Re: Issues with secure file transfer

2017-07-17 Thread Giorgio 
Thank you Mike for the tip. It worked well from the upload (upstream) from my 
computer to the remote session.
Hence half of my problem is solved.


The downstream is still not working. Say I print to guacamole redirect printer 
or I try to download a file from my RDP to my computer
I still cannot .
b. Downloading from the RDP to the client machine always gives an error 
Disconnected : you have been disconnected however it gives the options to go 
home, reconnect or logout 
c. Printing does not work 


I noticed that it does start downloading but it times out and the downloaded 
file size is always 4Kb


Hope you could also help in closing this issue.


Giorgio



 From:   Mike Jumper  
 To:    
 Sent:   7/17/2017 5:58 AM 
 Subject:   Re: Issues with secure file transfer 


You'll need to set "client_max_body_size" to increase Nginx's default limit for 
file uploads:


http://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size



By default, Nginx limits file uploads to 1 MB.


- Mike




On Thu, Jul 13, 2017 at 2:34 AM, Giorgio  wrote:

Also my nginx.conf file content is :



user www-data;
worker_processes auto;
pid /run/nginx.pid;


events {
 worker_connections 768;
 # multi_accept on;
}


http {


 ##
 # Basic Settings
 ##


 sendfile on;
 tcp_nopush on;
 tcp_nodelay on;
 keepalive_timeout 65;
 types_hash_max_size 2048;
 # server_tokens off;


 # server_names_hash_bucket_size 64;
 # server_name_in_redirect off;


 include /etc/nginx/mime.types;
 default_type application/octet-stream;


 ##
 # SSL Settings
 ##


 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
 ssl_prefer_server_ciphers on;


 ##
 # Logging Settings
 ##


 access_log /var/log/nginx/access.log;
 error_log /var/log/nginx/error.log;


 ##
 # Gzip Settings
 ##


 gzip on;
 gzip_disable "msie6";


 # gzip_vary on;
 # gzip_proxied any;
 # gzip_comp_level 6;
 # gzip_buffers 16 8k;
 # gzip_http_version 1.1;
 # gzip_types text/plain text/css application/json application/javascript 
text/xml application/xml application/xml+rss text/javascript;


 ##
 # Virtual Host Configs
 ##


 include /etc/nginx/conf.d/*.conf;
 include /etc/nginx/sites-enabled/*;
}




 From:   Giorgio  
 To:    
 Sent:   7/13/2017 10:56 AM 
 Subject:   Re: Issues with secure file transfer 

Yes it is nginx




Guacamole file below: 


server {
        listen 443 ssl;
        server_name myservername;


        access_log   /var/log/nginx/guacamole.access.log ;
        error_log    /var/log/nginx/guacamole.error.log info ;


        ssl_certificate /etc/letsencrypt/live/myservername/cert.pem;
        ssl_certificate_key /etc/letsencrypt/live/myservername/privkey.pem;
        
        location ~ /.well-known {
                allow all;
        }
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_set_header Upgrade $http_upgrade;
 proxy_set_header Connection $http_connection;
        location / {
        proxy_buffering off;
        proxy_pass  http://127.0.0.1:8080/guacamole;
        }
}





Regards
Giorgio

 From:   Mike Jumper  
 To:    
 Sent:   7/12/2017 11:54 PM 
 Subject:   Re: Issues with secure file transfer 


Is Guacamole behind a reverse proxy like Nginx or Apache?


- Mike




On Jul 12, 2017 14:38, "Giorgio"  wrote:

Problem with : 
File upload 
File Download 
Printing 

1, Should I access the guacamole server using http  all works well. 
2, Should I access it using https then 
a. I can upload a file with max size 1Mbyte 
any file bigger than 1Mbyte will receive  and error You do not have permission 
to upload this file. If you require access, please check your system settings, 
or check with your system administrator. 
b. Downloading from the RDP to the client machine always gives an error 
Disconnected : you have been disconnected however it gives the options to go 
home, reconnect or logout 
c. Printing does not work 

I can see the following error line into my guacamole error log : 
reported that client prematurely closed connection, so upstream connection is 
closed too while sending to client 

By the way the above scenario is for both private and public domain (I tried it 
with both and same behavior) 

Could someone  please help ?

