Last Updated on
Smart Working needs are stressing the needs to have an external access to your Personal Computer from a remote station. This remote station can be whatever device, with whatever OS (and different versions). The very first need for people is remoting their Desktop to have access their docs and apps.
A flexible solution comes with Apache Guacamole™, an Open Source software able to give a clientless remote desktop access (via VNC, RDP, SSH, etc). This solution differs from common ones because it can be used from a simple Web Browser, helping to overcome client installation issues.
This guide will provide step-by-step procedure to install Apache Guacamole in your Raspberry PI, making it your personal remote desktop web gateway. Also Docker will be user to simplify service setup.
First of all, let me show a simple diagram to better understand what we are building.
This solution requires that:
- Your Raspberry PI can be reached from your laptop from where you want to see remote desktop
- Your remote PC have RDP configured or VNC server active or SSH remote connection enabled
In this post, I’m going to use a Windows RDP connection. A remote Windows 10 PC will be managed by an external device (maybe another PC with different OS, a tablet, etc).
What We Need
As usual, I suggest adding from now to your favourite ecommerce shopping chart all needed hardware, so that at the end you will be able to evaluate overall costs and decide if continuing with the project or removing them from shopping chart. So, hardware will be only:
- Raspberry PI (including proper power supply or using a smartphone micro usb charger with at least 3A)
- micro SD card (at least 16 GB, at least class 10)
- a device different from your remote PC (a different PC, tablet, etc)
Configure RDP on remote PC
Remote PS with Windows OS must be configured to accept connections from specified users already created. With Windows 7, users are usually belonging to Workgroup or specific domain, having a specific password. With Windows 8 / 10, users will usually match with mail address and related password. In both cases you must configure your user to belong in Remote Desktop Users group.
Note that you can’t connect to a computer that’s asleep or hibernating. Make sure settings for sleep and hibernation on remote computer are set to Never in Energy Management options.
Configure RDP on remote PC in Windows 7
For Windows 7 Remote PCs, the procedure can be found in https://support.microsoft.com/en-us/help/17463/windows-7-connect-to-another-computer-remote-desktop-connection:
- Open System by clicking Start button, right-clicking Computer, and then clicking Properties.
- Click Remote settings. If you’re prompted for an administrator password or confirmation, type the password or provide confirmation. Under Remote Desktop, select one of the three options.
- Click Select Users.
If you’re a computer administrator, your current user account will automatically be added to the list of remote users and you can skip next two steps.
- In Remote Desktop Users dialog box, click Add.
- In Select Users or Groups dialog box, do following:
- To specify search location, click Locations, and then select the location you want to search.
- In Enter the object names to select, type user name that you want to add, and then click OK.
The name will be displayed in user list of Remote Desktop Users dialog box. Click OK, and then click OK again.
Configure RDP on remote PC in Windows 8 / 10
For Windows 8 / 10 Remote PCs, procedure can be found in https://docs.microsoft.com/en-gb/windows-server/remote/remote-desktop-services/clients/remote-desktop-allow-access:
- On device you want to connect to, select Start and then click Settings icon on left.
- Select System group followed by Remote Desktop item.
- Use the slider to enable Remote Desktop.
- It is also recommended to keep PC awake and discoverable to facilitate connections. Click Show settings to enable.
- As needed, add users who can connect remotely by clicking Select users that can remotely access this PC.
Members of Administrators group automatically have access.
Install Raspbian Buster Lite OS
For this part, please refer to Install Raspbian Buster Lite in your Raspberry PI.
Take note of your Raspberry PI IP address, that will be referred in this post as << YourRpiIpAddress >>.
ALso for this part, please use Containers Over RPI: Setup a Docker Environment with Raspbian Buster Lite and Portainer article. Portainer is a simple and useful web GUI for docker, but its installation is optional for our purpose.
Run Guacamole Container
With Docker, runnung a Guacamole service is particularly easy.
Guacamole container is not ready AS-IS to run on Raspberry PI: it is built on AMD / Linux architecture. Our Raspberry PI, on the other hand, is an ARM architecture.
An help comes from Oznu/docker-guacamole image. With this, once connected to your Raspberry PI via SSH terminal, container can be setup with a simple one line command:
docker run -d -p 8080:8080 -v guacamole_config:/config oznu/guacamole:armhf
This will download required packages, setup a container (with config files mapped to a persistent volume) and make it running.
After container is running, please it a minute to have processes ready and running.
Configure Guacamole Connection
Now all operations will be done from the device / PC from which we want to viasualize web Remote Desktop.
Connect from browser to Guacamole login page of your Raspberry PI. Use the URL “http://<<YourRpiIpAddress>>:8080”
Login with default Guacamole user:
- USERNAME: guacadmin
- PASSWORD: guacadmin
From guacadmin user dropdown menu click on “Settings”:
In next page, click on “Connections” tab:
In next page, use “New Connection” button to configure a new connection:
Next page will let you configure a wide number of parameters to manage your connection type. For a basic Windows RDP connection, you must configure at least the following.
In EDIT CONNECTION section, please enter the name used to refer this connection in you Guacamole Home page (in my example “ASUS”). You can leave Location as ROOT. Please modify Protocol to “RDP”:
In “NETWORK” block, add Hostname parameter with your remote PC IP Address (“192.168.1.34” for my example). Port must be set to 3389 (default Windows RDP port).
In “AUTHENTICATION” section, you must enter user and password configured in your remote PC as enabled Remote Users. My remote PC OS is Windows 10, so my username is my mail address with entire mail domain (for example “email@example.com”). In this case, what is after @ becomes also the Domain (and it is not required to edit “Domain” parameter). If you have a local user, you should also include the domain (for example WORKGROUP of whatever is your).
“Security mode” must be set to “Any”. You must also set “Ignore server certificate” flag.
Scroll down this page to bottom and click Save button. Our new connection now appears in Connections list. Use this page only to edit available connections or to create new ones.
Use drop down menu under guacadmin user to go back Home page, where you will find your link to remote desktop connection. Click this link to load your remote desktop.
Remote Desktop to a Windows PC will automatically logout people using Remote PC. In the same way, if you try to launch Remote Desktop to the same PC where you are working, you will be logged out.
Apache Guacamole is plenty of interesing features, try them to find solution that best fit your needs.
I was expecting from this installation better performances from what I obtained with my Raspberry PI 3 Model B (in terms of readyness to commands). Maybe that some setting have to be tuned or a different protocol could perform better.