Advance

How to install and configure VNC on Ubuntu 20.04

How to install and configure VNC on Ubuntu 20.04
0
(0)

[Updated on Date: 2021-02-06] VNC (Virtual network computing) is a connection system that allows you to use your keyboard and mouse to interact with a graphical desktop environment on a remote server. It makes managing files, software, and settings on a remote server easier for users who are not yet comfortable with the command line. By introducing VNC, we will be with you to start this tutorial on How to install and configure VNC on Ubuntu 20.04. You can see the packages available in Eldernode to purchase the Ubuntu VPS server.

Tutorial Install and Configure VNC on Ubuntu 20.04

Recommended Article: How to install and configure VNC on Ubuntu 20.04

Prerequisites for installing VNC on Ubuntu 20.04

The tutorial may be more useful if you consider below:

– a non-root user with Sudo privileges

To set up, follow our Initial server setup on Ubuntu 20.04

– A local computer with a VNC client installed. The VNC client you use must support connections over SSH tunnels:

On Windows, you can use TightVNC, RealVNC, or UltraVNC. Also on macOS, you can use the built-in Screen Sharing program or can use a cross-platform app like RealVNC. And on Linux, you can choose from many options, including Vinagre, krdc, RealVNC, or TightVNC.

Install and Configure VNC on Ubuntu 20.04

Let’s walk through the steps of this tutorial to learn how to install and configure VNC on Ubuntu 20.04. So join us to see how to set up a VNC server with TightVNC on an Ubuntu 20.04 server and connect to it securely through an SSH tunnel. Then, you’ll use a VNC client program on your local machine to interact with your server through a graphical desktop environment.

Since an Ubuntu 20.04 server does not come with a graphical desktop environment or a VNC server installed by default, so you’ll begin by installing those. You have many options when it comes to which VNC server and desktop environment you choose.

In this tutorial, you will install packages for the latest Xfce desktop environment and the TightVNC package available from the official Ubuntu repository. Both Xfce and TightVNC are known for being lightweight and fast, which will help ensure that the VNC connection will be smooth and stable even on slower internet connections.

How to Install the Desktop Environment and VNC Server

After connecting to your server with SSH, update your list of packages:

sudo apt update

Then, install Xfce along with the xfce4-goodies package, which contains a few enhancements for the desktop environment:

sudo apt install xfce4 xfce4-goodies  

You may face some prompts to choose a default display manager for Xfce. It will allow you to select and log in to a desktop environment through a graphical interface. You’ll only be using Xfce when you connect with a VNC client, and in these Xfce sessions, you’ll already be logged in as your non-root Ubuntu user. So for the purposes of this tutorial, your choice of display manager isn’t pertinent. Select either one and press ENTER.

Next, install the TightVNC server:

sudo apt install tightvncserver  

To set a VNC access password, run the vncserver command. And create the initial configuration files, and start a VNC server instance:

vncserver

And when you will be prompted to enter and verify a password to access your machine remotely:

Output
You will require a password to access your desktops.    Password:  Verify:

As you know, the password must be between six and eight characters long. Passwords more than 8 characters will be truncated automatically.

Once you verify the password, you’ll have the option to create a view-only password. Users who log in with the view-only password will not be able to control the VNC instance with their mouse or keyboard. This is a helpful option if you want to demonstrate something to other people using your VNC server, but this isn’t required.

And you could see the process creates the necessary default configuration files and connection information for the server. Even though, it launches a default server instance on port 5901. This port is called a display port and is referred to by VNC as:1. VNC can launch multiple instances on other display ports, with:2 referring to port 5902, 3 referring to 5903, and so on:

Output

Would you like to enter a view-only password (y/n)? n  xauth:  file /home/noodi/.Xauthority does not exist    New 'X' desktop is your_hostname:1    Creating default startup script /home/noodi/.vnc/xstartup  Starting applications specified in /home/noodi/.vnc/xstartup  Log file is /home/noodi/.vnc/your_hostname:1.log

Remember: If you ever want to change your password or add a view-only password, you can do so with the vncpasswd command:

vncpasswd

Just now, the VNC server is installed and running. Now let’s configure it to launch Xfce and give us access to the server through a graphical interface.

