Hi, Just for the record, it turned out to be a Gnome-remote-desktop bug. I tried to connect to Windows with rdp://user:password@hostname/?ignore-cert=true&security=nla , and it works. I checked FreeRDP to connect to my computer from another Linux one, and it said that it's also using NLA, and it connected well. On my home server, where Guacamole sits, Debian12/Bookworm is installed, with libfreerdp-2.10 if i remember correctly. On my other machines, Debian 12/Trixie, libfreerdp-2.11 . (The server is headless, has no GUI.) I have 2 Debian 12/Trixie on 2 computers, they can connect to each other with FreeRDP, but Guacamole from the server cannot connect to any of them. I checked the messages from the gnome-remote-desktop, and turned out it has some problem with the graphics pipeline. So with NLA, the connection builds up from Guacamole, security is negotiated, user is logged in, and the connection is dropped, but the guacd error message is not appropriate.
So this is turning the suspect to the gnome-remote-desktop package on the Trixie. I file a bug for this. Hope thisd will be useful for someone, and thanks for help :) Cs. Horváth Csaba <horvathcsabalas...@gmail.com> ezt írta (időpont: 2024. jan. 31., Sze, 21:44): > > Hi, > > I had time to continue the investigation. > With a more verbose log, i get the stuff at the end of the post. > > Strange things : the Freerdp messages : > guacd[354449]: DEBUG: Remote framebuffer format PIXEL_FORMAT_RGB16 > guacd[354449]: DEBUG: expected PDU_TYPE_DEMAND_ACTIVE 0001, got 0006 > guacd[354449]: DEBUG: transport_check_fds: transport->ReceiveCallback() - -1 > guacd[354449]: DEBUG: rdp_client_connect:freerdp_set_last_error_ex > ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D] > guacd[354449]: DEBUG: expected PDU_TYPE_DEMAND_ACTIVE 0001, got 0006 > guacd[354449]: DEBUG: transport_check_fds: transport->ReceiveCallback() - -1 > guacd[354449]: DEBUG: rdp_client_connect:freerdp_set_last_error_ex > ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D] > guacd[354449]: DEBUG: freerdp_post_connect failed > guacd[354449]: DEBUG: SVC "rdpdr" disconnected. > guacd[354449]: DEBUG: SVC "rdpsnd" disconnected. > guacd[354449]: INFO: RDP server closed/refused connection: Server > refused connection (wrong security type?) > > And the username : > guacd[354449]: INFO: User "@4a0e0744-34a1-4758-b722-da4dfd44642b" > joined connection "$0ae5b730-fd3b-494f-957d-00542523a4b5" (1 users now > present) > > Can someone please help to untangle this...? > > Thanks :) > > > > root@homeserver:/usr/sbin# /usr/sbin/guacd -L debug -f -b 127.0.0.1 > -l 4822 -p /tmp/guacd/guacd.pid > guacd[354367]: INFO: Guacamole proxy daemon (guacd) version 1.3.0 started > guacd[354367]: DEBUG: Successfully bound socket to host 127.0.0.1, port 4822 > guacd[354367]: INFO: Listening on host 127.0.0.1, port 4822 > guacd[354367]: INFO: Creating new client for protocol "rdp" > guacd[354367]: INFO: Connection ID is "$0ae5b730-fd3b-494f-957d-00542523a4b5" > guacd[354449]: DEBUG: Processing instruction: size > guacd[354449]: DEBUG: Processing instruction: audio > guacd[354449]: DEBUG: Processing instruction: video > guacd[354449]: DEBUG: Processing instruction: image > guacd[354449]: DEBUG: Processing instruction: timezone > guacd[354449]: DEBUG: Parameter "console" omitted. Using default value of 0. > guacd[354449]: DEBUG: Parameter "console-audio" omitted. Using default > value of 0. > guacd[354449]: DEBUG: Parameter "disable-auth" omitted. Using default > value of 0. > guacd[354449]: INFO: Security mode: NLA > guacd[354449]: DEBUG: User resolution is 1920x1003 at 96 DPI > guacd[354449]: DEBUG: Parameter "dpi" omitted. Using default value of 96. > guacd[354449]: DEBUG: Using resolution of 1920x1003 at 96 DPI > guacd[354449]: DEBUG: Parameter "read-only" omitted. Using default value of 0. > guacd[354449]: DEBUG: Parameter "client-name" omitted. Using default > value of "Guacamole RDP". > guacd[354449]: DEBUG: Parameter "enable-wallpaper" omitted. Using > default value of 0. > guacd[354449]: DEBUG: Parameter "enable-theming" omitted. Using > default value of 0. > guacd[354449]: DEBUG: Parameter "enable-font-smoothing" omitted. Using > default value of 0. > guacd[354449]: DEBUG: Parameter "enable-full-window-drag" omitted. > Using default value of 0. > guacd[354449]: DEBUG: Parameter "enable-desktop-composition" omitted. > Using default value of 0. > guacd[354449]: DEBUG: Parameter "enable-menu-animations" omitted. > Using default value of 0. > guacd[354449]: DEBUG: Parameter "disable-bitmap-caching" omitted. > Using default value of 0. > guacd[354449]: DEBUG: Parameter "disable-offscreen-caching" omitted. > Using default value of 0. > guacd[354449]: DEBUG: Parameter "disable-glyph-caching" omitted. Using > default value of 0. > guacd[354449]: DEBUG: Parameter "color-depth" omitted. Using default > value of 16. > guacd[354449]: DEBUG: Parameter "disable-audio" omitted. Using default > value of 0. > guacd[354449]: DEBUG: Parameter "enable-printing" omitted. Using > default value of 0. > guacd[354449]: DEBUG: Parameter "printer-name" omitted. Using default > value of "Guacamole Printer". > guacd[354449]: DEBUG: Parameter "enable-drive" omitted. Using default > value of 0. > guacd[354449]: DEBUG: Parameter "drive-name" omitted. Using default > value of "Guacamole Filesystem". > guacd[354449]: DEBUG: Parameter "drive-path" omitted. Using default value of > "". > guacd[354449]: DEBUG: Parameter "create-drive-path" omitted. Using > default value of 0. > guacd[354449]: DEBUG: Parameter "disable-download" omitted. Using > default value of 0. > guacd[354449]: DEBUG: Parameter "disable-upload" omitted. Using > default value of 0. > guacd[354449]: DEBUG: Parameter "timezone" omitted. Using default > value of "Europe/Budapest". > guacd[354449]: DEBUG: Parameter "enable-sftp" omitted. Using default value of > 0. > guacd[354449]: DEBUG: Parameter "sftp-hostname" omitted. Using default > value of "t430". > guacd[354449]: DEBUG: Parameter "sftp-port" omitted. Using default > value of "22". > guacd[354449]: DEBUG: Parameter "sftp-username" omitted. Using default > value of "colt". > guacd[354449]: DEBUG: Parameter "sftp-password" omitted. Using default > value of "". > guacd[354449]: DEBUG: Parameter "sftp-passphrase" omitted. Using > default value of "". > guacd[354449]: DEBUG: Parameter "sftp-root-directory" omitted. Using > default value of "/". > guacd[354449]: DEBUG: Parameter "sftp-server-alive-interval" omitted. > Using default value of 0. > guacd[354449]: DEBUG: Parameter "sftp-disable-download" omitted. Using > default value of 0. > guacd[354449]: DEBUG: Parameter "sftp-disable-upload" omitted. Using > default value of 0. > guacd[354449]: DEBUG: Parameter "recording-name" omitted. Using > default value of "recording". > guacd[354449]: DEBUG: Parameter "recording-exclude-output" omitted. > Using default value of 0. > guacd[354449]: DEBUG: Parameter "recording-exclude-mouse" omitted. > Using default value of 0. > guacd[354449]: DEBUG: Parameter "recording-include-keys" omitted. > Using default value of 0. > guacd[354449]: DEBUG: Parameter "create-recording-path" omitted. Using > default value of 0. > guacd[354449]: INFO: Resize method: none > guacd[354449]: DEBUG: Parameter "enable-audio-input" omitted. Using > default value of 0. > guacd[354449]: DEBUG: Parameter "gateway-port" omitted. Using default > value of 443. > guacd[354449]: DEBUG: Parameter "disable-copy" omitted. Using default > value of 0. > guacd[354449]: DEBUG: Parameter "disable-paste" omitted. Using default > value of 0. > guacd[354449]: DEBUG: Parameter "wol-send-packet" omitted. Using > default value of 0. > guacd[354449]: INFO: User "@4a0e0744-34a1-4758-b722-da4dfd44642b" > joined connection "$0ae5b730-fd3b-494f-957d-00542523a4b5" (1 users now > present) > guacd[354449]: DEBUG: Client is using protocol version "VERSION_1_3_0" > guacd[354449]: INFO: Loading keymap "base" > guacd[354449]: INFO: Loading keymap "en-us-qwerty" > guacd[354449]: DEBUG: Support for CLIPRDR (clipboard redirection) > registered. Awaiting channel connection. > guacd[354449]: DEBUG: Support for static channel "rdpdr" loaded. > guacd[354449]: DEBUG: Support for static channel "rdpsnd" loaded. > guacd[354449]: DEBUG: Local framebuffer format PIXEL_FORMAT_BGRX32 > guacd[354449]: DEBUG: Remote