How to install and configure VNC on Ubuntu 20.04

s2 0

Virtual Network Computing (VNC) is a graphical desktop sharing system that allows you to use your keyboard and mouse to remotely control another computer. It is an open source alternative to Microsoft Remote Desktop Protocol (RDP).

This article explains how to install and configure a VNC server on Ubuntu 20.04. We will also show you how to securely connect to the VNC server via an SSH tunnel.

Install desktop environment

Ubuntu servers are managed from the command line and do not have a desktop environment installed by default. If you’re running the desktop version of Ubuntu, skip this step.

Various desktop environments are available in Ubuntu repositories. One way is to install Gnome, the standard desktop environment in Ubuntu 20.04. Another option is installation Xfce
. It’s a fast, stable, and lightweight desktop environment that makes it ideal for use on a remote server.

In this tutorial we install Xfce. Enter the following commands as a user with sudo rights:

sudo apt updatesudo apt install xfce4 xfce4-goodies

Depending on your system, downloading and installing Xfce packages may take some time.

Install VNC server

There are several different VNC servers available in Ubuntu repositories such as: TightVNC
, TigerVNC
, and x11vnc
. Each VNC server has different strengths and weaknesses in terms of speed and security.

We will install TigerVNC. It is an actively maintained high-performance VNC server. Enter the following command to install the package:

sudo apt install tigervnc-standalone-server

Configure VNC access

Once the VNC server is installed, the next step is to create the initial user configuration and set up the password.

Set the user password with the vncpasswd Command. Don’t use sudo when running the following command:

vncpasswd

You will be prompted for and confirm the password and whether to set it as a read-only password. If you set a read-only password, the user will not be able to use the mouse and keyboard to interact with the VNC instance.

Password:
Verify:
Would you like to enter a view-only password (y/n)? n

The password file is saved in ~/.vnc Directory that is created if it does not exist.

Next we need to configure TigerVNC to use Xfce. To do this, create the following file:

~ / .vnc / xstartup
nano ~/.vnc/xstartup
#!/bin/sh
unset SESSION_MANAGER
unset DBUS_SESSION_BUS_ADDRESS
exec startxfce4 

Save and close the file. The above commands are automatically executed when you start or restart the TigerVNC server.

the ~/.vnc/xstartup The file must also have execute permissions. Use the chmod
Command to set file permissions:

chmod u+x ~/.vnc/xstartup

If you have to pass Additional options
to the VNC server, create a file called config and add one option per line. Here is an example:

~ / .vnc / config
geometry=1920x1080
dpi=96

You can now access the VNC server via the vncserver Command:

vncserver
New 'server2.linuxize.com:1 (linuxize)' desktop at :1 on machine server2.linuxize.com

Starting applications specified in /home/linuxize/.vnc/xstartup
Log file is /home/linuxize/.vnc/server2.linuxize.com:1.log

Use xtigervncviewer -SecurityTypes VncAuth -passwd /home/linuxize/.vnc/passwd :1 to connect to the VNC server.

Notice that :1 after the host name in the output above. This indicates the number of the display port that the vnc server is running on. In this example the server is running on the TCP port 5901 (5900 + 1). If you create a second instance with vncserver it is executed on the next free port, ie :2which means that the server is running on port 5902 (5900 + 2).

It’s important to remember that when working with VNC servers :X is a display port that focuses on. relates 5900+X.

You can get a list of all the VNC sessions currently running by typing:

vncserver -list
TigerVNC server sessions:

X DISPLAY #	RFB PORT #	PROCESS ID
:1		      5901		    5710

Before proceeding to the next step, stop the VNC instance with the vncserver Command with a -kill Option and the server number as an argument. In this example the server is running on port 5901 (:1) so we end it with:

vncserver -kill :1
Killing Xtigervnc process ID 5710... success!

Create a systemd unit file

Instead of starting the VNC session manually, we’re going to create a systemd unit file so that you can start, stop, and restart the VNC service as needed.

Open your text editor and copy and paste the following configuration. Make sure to change the username on line 7 to match your username.

sudo nano /etc/systemd/system/[email protected]
/etc/systemd/system/[email protected]
[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target

[Service]
Type=simple
User=linuxize
PAMName=login
PIDFile=/home/%u/.vnc/%H%i.pid
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill :%i > /dev/null 2>&1 || :'
ExecStart=/usr/bin/vncserver :%i -geometry 1440x900 -alwaysshared -fg
ExecStop=/usr/bin/vncserver -kill :%i

[Install]
WantedBy=multi-user.target

Save and close the file.

Notify systemd that a new unit file will be created:

sudo systemctl daemon-reload

Enable the service to start at boot:

sudo systemctl enable [email protected]

The number 1 after this @ sign defines the display port on which the VNC service is executed. This means that the VNC server is listening on port 5901as we discussed in the previous section.

Start the VNC service by running:

sudo systemctl start [email protected]

Check if the service started successfully with:

sudo systemctl status [email protected]
[email protected] - Remote desktop service (VNC)
     Loaded: loaded (/etc/systemd/system/[email protected]; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2021-03-26 20:00:59 UTC; 3s ago
...

Establish a connection to the VNC server

VNC is not an encrypted protocol and can be subject to packet sniffing. The recommended approach is to create an SSH tunnel and securely forward traffic from your local computer on port 5901 to the server on the same port.

Set up SSH tunneling on Linux and macOS

If you’re running Linux, macOS, or any other Unix-based operating system on your computer, you can easily create an SSH tunnel with the following command:

ssh -L 5901:127.0.0.1:5901 -N -f -l vagrant 192.168.33.10

You will be asked to enter the user password.

Make sure you replace username and server_ip_address with your username and the IP address of your server.

Set up SSH tunneling under Windows

If you’re running Windows, you can use the PuTTY SSH client
.

Open Putty and put your server IP address in the Host name or IP address Area.

Under the Connection Menu, box, expand SSH, and choose Tunnels. Enter the VNC server port (5901) by doing Source Port Field and enter server_ip_address:5901 by doing Destination Field and click on the Add Button as shown in the picture below:

Go back to the Session Page to save the settings so that you don’t have to re-enter them every time. To the remote server, select the saved session and click the Open Button.

Connect with Vncviewer

After the SSH tunnel has been created, it is time to open your Vncviewer and connect to the VNC server localhost:5901.

You can use any VNC viewer like TigerVNC, TightVNC, RealVNC, UltraVNC, Vinagre and VNC viewer for Google Chrome.

We will be using TigerVNC. Open the viewer, enter localhost:5901, and click the Connect Button.

Enter your user password when prompted and you should see the default Xfce desktop. It will look something like this:

You can interact with the remote XFCE desktop from your local computer using your keyboard and mouse.

diploma

We showed you how to install and configure a VNC server on Ubuntu 20.04.

To configure your VNC server so that it starts a display for more than one user, create the initial configuration and set up the password with the vncpasswd Command. You will also need to create a new service file with a different port.

Feel free to leave a comment if you have any questions.