How to Configure the VNC Server

To help you learn this step, please be aware that the VNC server needs to know which commands to execute when it starts up. Specifically, VNC needs to know which graphical desktop environment it should connect to.

The commands that the VNC server runs at startup are located in a configuration file called xstartup in the .vnc folder under your home directory. The startup script was created when you ran the vncserver command in the previous step, but you’ll create your own to launch the Xfce desktop. Because you are going to be changing how the VNC server is configured, first stop the VNC server instance that is running on port 5901 with the following command:

vncserver -kill :1
Output
Killing Xtightvnc process ID 17648

To back up the original before you modify the xstartup file:

mv ~/.vnc/xstartup ~/.vnc/xstartup.bak  

Then you can create a new xstartup file and open it in a text editor.

nano ~/.vnc/xstartup  

Now add the following lines to the file:

~/.vnc/xstartup
#!/bin/bash  xrdb $HOME/.Xresources  startxfce4 &

After you added the lines, save and close the file. If you used nano, do so by pressing CTRL + X, Y, then ENTER. And then, to ensure that the VNC server will be able to use this new startup file properly, you’ll need to make it executable:

chmod +x ~/.vnc/xstartup

Then, restart the VNC server:

vncserver -localhost  

Note: This time the command includes the -localhost option, which binds the VNC server to your server’s loopback interface. This will cause VNC to only allow connections that originate from the server on which it’s installed.

Then you’ll establish an SSH tunnel between your local machine and your server, essentially tricking VNC into thinking that the connection from your local machine originated on your server. This strategy will add an extra layer of security around VNC, as the only users who will be able to access it are those that already have SSH access to your server.

Output
New 'X' desktop is your_hostname:1    Starting applications specified in /home/noodi/.vnc/xstartup  Log file is /home/noodi/.vnc/your_hostname:1.log

How to Connect to the VNC Desktop Securely

VNC itself does not use secure protocols when connecting. To securely connect to your server, you’ll establish an SSH tunnel and then tell your VNC client to connect using that tunnel rather than making a direct connection.

Create an SSH connection on your local computer that securely forwards to the localhost connection for VNC. You can do this via the terminal on Linux or macOS with the following ssh command:

ssh -L 59000:localhost:5901 -C -N -l noodi your_server_ip  

Have a look at what this ssh command’s options mean:

-L 59000:localhost:5901: The -L switch specifies that the given port on the local computer (59000) is to be forwarded to the given host and port on the destination server (localhost:5901, meaning port 5901 on the destination server, defined as your_server_ip). Note that the local port you specify is somewhat arbitrary; as long as the port isn’t already bound to another service, you can use it as the forwarding port for your tunnel.

-C: This flag enables compression which can help minimize resource consumption and speed things up.

-N: This option tells ssh that you don’t want to execute any remote commands. This setting is useful when you just want to forward ports.

-l noodi your_server_ip: The -l switch lets you specify the user you want to log in to once you connect to the server. Make sure to replace noodi

your_server_ip with the name of your non-root user and your server’s IP address.

To read more: This command establishes an SSH tunnel that forwards information from port 5901 on your VNC server to port 59000 on your local machine via port 22 on each machine, the default port for SSH. Assuming you followed the prerequisite Initial Server Setup guide for Ubuntu 20.04, you will have added a UFW rule to allow connections to your server over OpenSSH.

This is more secure than simply opening up your server’s firewall to allow connections to port 5901, as that would allow anyone to access your server over VNC. By connecting over an SSH tunnel, you’re limiting VNC access to machines that already have SSH access to the server.

Also, if you are using PuTTY to connect to your server, you can create an SSH tunnel by right-clicking on the top bar of the terminal window, and then click the Change Settings… option.

When you passed the last section, find the Connection branch in the tree menu on the left-hand side of the PuTTY Reconfiguration window. Expand the SSH branch and click on Tunnels. On the Options controlling SSH port forwarding screen, enter 59000 as the Source Port and localhost:5901 as the Destination, like this:

 

vnc_putty_reconf_local

 

when you visited this window, click the Add button, and then the Apply button to implement the tunnel.

Once the tunnel is running, use a VNC client to connect to localhost:59000. You will face the prompts to authenticate using the password you set in Step 1.

