Install and Configure VNC Server for Remote Access on Linux
Like RDP, VNC protocol allows for accessing computers remotely with full window GUI. It’s used in VMware vSphere and OpenStack for users to interact with virtual machines by connecting to hypervisors. Here is what I just did to set it up. The instruction should work on a host either it’s a physical machine or virtual machine as long as it’s installed with CentOS or equivalents.
Installing VNC Server
Lost VMs or Containers? Too Many Consoles? Too Slow GUI? Time to learn how to "Google" and manage your VMware and clouds in a fast and secure HTML5 App.
By default, VNC server is installled on many Linux distribution. To find out, just use the RPM command as follows:
# rpm -qa | grep vnc gtk-vnc-0.3.10-3.el6.x84_64 tigervnc-server-1.1.0-5.el6.x86_64 tigervnc-1.1.0-5.el6.x86_64
As you can see, my CentOS 6.4 installation has Tiger VNC installed already. If not, just use the following command to install it:
# yum install tigervnc-server
Configure For Multiple Users
If you don’t have multiple users yet, it’s time to add one besides your super user. You can repeat the commands for as many users as you want.
# useradd cloud # passwd cloud
To add multiple users, you can simply change configurations as follows:
# vim /etc/sysconfig/vncservers VNCSERVERS="1:cloud 2:root" VNCSERVERARGS=”-geometry 1024×768 -depth 16" VNCSERVERARGS=”-geometry 1024×768 -depth 16"
The numbers 1, 2, etc., in the file stands for the ID for the port assigned for each user. You add base port number 5900 to get the corresponding port number. For exmaple, the 1 maps to port number 5901 of TCP. The 1024×768 as you can guess is the screen resolution, and the 16 is the depth of color. The bigger the resolution or the depth, the more traffic will flow on the wire.
For a complete list of the resolutions your X windows supports, you can type in the following command in bash:
$ xrandr xrandr: Failed to get size of gamma for output default Screen 0: minimum 640 x 480, current 1024 x 768, maximum 1920 x 1200 default connected 1024x768+0+0 0mm x 0mm 1920x1200 60.0 1920x1080 60.0 1600x1200 60.0 1680x1050 60.0 1400x1050 60.0 1360x768 60.0 1280x1024 60.0 1280x960 60.0 1280x800 60.0 1280x720 60.0 1024x768 60.0* 800x600 60.0 640x480 60.0
To authenticate the remote access, you need to create VNC password for each user involved. The password is saved into .vnc directory under each user’s home directory. To make life easy, you can use the same password for login even though it’s not recommended for security reason.
# su - cloud $ vncpasswd $ cd .vnc $ ls passwd $ exit
Run VNC Server and Make it Always On
Although the VNC server is installed by default, it’s not run as a service by default. In other words, you still need to run it manually as follows:
# service vncserver start
Still, we want the VNC run every time the OS boots. This is actually as easy as running any other services on Linux:
# chkconfig vncserver on
Open Up the Firewall
By this far, you are supposedly able to access the VNC server just configured. Unless you have turned off your firewall, the chance is you cannot yet access your machine from any other host than itself with vnc viewer.
The solution is very simple, either turn off firewall which I don’t recommend, or open the related ports. As the above configuration, you need to open up the TCP ports 5901 and 5902. On CentOS, it’s easy via GUI (System – Administration – Firewall, select Other Ports from left pane and add port there.) Again, don’t forget to click on the Apply button on the toolbar for the change to take effect immediately. You can also do it directly with iptable commnad line if you are familiar with the iptable.
Fix Authentication Issue
When connecting to a VNC server, you may see a dialog box on the screen whose title is “Authenticate” and the content says “Authentication is required to set the network proxy used for downloading packages. An application is attempting to perform an action that requires privileges. Authentication as the super user is required to perform this action.” You can enter root password there and click “Authenticate” button. The annoying part is that the next time you restart your OS, this dialog box comes back again.
If you want to turn it off, here is an easy fix:
You will see an application windows showing up. Scroll the list and un-checked PackageKit Update Applet. You won’t see the annoying dialog box after that.