Harry,
You may want to not use VNC, it will not pass the audit in NIST800-53 or
NIST 800-171 for FIPS 140-2. However you can use xRDP which works well
with FIPS 140-2 on Linux/Red Hat systems.
Assuming this is on a Federal network, however disregard if this is your
home network.
*Thank You*
Sean Hulbert
*Founder / CEO*
*Work Ph:* 925.663.5565
*Security Centric Inc.*
A Cybersecurity Virtualization Enablement Company
/StormCloud Gov, Protected CUI Environment!/
Industry's most secure virtual desktops!
*/FedRAMP MIL4 in process (RAR)/*
System Award Management
*CAGE: 8AUV4*
*SAM ID: UMJLJ8A7BMT3*
AFCEA San Francisco Chapter President
If you have heard of a hacker by name, he/she has failed, fear the
hacker you haven’t heard of!
CONFIDENTIALITY NOTICE: This communication with its contents may contain
confidential and/or legally privileged information. It is solely for the
use of the intended recipient(s). Unauthorized interception, review, use
or disclosure is prohibited and may violate applicable laws including
the Electronic Communications Privacy Act. If you are not the intended
recipient, please contact the sender and destroy all copies of the
communication. Content within this email communication is not legally
binding as a contract and no promises are guaranteed unless in a formal
contract outside this email communication.
igitur qui desiderat pacem, praeparet bellum!!!
Epitoma Rei Militaris
On 2/27/2024 7:33 AM, Devine, Harry (FAA) wrote:
Thank you! That fixed the issue. I’m on RHEL 8 and wasn’t aware of
the libgcrypt dependency.
Thanks,
Harry
*From:* Nick Couchman <vn...@apache.org>
*Sent:* Tuesday, February 27, 2024 9:28 AM
*To:* user@guacamole.apache.org
*Subject:* Re: Issue with VNC installation
*CAUTION:*This email originated from outside of the Federal Aviation
Administration (FAA). Do not click on links or open attachments unless
you recognize the sender and know the content is safe.
On Tue, Feb 27, 2024 at 9:12 AM Devine, Harry (FAA)
<harry.dev...@faa.gov.invalid> wrote:
I have an Ansible role that installs Guacamole for me. Been
working very well. The latest one that one of our users is
testing doesn’t seem to have support for VNC. I went back through
the output and I find the following:
configure: WARNING:
--------------------------------------------
libvncserver appears to be built against
libgcrypt, but the libgcrypt headers
could not be found. VNC will be disabled.
--------------------------------------------
configure: WARNING:
--------------------------------------------
Unable to find libwebsockets.
Support for Kubernetes will be disabled.
--------------------------------------------
As well as:
------------------------------------------------
guacamole-server version 1.5.4
------------------------------------------------
Library status:
freerdp2 ............ yes
pango ............... yes
libavcodec .......... yes
libavformat.......... yes
libavutil ........... yes
libssh2 ............. yes
libssl .............. yes
libswscale .......... yes
libtelnet ........... yes
libVNCServer ........ no
libvorbis ........... yes
libpulse ............ yes
libwebsockets ....... no
libwebp ............. yes
wsock32 ............. no
Protocol support:
Kubernetes .... no
RDP ........... yes
SSH ........... yes
Telnet ........ yes
VNC ........... no
Services / tools:
guacd ...... yes
guacenc .... yes
guaclog .... yes
FreeRDP plugins: /usr/lib64/freerdp2
Init scripts: /etc/init.d
Systemd units: no
How can I fix this so VNC is enabled? I’m sure I’ll need to fix
this installation manually, then add whatever needs to be done to
the role to make future installations work.
Make sure you're installing the libgcrypt development package -
depending on what Linux distro you're using, it may be gcrypt-devel,
libgcrypt-devel grcypt-dev, or libgcrypt-dev.
-Nick
