Linux

Linux 101: Easy VNC server setup

If you need to remote into your Linux server, VNC might be the best option. Jack Wallen walks you through the steps of setting up a VNC server on an rpm-based distribution.

I've had this request a number of times lately -- so I thought it was time to write up an easy how-to on setting up a VNC server on your Linux box.

I recently had to set up five CentOS-based Linux servers for a client. Said client had to have remote access to the machines, and the easiest solution was to set up VNC servers on each machine. Believe it or not, the process is much easier than you might expect. Once you've completed the process, you'll be able to easily access your server with the help of a VNC viewing tool, like vncviewer. Let's break this down into steps.

I'll demonstrate this process as if you were setting the server up on a CentOS package (which could then easily be translated to any rpm-based distribution). Anyone using, say, a Debian-based platform would only have to make minor adjustments.

NOTE: Every step in this tutorial will be done via the command line.

NOTE: We will be setting up unencrypted VNC. If you need a more secure VNC setup, we'll discuss that in a later entry.

Step 1: Installing required packages

There are a just a couple of packages to be dealt with. Those packages can be installed with a single command. Before you run the command, you must first "su" to root. This is done by entering the command su and then typing your root user password. Once you have root access, run the command:

yum install vnc vnc-server

Once the above command completes, you are ready to begin the configuration.

Step 2: Configure the users

I will assume you already have either the users that will be allowed to VNC into the machine, or you only have one user that will be gaining access to the machine. Either way, the users will already have accounts on the server and will have logged in to confirm their passwords/accounts.

For each user that needs to gain access to the VNC server, you must set a VNC password for them. Let's say you've set up a user account called vncuser and intend on logging in with only that user. To set the VNC password for the user, you must first su to that user account. Issue the command:

su vncuser

Now issue the command:

vncpasswd

You will then be prompted to enter (and confirm) the new password for the user. Once you've completed that action, you are done with user configuration.

Step 3: Configure VNC

Now for the important pieces.The first phase of this step is to edit the /etc/sysconfig/vncservers file. At the end of that file, enter the following:

VNCSERVERS="1:vncuser"
VNCSERVERARGS[1]="-geometry 1600x1200"

NOTE: You can set the geometry to whatever resolution you require.

In the above section, you can set up multiple users for connection. Say you had three users that needed access using different resolutions. To accomplish this, you could enter something like:

VNCSERVERS="1:vncuser1 2:vncuser2 3:vncuser3"

VNCSERVERARGS[1]="-geometry 640x480"

VNCSERVERARGS[2]="-geometry 800x600"

VNCSERVERARGS[3]="-geometry 1600x1200"
Step 4: Check VNC server startup

Before you go any further, make sure the VNC server will start and stop cleanly. As the root user, issue the commands:

  • service vncserver start
  • service vncserver stop

If the VNC server started and stopped cleanly, set VNC up to start at boot with the command:

chkconfig vncserver on
Step 5: Create xstartup scripts

You now need to go into each user that will be logging in with VNC and editing their ~/.vnc/xstartup script. Within that script, you should find the following:

#!/bin/sh

# Uncomment the following two lines for normal desktop:

# unset SESSION_MANAGER

# exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup

[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources

xsetroot -solid grey

vncconfig -iconic &

xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &

twm &

Uncomment the following two lines (remove the "#" characters):

  • unset SESSION_MANAGER
  • exec /etc/X11/xinit/xinitrc

Save that file and you're ready to move on.

Step 6: Edit iptables

In order for the VNC connections to get through, you must allow them with iptables. To do this, open up the file /etc/sysconfig/iptables and add the line:

-A INPUT -m state --state NEW -m tcp -p tcp -m multiport --dports 5901:5903,6001:6003 -j ACCEPT

Save the file and restart iptables with the command:

service iptables restart
Step 7: Start the VNC server

Issue the command:

service vncserver start

And the VNC server should start up nice and cleanly.

Step 8: Test the connection

Move over to a machine that can display graphics (if your server does, you can test from there) and fire up your VNC client of choice and attempt to log in with the IP address of the server and port 5801. You can actually test this with a browser (if Java is installed on the machine). To do this, open up the browser and go to http://ADDRESS_OF_VNC_SERVER:5801. That address should open up a VNC session in your browser. If, on the off chance, it does not... try the address http://ADDRESS_OF_VNC_SERVER:1.

There you go! You should now have a working VNC server on your Linux box.

The next time we visit this topic, we'll see up VNC with the help of ssh encryption.

About

Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website getjackd.net.

7 comments
chengui
chengui

There is an error in this article. Under Step 8 the port should be 5901 not 5801.

dolo724@
dolo724@

For the Debian folks: 

I used ssh to remote install tightvncserver on the server, then edited /usr/bin/tightvncserver for better geometry at the client. I ran "vncpasswd" for a little security, then "sudo vncserver" to start it. Take note of the display (as in xxx:1)

For the client (also Debian) I'm using ssvnc. All you need is the server IP address with the display (aaa.bbb.ccc.ddd:1) and the password you typed earlier. Use SSH only, then connect. Shazam! 

Probably the only game I'd try is robotfindskitten, for the lag.

polashdeb
polashdeb

How about making a "automated VNC installation .sh Script" . I need this, just dont know how to start.
any advice would be great help.

Abhi1070
Abhi1070

Thanks buddy. Thank you so much your post is so helpful.. my server has been logged in from browser but i am not able to connect with vnc viewer, it'g giving 10061 error can you give me idea why it's happening. 

craigc
craigc

Just curious what needed doing that VNC was 'most appropriate' for on a server? I'm in no way slamming the product, but 'remote consoles' tend to be less efficient than say an ssh session. I manage a lot of remote servers, and ssh is my connection mechanism of choice 99% of the time. A remote console during boot being the other 1%. (VNC won't replace that.) Just wondering what I'm missing.

maszsam
maszsam

Not seeing it for server managment. If someone couldn't do it via ssh, are you sure you would want them makeing changes on the server? He did say the client required it and you haven't been in the trade very long if you haven't had some kind of WTF are they thinking moment with respect to clients. That said, I would like to thank the Mr. Wallen for the clear tutorial. Nice work. :-)

SimonHobson
SimonHobson

I suppose for a lot of users, anything but a "remote desktop" is too hard to use. For them, VNC is an option. Another use case is where you have a piece of software (I used to leave Azureus running on my home server) that only runs on a graphical desktop, and you want to be able to leave it running. Other than that, I too use SSH almost exclusively, and when I do need to work with a GUI*, I use a local X server (trivial install on OS X, dunno about Windows) which can be connected with a one-liner SSH command to a remote machine (and for good measure, you automatically get an encrypted connection). * The only time I've needed to do it in the last few years is to run mythtv-setup :) So I can see why people might want to use VNC - but I struggle to find many genuine use cases where they wouldn't have a much better experience with more suitable tools.

Editor's Picks