The Virtual Network Computing (VNC) protocol is one of the bedrock of remote desktop management. It allows you to seamlessly operate a server remotely along with its entire graphical desktop. Here we show you how to install a VNC server in Ubuntu. We will also show how you can connect to a VNC server and make it work for your specific needs.
Hosting a Local VNC Server in Ubuntu
One of the easiest methods for starting a VNC server in Ubuntu is through its “Remote Desktop” feature. Since version 16.04, Ubuntu already ships with a basic yet highly capable way of sharing its desktop in a local network.
To use Ubuntu’s remote desktop, you need to press Win, then type “settings.” This will open the distribution’s control panel where you can find most of its settings.
Next, you need to press the magnifying glass icon on the window’s upper left corner. This will bring a small search box where you can provide the name of the setting that you want to access. In here, type “sharing.”
Once done, you need to press the “Sharing” category on the window’s left sidebar. This will, in turn, open a suite of menus where you can control Ubuntu’s sharing policies. To access the policies for remote desktop, you need to press the “Remote Desktop” menu.
Doing that will load a small overlay window where you can tweak and enable your machine’s remote desktop service. To start a remote session, you need to enable the “Remote Desktop” option.
Next, you also need to tick the “Enable Legacy VNC Protocol.” This will ensure that any connecting client will be able to properly communicate with your machine.
Lastly, you need to tick the “Remote Control” option. By default, Ubuntu’s remote desktop does not allow remote guests to control the machine’s keyboard and mouse. Enabling this option will bypass that restriction.
Note: Windows also comes with a native remote desktop software. Here is how you can make good use of it.
Use TigerVNC for Remote Server
While Ubuntu’s remote desktop feature is useful for basic tasks, one of its biggest limiting feature is that it only works on local networks. This can be issue if you want to either control your machine outside your home or control a remote virtual private server.
In that regard, TigerVNC is an efficient and powerful implementation of the VNC protocol that can work in outside networks. Unlike forwarding remote apps with SSH, it aims to provide a simple way to share entire desktops across different platforms and varying network conditions. For example, it is possible to create a VNC server on a Linux VPS and access it from a local Windows machine.
Aside from that, the developers of TigerVNC also designed the program to be secure by default. This means that you can easily deploy TigerVNC and have it encrypt all data between the server and its clients.
Installing TigerVNC in Ubuntu
The first step in deploying a TigerVNC server is to install a copy of the program to your machine. To do this, you need to first update and upgrade your system:
sudo apt update && sudo apt upgrade
Next, you need to install TigerVNC by running the following command:
sudo apt install tigervnc-standalone-server ssh xterm dbus-x11
Creating a VNC Server Password
With TigerVNC installed, you can now create a master password for your server. To do this, you need to run the following command:
vncpasswd
This command will display a blind prompt where you can type the password for your new server. It is important to note, however, that the minimum password length here is 6 characters.
Next, the prompt will ask you for a “view-only” password. This option allows you to share your desktop without giving the guest any control over the machine’s keyboard and mouse. In my case, I will set this option to “N.”
Configuring and Running TigerVNC in Ubuntu
With a master password set, you can now configure the user-specific ports for your VNC server. Doing this allows you to share your machine in-parallel across different clients.
To do this, you need to open “/etc/tigervnc/vncserver.users” using your favorite text editor:
sudo nano /etc/tigervnc/vncserver.users
Once inside, you need to create space for any users that you want to add to the server. You can do this by pressing Alt + /, then Enter.
Next, you can now add the users that you want to link to your VNC server. For the most part, the general syntax for adding a new user in TigerVNC looks something like this:
:display=username
- The
:display
value tells TigerVNC to create a fake monitor device at a particular display port. For example, setting a value to “:1” tells the VNC server to create a “virtual monitor” at port 1. - The
username
value tells TigerVNC to assign the fake monitor device to a particular user. In my case, writing the line:1=ramces
will set the “virtual monitor” at port 1 to my user account.
