How to setup Guacamole in Linux (Ubuntu)


Many work environment block port 5900 (default VNC port). By using Guacamole you can always access you computer, even through the firewall(s). To get Guacamole up running follow these three steps: 

  1. Install and configure VNC host software
  2. Install and configure Apache Tomcat.
  3. Install and configure Guacamole

1. Install and configure VNC host software (Ubuntu users can use built in Remote Desktop instead).

Ubuntu -> System -> Preferences -> Remote Desktop


So use these settings and don't forget to choose a good secure password. 

When you got everything setup and working you can go back to this step and tryother VNC host software with more functionality.

2. Install and configure Apache Tomcat. 

There is also a great guide here on how to install Tomcat:

Install Tomcat

Install Apache Tomcat with the following commands:

sudo apt-get install tomcat7


sudo apt-get install tomcat7-admin 


sudo apt-get install tomcat7-docs


Check That Tomcat is running by go to:


it should display a webpage that says "IT Works..."

Configure Tomcat

Edit the Tomcat User file: "/etc/tomcat7/tomcat-users.xml" and setup a "manager-gui" user.

Configure Tomcat to use SSL encryption, important if you want to connect through the internet.

For a more in depth guide press here

Generate your own SSL certificate with the command:

/usr/lib/jvm/java-6-openjdk/bin/$ sudo keytool -genkey -alias guacamole -keypass password -keystore /var/lib/tomcat7/webapps/.keystore -storepass password

Change the bold letter to desired values, remember that "storepass" should be same as "keypass". A questionnaire will no start and answer the questions and your keyfile will be generated.

Edit the file "/etc/tomcat7/server.xml" and find the line that looks something like this:


enableLookups="true" disableUploadTimeout="true" acceptCount="100" debug="0" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/var/lib/tomcat7/webapps/.keystore" keystorePass="password"...Change the keystoreFile to correct path and also supply your keystore password</p> <p>  Restart Tomcat with this command:</p> <p>  sudo service tomcat7 restart</p> <p>  Check That Tomcat is running SSL by go to:</p> <p style="text-align: left;">https://localhost:8443

It should display a webpage that says "IT Works..." 

3. Install and configure Guacamole

For a more detailed guide press here

Install Guacamole

Download Guacamole files and install them with this command:

sudo dpkg -i guacd_*.deb guacamole_*.deb libguac0_*.deb libguac1_*.deb libguac-client-vnc0_*.deb

Or just dubbleclick on each deb file and install through graphical interface.

Configure Gucamole

A simple XML file "/etc/guacamole/" specifies that file-based authentication should be used (the default)

Guacamole user mapping is done by editing the file "/etc/guacamole/user-mapping.xml".

Change the VNC server port and password to the correct values. Also don't forget to set Guacamole username and password.

Make symbolic links (or copy files) for guacamole to Tomcat:

sudo ln -s /var/lib/guacamole/guacamole.war /var/lib/tomcat7/webapps

sudo ln -s /etc/guacamole/ /var/lib/tomcat7/common/classes


Restart Tomcat with this command:

sudo service tomcat7 restart


Go to adress:


Guacamole login page should be displayed:

The end