guacd

Apache Guacamole proxy daemon.

TLDR

Bind to a specific port on localhost

$ guacd -b [127.0.0.1] -l [4823]
copy

Start in debug mode, keeping the process in the foreground

$ guacd -f -L [debug]
copy

Start with TLS support

$ guacd -C [my-cert.crt] -K [my-key.pem]
copy

Write the PID to a file

$ guacd -p [path/to/file.pid]
copy

SYNOPSIS

guacd [-b HOST] [-l PORT] [-p PID FILE] [-L LOG LEVEL] [-C CERTIFICATE FILE] [-K KEY FILE] [-f] [-v]

DESCRIPTION

guacd is the Guacamole proxy daemon used by the Guacamole web application and framework. As JavaScript cannot handle binary protocols (like VNC and remote desktop) efficiently, a new text-based protocol was developed which would contain a common superset of the operations needed for efficient remote desktop access, but would be easy for JavaScript programs to process. guacd is the proxy which translates between arbitrary protocols and the Guacamole protocol.

OPTIONS

-b HOST

Changes the host or address that guacd listens on.

-l PORT

Changes the port that guacd listens on (the default is port 4822).

-p FILE

Causes guacd to write the PID of the daemon process to the specified file. This is useful for init scripts and is used by the provided init script.

-L LEVEL

Sets the maximum level at which guacd will log messages to syslog and, if running in the foreground, the console. Legal values are trace, debug, info, warning, and error. The default value is info.

-f

Causes guacd to run in the foreground, rather than automatically forking into the background.

-v

Causes guacd to simply print its version information and exit.

SSL/TLS OPTIONS

If libssl was present at the time guacd was compiled, it will contain SSL/TLS support, and connections between the web application and guacd can be encrypted if a certificate file is given.

When using a chain of certificates, you must append the additional certificates to your server certificate. This can be done easily with the standard cat command. Beware that the certificate for guacd must be the first certificate in the file.

-C CERTIFICATE FILE

Enables SSL/TLS using the given cerficiate file. Future connections to this instance of guacd will require SSL/TLS enabled in the client (the web application). If this option is not given, communication with guacd must be unencrypted.

-K KEY FILE

Enables SSL/TLS using the given private key file. Future connections to this instance of guacd will require SSL/TLS enabled in the client (the web application). If this option is not given, communication with guacd must be unencrypted.

SEE ALSO

guacd.conf(5)

Copied to clipboard
coinbase