framebuffer format PIXEL_FORMAT_RGB16 > guacd[354449]: DEBUG: expected PDU_TYPE_DEMAND_ACTIVE 0001, got 0006 > guacd[354449]: DEBUG: transport_check_fds: transport->ReceiveCallback() - -1 > guacd[354449]: DEBUG: rdp_client_connect:freerdp_set_last_error_ex > ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D] > guacd[354449]: DEBUG: expected PDU_TYPE_DEMAND_ACTIVE 0001, got 0006 > guacd[354449]: DEBUG: transport_check_fds: transport->ReceiveCallback() - -1 > guacd[354449]: DEBUG: rdp_client_connect:freerdp_set_last_error_ex > ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D] > guacd[354449]: DEBUG: freerdp_post_connect failed > guacd[354449]: DEBUG: SVC "rdpdr" disconnected. > guacd[354449]: DEBUG: SVC "rdpsnd" disconnected. > guacd[354449]: INFO: RDP server closed/refused connection: Server > refused connection (wrong security type?) > guacd[354449]: INFO: User "@4a0e0744-34a1-4758-b722-da4dfd44642b" > disconnected (0 users remain) > guacd[354449]: INFO: Last user of connection > "$0ae5b730-fd3b-494f-957d-00542523a4b5" disconnected > guacd[354449]: DEBUG: Requesting termination of client... > guacd[354449]: DEBUG: Client terminated successfully. > guacd[354367]: INFO: Connection "$0ae5b730-fd3b-494f-957d-00542523a4b5" > removed. > > Cs. > > Horváth Csaba <horvathcsabalas...@gmail.com> ezt írta (időpont: 2024. > jan. 26., P, 17:50): > > > > Hi, > > > > Yes, i mixed up with the shell :D Sry :) > > > > But no success. I changed the permissions to 777, but it does not > > change anything. > > The /var/run/guacd dir has a .config subdir, in it a certs and server > > directory. All empty, except the pid file. > > > > I created a temporary home for it, and it creates the certs and server > > directories, but does not write anything. Also creates a 0 bytes > > known_hosts file. > > Maybe i need to put some TLS certs from the Gnome desktop to here? > > > > This is getting more strange :D > > > > root@homeserver:/etc# ls -la /tmp/guacd/ > > total 12 > > drwxrwxrwx 3 guacd guacd 4096 Jan 26 17:43 . > > drwxrwxrwt 17 root root 4096 Jan 26 17:45 .. > > drwxr-xr-x 3 guacd guacd 4096 Jan 26 17:43 .config > > root@homeserver:/etc# ls -la /tmp/guacd/.config/ > > total 12 > > drwxr-xr-x 3 guacd guacd 4096 Jan 26 17:43 . > > drwxrwxrwx 3 guacd guacd 4096 Jan 26 17:43 .. > > drwxr-xr-x 4 guacd guacd 4096 Jan 26 17:43 freerdp > > root@homeserver:/etc# ls -la /tmp/guacd/.config/freerdp/ > > total 16 > > drwxr-xr-x 4 guacd guacd 4096 Jan 26 17:43 . > > drwxr-xr-x 3 guacd guacd 4096 Jan 26 17:43 .. > > drwxr-xr-x 2 guacd guacd 4096 Jan 26 17:43 certs > > -rw-r--r-- 1 guacd guacd 0 Jan 26 17:43 known_hosts2 > > drwxr-xr-x 2 guacd guacd 4096 Jan 26 17:43 server > > root@homeserver:/etc# ls -la /tmp/guacd/.config/freerdp/certs/ > > total 8 > > drwxr-xr-x 2 guacd guacd 4096 Jan 26 17:43 . > > drwxr-xr-x 4 guacd guacd 4096 Jan 26 17:43 .. > > root@homeserver:/etc# ls -la /tmp/guacd/.config/freerdp/server/ > > total 8 > > drwxr-xr-x 2 guacd guacd 4096 Jan 26 17:43 . > > drwxr-xr-x 4 guacd guacd 4096 Jan 26 17:43 .. > > root@homeserver:/etc# ls -la /tmp/guacd/.config/freerdp/known_hosts2 > > -rw-r--r-- 1 guacd guacd 0 Jan 26 17:43 > > /tmp/guacd/.config/freerdp/known_hosts2 > > root@homeserver:/etc# > > > > > > Cs. > > > > Nick Couchman <nick.e.couch...@gmail.com> ezt írta (időpont: 2024. > > jan. 26., P, 17:28): > > > > > > On Fri, Jan 26, 2024 at 11:26 AM Horváth Csaba > > > <horvathcsabalas...@gmail.com> wrote: > > >> > > >> Hi, > > >> > > >> I have installed guacd from Debian's repos, and it runs by default in > > >> the name of user guacd. > > >> > > >> guacd 3163019 0.0 0.1 246252 10376 ? S Jan24 0:00 > > >> /usr/sbin/guacd -b 127.0.0.1 -l 4822 -p /var/run/guacd/guacd.pid > > >> > > >> Ang guacd has no home by default (which is acceptable from security > > >> viewpoint, but affect usability :D maybe i need to file a bug to > > >> Debian team :D ) > > >> guacd:x:998:996::/var/run/guacd:/bin/false > > > > > > > > > That user does have a home directory - /var/run/guacd - so you need to > > > make sure the guacd user has write access to that directory. > > > > > > -Nick --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
