[ldoughty]

I second using containers for guacamole.

Also agree, this isn't intended to be a replacement for direct access, nor for streaming purposes.

This gives you and RDP session with no software install needed. The use case of guacamole is accessing a system from anywhere without needing your ssh keys, RDP, or VNC software. If you're happy doing any of those directly, adding a middle man doesn't add any value.

That said, if you're managing others accessing the system, you can bastion of the target machines and only expose this access. This lets you put the target machines behind NAT, and only manage one entry point.

[tootie]

Yeah, this is a neat tool, but I'm wondering what actual use case this is fulfilling. Installing an RDP or VNC client isn't a huge effort. If you're enterprise, you're probably already paying for TeamViewer or something similar. The biggest issue is usually the handshake between a client and machine on a private LAN.

[ldoughty]

The Virginia Cyber Range (www.virginiacyberrange.org) is a taxpayer funded organization that leverages this project heavily to give K-12+ students access to virtual machines for cybersecurity education.

Some of our customers are on Chromebooks, but with this they can access machines without installing software.

For students at home, it's the same experience, no need to provide at-home setup instructions for all the common operating systems.

In schools using computer labs, no need to install software at all.. IT admins see Guacamole's requirements for service and it requires them to do no work, and opens no threats to their network.

This allows us to replicate the capabilities of virtual box or similar software without teachers needing to know anything about virtualization, or dealing with the first session/week being the struggle to find BIOS flags to turn on, and getting the virtualization software working.

We currently see about 500-800 unique guacamole connections per day, it's fairly reliable.

[ghthor]

Awesome project! Glad you were able to leverage an OSS project to make your UX streamlined and approachable.

[wayoutthere]

Most ASF projects are not what I would call end-user tools; they're a collection of enabling technologies under an open source license so that they can be integrated in a modular way into a wide range of other products that an end-user would interact with. For better or worse, this seems to be the way that open source is being funded and used by the industry these days.

[millzlane]

We use it in conjunction with Pulse secure. Users are able to remote into their windows desktops via rdp after creating the connection from a web portal.

[w0utert]

>> This gives you and RDP session with no software install needed. The use case of guacamole is accessing a system from anywhere without needing your ssh keys, RDP, or VNC software. If you're happy doing any of those directly, adding a middle man doesn't add any value.

The point is that I'm not happy to do this directly, for various reasons. I don't want to open up any ports that get forwarded to my LAN for remote desktop, and I want to be able to access LAN clients from machines behind a proxy that just blocks anything but http/https traffic. That's why I looked into Guacamole.

Maybe RDP connections work better with guacamole, compared to VNC, but I don't have any windows machines I want to remote into, so that's of no value to me.

[v4n4d1s]

Try Xrdp https://en.wikipedia.org/wiki/Xrdp

I use it on a bunch of Ubuntu 18.04 systems, works out of the box with apache guacamole.