VNC or “Virtual Network Computing” is a connection system that allows you to interact with a graphical desktop environment on a remote server using a keyboard and mouse. It makes it easier for users who are not familiar with the command line to manage files, software and settings on the remote server.
In this guide, we will set up VNC on an Ubuntu 18.04 server and connect to it securely through an SSH tunnel. The VNC server we will use is TightVNC, a fast and light remote control package. This choice will ensure that our VNC connection is smooth and stable even on slower Internet connections.
To complete this tutorial, you need:
- Includes a Ubuntu 18.04 initial server that can use the sudo command for non-root users.
- The local computer with the VNC client installed supports VNC connections through SSH tunnels. If you are using Windows, you can use TightVNC, RealVNC or UltraVNC. Mac OS X users can use the built-in screen sharing program or cross-platform applications such as RealVNC. Linux users can choose from several options:
krdcthe RealVNC, TightVNC, and so on.
Step 1-install desktop environment and VNC server
By default, if Ubuntu 18.04 does not have a graphical desktop environment or VNC server installed, so we install them first. Specifically, we install the latest Xfce desktop environment and TightVNC software package from the official Ubuntu software repository.
On your server, install the Xfce and TightVNC software packages.
$ sudo apt - get update $ sudo apt install xfce4 xfce4 - goodies tightvncserver
To configure the VNC server after installation, first use the
vncservercommand to set a security password.
You will be prompted to enter and verify a password, as well as a password with only viewing rights. Users who log in with the view-only password cannot use the mouse or keyboard to control the VNC instance. This is a useful option if you want to use a VNC server to present content to others, but it is not required.
vncserverto complete the installation of VNC by creating a default configuration file and connection information for our server. After installing these packages, you can configure the VNC server.
Step 2-Configure VNC server
First, we need to tell our VNC server which commands to execute when it starts.
.vncThere is a configuration file name in the folder under your home directory. The
xstartupcommands that need to be executed at startup are stored in this configuration file. The startup script was created while running in the previous step
vncserver, but we need to modify some commands of the Xfce desktop.
When VNC is first set up, it will start a default server instance on port 5901. This port is called the display port and is called by VNC
:1. VNC can launch multiple instances on other display ports, for example
:3and so on. When using a VNC server, remember that this
:Xis a reference display port
Because we are going to change the way the VNC server is configured, we need to stop the VNC server instance running on port 5901.
$ vncserver - kill : 1
The output should look like this, with a different PID:
Killing Xtightvnc process ID 17648
Before we start configuring the new
xstartupfile, let’s back up the original file.
$ mv ~ / . vnc /xstartup ~/ . vnc / xstartup . bak
nanoor another text editor of your choice to create a
$ nano ~ / . vnc / xstartup
Paste these commands into the file so that they are automatically executed when you start or restart the VNC server, then save and close the file.
~ / . vnc / xstartup # ! / bin / bash xrdb $HOME / . Xresources startxfce4 &
The first command in the file
xrdb $HOME/.Xresourcestells the GUI framework of VNC to read the
.Xresourcesfile of the server user .
.XresourcesUsers can change certain settings of the graphical desktop, such as terminal colors, cursor themes, and font rendering. The second command just tells the server to start Xfce, where you can find all the graphics software you need to manage the server comfortably.
To ensure that the VNC server can use this new startup file correctly, we need to grant it executable permissions.
$ sudo chmod + x ~ / . vnc / xstartup
Now, restart the VNC server.
When starting the server, the output should be similar to the following:
New 'X-' Desktop of The Your_Server_Name The the IS . Of the COM of The The : . . . . 1 Starting applications specified in / home /sammy/ . Vnc / xstartup At The IS at The the Log File at The / Home / Sammy / . At The VNC / liniverse . At The COM : . 1 . At The the Log
Step 3-Test the VNC desktop
In this step, we will test the connectivity of your VNC server.
First, we need to create an SSH connection on the local computer in order to safely forward
localhostthe connection to VNC. You can do this with the following commands through the terminal on Linux or OS X. Remember to replace the
server_ip_address, that is the non-root username and IP address of your server.
$ ssh - L 5901 : 127.0 . 0.1 : 5901 - N - f - l username server_ip_address
If you are using a graphical SSH client (such as PuTTY), please use it
server_ip_addressas the connection IP and
5901set it as the new forwarding port in the program SSH tunnel settings.
Next, you can now use the VNC client to try to connect to the
5901port of the VNC server . You will be prompted for identity verification. The password to be used is the password you set in step 1.
After connecting, you should see the default Xfce desktop. It should look like this:
You can use the file manager or the command line to access the files in the home directory as follows:
Step 4-Create VNC Service File
Next, we set the VNC server as a systemd service. This way it can be started, stopped and restarted as needed, just like any other service of the system.
First, create a new
/etc/systemd/system/vncserver@.serviceunit file using your favorite text editor :
$ sudo nano / etc / systemd / system / vncserver@ . service
Copy and paste the following content into it. Make sure to change the user name in the user value and PIDFILE value to match your user name.
/ etc / systemd / system / vncserver@ . service [ Unit ] Description = Start TightVNC server at startup After = syslog . Target network . Target [ Service ] Type = forking User = sammy PAMName = login PIDFile = / home /sammy/ . Vnc / % H : % i . Pid ExecStartPre = - / usr / bin / vncserver - kill : % i > / dev / null 2 > & 1 ExecStart = / usr / bin / vncserver - depth 24 - geometry 1280x800 : % i ExecStop = / usr / bin / vncserver - kill : % i [ Install ] WantedBy = multi - user . Target
Save and close the file.
Next, reload the
$ sudo systemctl daemon - reload
Enable unit files.
$ Sudo enable systemctl vncserver 1 . Service
The 1 after the @ symbol indicates which number the service should display. In this case, the default value is 1, as described above.
If the VNC server is still running, stop the current instance of the server.
$ vncserver - kill : 1
Then start it, just like any other systemd service.
$ sudo systemctl start vncserver@ 1
You can verify whether it has started with this command:
$ sudo systemctl status vncserver@ 1
If it starts correctly, the output should look like this:
vncserver @ . . . . 1 . - - - -Service - TightVNC Server of The The the ON of of The of The The the Ubuntu 18.04 Loaded : loaded ( / etc / systemd / of The The the System / vncserver @ . - - - -Service ; Enabled ; Vendor of The The the PRESET : Enabled ) of The The the Active : The the Active ( running) AT of The Mon the Operating the Operating the Operating Operating since 2016 - 04 - 25 03 : 21 is IS The the IS : 34 is IS The the EDT ; 6S ago Member Member Process : 2924 ExecStop = / usr / bin / vncserver - The the kill : % the I ( code = The the Exited , Status = 0 / SUCCESS ) ... systemd [ . 1 ] : Starting TightVNC Server on Ubuntu 18.04 ... systemd [ 2938 ] : pam_unix ( login : session ) : session opened for user finid by ( uid = 0 ) systemd [ 2949 ] : pam_unix ( login : session ) : session opened for user finid by ( uid = 0 ) systemd [ 1 ] : Started TightVNC server on Ubuntu 18.04 .
You should now start and run the secure VNC server on the Ubuntu 18.04 server.