒有留言:
張貼留言