You will see the default Xfce desktop when you connect.

Also, you can access files in your home directory with the file manager or from the command line.

Press CTRL+C in your local terminal to stop the SSH tunnel and return to your prompt. This will disconnect your VNC session as well.

Finally, you can configure your VNC server to run as a systemd service now.

Running VNC as a System Service

You would be able to start, stop, and restart it as needed, like any other service. So when you set up the VNC server to run as a systemd service. You can also use systemd’s management commands to ensure that VNC starts when your server boots up.

But first, create a new unit file called /etc/systemd/system/[email protected]:

sudo nano /etc/systemd/system/[email protected]  

For more explanation, the @ symbol at the end of the name will let us pass in an argument you can use in the service configuration. You’ll use this to specify the VNC display port you want to use when you manage the service. Add the following lines to the file. Be sure to change the value of UserGroupWorkingDirectory. And the username in the value of PIDFILE to match your username:

/etc/systemd/system/[email protected]
[Unit]  Description=Start TightVNC server at startup  After=syslog.target network.target    [Service]  Type=forking  User=noodi  Group=noodi  WorkingDirectory=/home/noodi    PIDFile=/home/noodi/.vnc/%H:%i.pid  ExecStartPre=-/usr/bin/vncserver -kill :%i > /dev/null 2>&1  ExecStart=/usr/bin/vncserver -depth 24 -geometry 1280x800 -localhost :%i  ExecStop=/usr/bin/vncserver -kill :%i    [Install]  WantedBy=multi-user.target

And let’s know more of the command above. The ExecStartPre command stops VNC if it’s already running. The ExecStart command starts VNC and sets the color depth to 24-bit color with a resolution of 1280×800. You can modify these startup options as well to meet your needs. Also, note that the ExecStart command again includes the -localhost option. You can save and close the file now and then make the system aware of the new unit file:

sudo systemctl daemon-reload

To enable the unit file:

sudo systemctl enable [email protected]  

Again let us explain that the 1 following the @ sign signifies which display number the service should appear over, in this case, the default :1 as discussed in Step 2.

To stop the current instance of the VNC server if it’s still running:

vncserver -kill :1  

Then start it as you would start any other systemd service:

sudo systemctl start vncserver@1  

You can verify that it started with this command:

sudo systemctl status vncserver@1  
Output
[email protected] - Start TightVNC server at startup       Loaded: loaded (/etc/systemd/system/[email protected]; enabled; vendor preset: enabled)       Active: active (running) since Thu 2020-05-07 17:23:50 UTC; 6s ago      Process: 39768 ExecStartPre=/usr/bin/vncserver -kill :1 > /dev/null 2>&1 (code=exited, status=2)      Process: 39772 ExecStart=/usr/bin/vncserver -depth 24 -geometry 1280x800 :1 (code=exited, status=0/SUCCESS)     Main PID: 39795 (Xtightvnc)  ...

By reaching this point, the VNC server is now ready to use whenever your server boots up, and you can manage it with systemctl commands like any other systemd service.

However, there won’t be any difference on the client-side. To reconnect, start your SSH tunnel again.

ssh -L 59000:localhost:5901 -C -N -l noodi your_server_ip  

Then, to connect to your server make a new connection using your VNC client software to localhost:59000

Conclusion

VNC, known by many as a console, is using to monitor server status during network outages and lack of access. With VNC you can view the status of your server. And check what is the problem with not being able to access your server. Many servers hang when booting, or the sshd service may not work properly on Linux servers. With VNC you can enter the server and use it to check and solve the problem. We tried to teach you to step by step how to install and configure VNC on Ubuntu 20.04. Now you’ll be able to manage your files, software, and settings with a user-friendly graphical interface. And you’ll be able to run graphical software like web browsers remotely.

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

View More Posts
Marilyn Bisson
Content Writer
Eldernode Writer
We Are Waiting for your valuable comments and you can be sure that it will be answered in the shortest possible time.

Leave a Reply

Your email address will not be published. Required fields are marked *

We are by your side every step of the way

Think about developing your online business; We will protect it compassionately

We are by your side every step of the way

+8595670151

7 days a week, 24 hours a day