Cannot connect to SSH, XMT: Solicit on eth0

2017-07-17 Thread Suncatcher16 
Hi there,
I set up connection to router via SSH, and all is going fine except the
cases when router has 100% CPU utilization. In that cases I cannot connect
to it via Guacamole: it /seems to be/ connected, but I see only black screen
and no text input. Connecting via Linux client goes fine in that moment.
Here is the log

> Jul 17 08:19:09 ip-172-31-21-9 guacd[2467]: Connection
> "$ae3e8337-018c-4edf-b70e-47736389efd7" removed.
> Jul 17 08:19:15 ip-172-31-21-9 guacd[2467]: Creating new client for
> protocol "ssh"
> Jul 17 08:19:15 ip-172-31-21-9 guacd[2467]: Connection ID is
> "$fcb078f7-26e1-46ac-a5c8-52fe3d373acd"
> Jul 17 08:19:15 ip-172-31-21-9 guacd[1945]: User
> "@5bc9cc79-d1bc-491b-b8b0-6c7d9a8629e2" joined connection
> "$fcb078f7-26e1-46ac-a5c8-52fe3d373acd" (1 users now present)
> Jul 17 08:19:43 ip-172-31-21-9 guacd[1945]: User
> "@5bc9cc79-d1bc-491b-b8b0-6c7d9a8629e2" disconnected (0 users remain)
> Jul 17 08:19:43 ip-172-31-21-9 guacd[1945]: Last user of connection
> "$fcb078f7-26e1-46ac-a5c8-52fe3d373acd" disconnected
> Jul 17 08:19:46 ip-172-31-21-9 guacd[2467]: Creating new client for
> protocol "ssh"
> Jul 17 08:19:46 ip-172-31-21-9 guacd[2467]: Connection ID is
> "$b0e0d9f4-29e0-4d4a-98d1-3c0288f17155"
> Jul 17 08:19:46 ip-172-31-21-9 guacd[1963]: User
> "@a54c12a5-1c89-42e8-8142-9f2a56f2932e" joined connection
> "$b0e0d9f4-29e0-4d4a-98d1-3c0288f17155" (1 users now present)
> Jul 17 08:20:02 ip-172-31-21-9 dhclient[2309]: XMT: Solicit on eth0,
> interval 130210ms. 

*XMT: Solicit on eth0* is the only suspicious record in the log.



--
View this message in context: 
http://apache-guacamole-incubating-users.2363388.n4.nabble.com/Cannot-connect-to-SSH-XMT-Solicit-on-eth0-tp1315.html
Sent from the Apache Guacamole (incubating) - Users mailing list archive at 
Nabble.com.

SSH connection error segfault

2017-07-17 Thread Suncatcher16 
Hi,
I cannot connect to SSH-server via Guacamole. Into the private key I pasted
contents of rsa.ppk file:

> PuTTY-User-Key-File-2: ssh-rsa
> Encryption: none
> Comment: rsa-key-20170717
> Public-Lines: 6
> something
> Fjozvtf777FXAxTD5PbrgFzp0ZQuSDhSry/sfDoPBZl8vUAHAw==
> Private-Lines: 14
> XsomethingX
> uYiEj1pQio25Gahd7dV2iyKhPh93bkOldIndUJlcZAQXVPs=
> Private-MAC: 63e796fe8d6b20e53410ca1a5f31dc451bce886f

Public key: ssh-rsa
B3XX

Connection via Putty *goes fine*. In the guacd log I got this:

> guacd[2467]: Creating new client for protocol "ssh"
> guacd[2467]: Connection ID is "$1a827d8d-c47f-4934-8ad4-368db571be7b"
> guacd[6073]: User "@17983e5f-c82a-4ccb-9c27-25af873a27c3" joined
> connection "$1a827d8d-c47f-4934-8ad4-368db571be7b" (1 users now present)
> guacd[6073]: Auth key import failed: (null)
> guacd[6073]: User "@17983e5f-c82a-4ccb-9c27-25af873a27c3" disconnected (0
> users remain)
> guacd[6073]: Last user of connection
> "$1a827d8d-c47f-4934-8ad4-368db571be7b" disconnected
*
> kernel: [256069.149041] guacd[6078]: segfault at 0 ip 7fd158636afd sp
> 7fd153ffc790 error 4 in
> libguac-client-ssh.so.0.0.0[7fd158627000+1c000]
*
> guacd[2467]: Connection "$1a827d8d-c47f-4934-8ad4-368db571be7b" removed.





