Apache Guacamole is a clientless, web-based remote desktop gateway supporting RDP, VNC and SSH; for a deeper dive into what Guacamole is and its use cases, see our previous blog post on Apache Guacamole.
Here’s a concise, step-by-step guide to installing and configuring Apache Guacamole on both Ubuntu 20.04 and CentOS 8.
1. Prerequisites
- A fresh server (Ubuntu 20.04 or CentOS 8) with root or sudo privileges
- Java 8+ (OpenJDK)
- A database (MySQL/MariaDB or PostgreSQL) for storing user credentials
- Tomcat 9 (or later) to serve the Guacamole web application
2. Install Dependencies
Ubuntu 20.04
sudo apt update
sudo apt install -y build-essential libcairo2-dev libjpeg-turbo8-dev \
libpng-dev libossp-uuid-dev libavcodec-dev libavformat-dev libavutil-dev \
libswscale-dev freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev \
libvncserver-dev libpulse-dev libssl-dev libvorbis-dev libwebp-dev \
mysql-client mysql-server tomcat9 tomcat9-admin tomcat9-common \
nginx openjdk-11-jdk
CentOS 8
sudo dnf groupinstall -y "Development Tools"
sudo dnf install -y cairo-devel libjpeg-turbo-devel libpng-devel \
libuuid-devel ffmpeg-devel freerdp-devel pango-devel libssh2-devel \
libtelnet-devel libvncserver-devel pulseaudio-libs-devel openssl-devel \
libvorbis-devel libwebp-devel mysql mariadb-server mariadb \
tomcat tomcat-admin-webapps tomcat-webapps java-11-openjdk-devel nginx
3. Build and Install guacd (the Guacamole proxy daemon)
wget https://apache.org/dyn/closer.cgi?action=download&filename=guacamole/1.5.3/source/guacamole-server-1.5.3.tar.gz -O guacd.tar.gz
tar -xzf guacd.tar.gz
cd guacamole-server-1.5.3
mkdir build && cd build
cmake .. -DCMAKE_INSTALL_PREFIX=/usr/local -DWITH_MYSQL=onmake
sudo make install
sudo ldconfig
sudo systemctl enable guacd
sudo systemctl start guacd
4. Install the Guacamole Web Application
# 1. Download the .war file
wget https://apache.org/dyn/closer.cgi?action=download&filename=guacamole/1.5.3/binary/guacamole-1.5.3.war -O guacamole.war#2. Deploy to Tomcat
sudo mv guacamole.war /var/lib/tomcat9/webapps/ # Ubuntu
# or
sudo mv guacamole.war /usr/share/tomcat/webapps/ # CentOS
# 3. Create extension directory
sudo mkdir -p /etc/guacamole/{extensions,lib}
5. Configure the Database
Replace <dbuser>, <dbpass>, and <dbname> with your choices.
# Log in to MySQL/MariaDB
sudo mysql -u root
# Create database and user
CREATE DATABASE guacamole_db CHARACTER SET utf8mb4 COLLATE utf8mb4_bin;
CREATE USER 'guac_user'@'localhost' IDENTIFIED BY 'guac_password';
GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole_db.* TO 'guac_user'@'localhost';
FLUSH PRIVILEGES;
EXIT;
Download and run the JDBC schema scripts:
cd guacamole-server-1.5.3/auth/mysql/schema
cat *.sql | mysql -u guac_user -p guacamole_db
6. Configure Guacamole
Create /etc/guacamole/guacamole.properties:
# MySQL properties
mysql-hostname: localhost
mysql-port: 3306
mysql-database: guacamole_db
mysql-username: guac_user
mysql-password: guac_password
# Location of proxy daemon
guacd-hostname: localhost
guacd-port: 4822
# Auth provider
auth-provider:net.sourceforge.guacamole.auth.jdbc.JDBCAuthenticationProvider
Link Tomcat’s GUACAMOLE_HOME:
sudo ln -s /etc/guacamole /usr/share/tomcat9/.guacamole # Ubuntu
# or
sudo ln -s /etc/guacamole /usr/share/tomcat/.guacamole # CentOS
Place the MySQL auth extension in Tomcat:
sudo cp guacamole-auth-jdbc-mysql-1.5.3.jar /etc/guacamole/extensions/
sudo cp /usr/local/lib/libguac-client-rdp.so /etc/guacamole/lib/
# (also copy vnc, ssh, etc. libs if needed)
7. Finalize & Start Guacamole Services
# Restart Tomcat and guacd
sudo systemctl restart tomcat9 # or tomcat
sudo systemctl restart guacd
Ensure ports 8080 (Tomcat) and 4822 (guacd) are open in your firewall or security group.
8. Access the Web UI of Guacamole
- Visit
http://<your-server-ip>:8080/guacamole/ - Log in with the default user
guacadmin/guacadmin - Immediately change the admin password under Settings → Users
You’re done! You now have a working Apache Guacamole installation. For advanced tuning—SSL via Nginx proxy, LDAP integration, custom themes—refer to the official docs.