Creating Your VNC Server Configuration
Once that is done, you can now create the configuration file for your VNC user. To do this, you need to run the following command:
nano /home/$USER/.vnc/xstartup
Next, you need to write a short shell script that will automatically load the default environment variables as soon as TigerVNC runs:
#!/bin/bash PATH=/usr/bin:/usr/sbin unset SESSION_MANAGER unset DBUS_SESSION_BUS_ADDRESS exec /usr/bin/gnome-session
- The first line of code will set the PATH variable for your remote desktop session. This is because a TigerVNC session does not inherit the PATH variable from its “parent” machine.
- The second and third lines ensure that your current remote desktop session does not use any session variables from its “parent” machine.
- The fourth line of code starts the GNOME Desktop Environment on your remote desktop. Unlike a regular daemon, you do not need to fork this process.
Once done, you can now save your new configuration file by pressing Ctrl + O, then Ctrl + X.
Lastly, make sure that your new configuration file has the right execution bits. You can do that by running the following command:
chmod u+x /home/$USER/.vnc/xstartup
Creating and Starting the TigerVNC Service
With your configuration file done, you can now create the SystemD service for your VNC server. Doing this will allow you to automatically run your TigerVNC service during startup.
To start, you need to first create the appropriate SystemD service file on “/etc/systemd/system:”
sudo nano /etc/systemd/system/vncserver@.service
Next, you need to write a small script inside this service file that will load your configuration file:
[Service] Type=forking User=ramces Group=ramces WorkingDirectory=/home/ramces ExecStart=/usr/bin/vncserver -localhost no :%i ExecStop=/usr/bin/vncserver -kill :%i [Install] WantedBy=multi-user.target
After that, you can now save your new service file by pressing Ctrl + O, then Ctrl + X.
Next, you need to disable the graphical user interface and reboot your machine. You can do these two actions by using the following commands:
sudo systemctl set-default multi-user sudo reboot
Lastly, you can now reload and enable your new SystemD settings through systemctl
:
sudo systemctl daemon-reload sudo systemctl enable vncserver@1 sudo systemctl start vncserver@1
Installing the TigerVNC Client
To be able to connect to this VNC server, you need a VNC client on another machine. You can use the TigerVNC client:
sudo apt install tigervnc-viewer
Next, establish an SSH link between your VNC server and your client. This ensures that your VNC connection is end to end encrypted:
ssh -L 5901:192.168.68.155:5901 ramces@192.168.68.155
After that, you can use your TigerVNC client to connect to the VNC server’s virtual display:
vncviewer 192.168.68.155:5901
On the other hand, you need to omit the port value if you are connecting to your machine through Ubuntu’s remote desktop feature:
vncviewer 192.168.68.155
Frequently Asked Questions
My remote VNC server is not displaying any fonts.
This problem is most likely due to an issue with your server’s font cache. In order to fix this, you need to make sure that you have installed all the necessary fonts for your desktop environment.
For example, you can run sudo apt install fonts-dejavu fonts-dejavu-extra
to install some of the core fonts that most modern environments use.
My TigerVNC client is showing a black screen.
While this can be due to a number of issues, the most common cause for this problem is a conflict between your physical and virtual Xorg display.
By default, TigerVNC does not support multiple Xorg instances. As a result, the VNC server will be not be able to share a virtual display whenever you are using the desktop environment on your server. To fix this in Ubuntu, you can run sudo gnome-session-quit
.
Is it possible to access my VNC server securely without using SSH?
Yes. It is possible to use TigerVNC without relying on SSH. However, it is important to note that the default connection method in TigerVNC is less secure.
Knowing that, one workaround that you can do is to create a local OpenSSL certificate. This allows you to still use an encrypted channel for your VNC links. Once you have your X509 certificate, you can run: vncviewer ramces@192.168.68.155 -X509CA /path/to/cert.pem
to connect to your VNC server.
Image credit: Unsplash. All alterations and screenshots by Ramces Red.
Our latest tutorials delivered straight to your inbox