--
View this message in context: 
http://apache-guacamole-incubating-users.2363388.n4.nabble.com/SSH-connection-error-segfault-tp1318.html
Sent from the Apache Guacamole (incubating) - Users mailing list archive at 
Nabble.com.

Re: SSH connection error segfault

2017-07-17 Thread Suncatcher16 

> Can you confirm which version of Guacamole you are using?

0.9.12. AFAIK, 0.9.13 version is still in beta state.


> You will need to convert the PPK file into standard PEM format. Only PuTTY
> can read its PPKs.

Correct, that helped. Thanks for the clarification.
BTW, could you please say smth about  this SSH error

 
? It's really interesting.





--
View this message in context: 
http://apache-guacamole-incubating-users.2363388.n4.nabble.com/SSH-connection-error-segfault-tp1318p1320.html
Sent from the Apache Guacamole (incubating) - Users mailing list archive at 
Nabble.com.

Re: How to get guacd version?

2017-07-17 Thread Kris Germann 
In the provided web front-end you can see it on the bottom right as of version 
0.9.11


> On Jul 17, 2017, at 6:53 PM, MysticRyuujin  wrote:
> 
> Is there an easy way to get the version number of guacd? It doesn't appear to
> have a --version option. The only way I can see to get it currently is to
> actually run it, I just want the version number...
> 
> 
> 
> --
> View this message in context: 
> http://apache-guacamole-incubating-users.2363388.n4.nabble.com/How-to-get-guacd-version-tp1321.html
> Sent from the Apache Guacamole (incubating) - Users mailing list archive at 
> Nabble.com.

Re: SSH connection error segfault

2017-07-17 Thread Suncatcher16 
Mike Jumper wrote
> 0.9.13 is not out yet, correct, however the issue you describe should
> be fixed on git. If you're willing to deploy a build from recent git,
> that would help determine whether you are encountering something new.
> - Mike

But the issue is gone after I converted the private key, so I assume it was
related to key format. Now I don't see any segfaults.




--
View this message in context: 
http://apache-guacamole-incubating-users.2363388.n4.nabble.com/SSH-connection-error-segfault-tp1318p1326.html
Sent from the Apache Guacamole (incubating) - Users mailing list archive at 
Nabble.com.

Re: How to get guacd version?

2017-07-17 Thread Mike Jumper 
On Jul 17, 2017 18:23, "Kris Germann"  wrote:

In the provided web front-end you can see it on the bottom right as of
version 0.9.11


That version number is actually the version of the webapp, not guacd.
Though both should be kept at the same version, you will need to check
syslog to verify the version of the running guacd. They are separate
components.

- Mike

Re: How to get guacd version?

2017-07-17 Thread Mike Jumper 
On Jul 17, 2017 16:13, "MysticRyuujin"  wrote:

Is there an easy way to get the version number of guacd? It doesn't appear
to
have a --version option. The only way I can see to get it currently is to
actually run it, I just want the version number...


You are correct that there is no --version option. The version number is
logged to syslog, and printed when the daemon starts, but there is no way
to run guacd solely for the purpose of producing the version number.

- Mike

Re: SSH connection error segfault

2017-07-17 Thread Mike Jumper 
On Mon, Jul 17, 2017 at 10:52 AM, Suncatcher16  wrote:
>
>> Can you confirm which version of Guacamole you are using?
>
> 0.9.12. AFAIK, 0.9.13 version is still in beta state.
>

0.9.13 is not out yet, correct, however the issue you describe should
be fixed on git. If you're willing to deploy a build from recent git,
that would help determine whether you are encountering something new.

- Mike

How to get guacd version?

2017-07-17 Thread MysticRyuujin 
Is there an easy way to get the version number of guacd? It doesn't appear to
have a --version option. The only way I can see to get it currently is to
actually run it, I just want the version number...



--
View this message in context: 
http://apache-guacamole-incubating-users.2363388.n4.nabble.com/How-to-get-guacd-version-tp1321.html
Sent from the Apache Guacamole (incubating) - Users mailing list archive at 
Nabble.com.