UPDATE March 11 2016, the “About VNC” and “VNC Connectivity for System Users” should still apply fairly well to RHEL 7/CentOS 7, but the “VNC Management for Systems Administrators” section is applicable ONLY TO RHEL/CentOS 6.x. Please view my newer post “VNC on CentOS and RHEL 7” for updates related to the newer RHEL release – installing, configuring, and using VNC on RHEL 7.x.
VNC is a Remote Desktop solution for Linux (and Unix) systems. The acronym stands for “Virtual Network Computing”. While the native X Window system supports remote screen access via X11 forwarding (over SSH, or direct), the performance of X over a WAN connection is not acceptable – there is no tolerance for the latency of a WAN link. VNC solves this problem by running your X11 GUI session directly on the remote server and then sending only minimal screen changes and keyboard/mouse actions to and from the client. Windows users can think of VNC as the “Remote Desktop” or “RDP” for Linux.
While there are many other remote desktop solutions available for Linux systems, VNC is the most ubiquitous. It has been around for a long time and all major distributions ship with supported VNC packages. Please note that VNC is NOT a secure protocol. There are some workarounds to send VNC through an encrypted connection, but VNC itself does not provide built-in security features – passwords are limited (truncated) to 8 characters and DES 56-bit encryption while screen, keyboard, and mouse data are sent across the network in the clear. See the TightVNC note on “How Secure is TightVNC?“.
VNC Connectivity for System Users
Windows users will need a VNC Client program. I recommend the open source TightVNC program – installed with ONLY the VNC Viewer program (NOT the server). Visit the TightVNC Download page to get the program. You will also need a Windows SSH client like PuTTY to log into the remote server and start or kill your VNC sessions.
SSH into the remote server and run “vncserver” under your user account to start a new session:
# first run will ask you to set a new vncpasswd vncserver # Take note of the output "desktop is HOSTNAME.DOMAIN-NAME:1". # The number after the colon ":#" is your VNC session number, # REMEMBER THIS.
Connect to your VNC session from another computer using a VNC Client program with the remote hostname and session number noted above like:
- HOSTNAME.DOMAIN-NAME:1 # substitute your server hostname and VNC session number
- If the hostname is not registered in DNS, use the IP address like: IP.ADD.RE.SS:1
When you’re finished using the VNC session, DO NOT LOG OFF from the GUI session, you MUST KILL the session from the command line. If you don’t kill it, the session will still be running and using up resources on the server.
# replace "1" with your session number vncserver -kill :1
To change your VNC password, use the following command:
To view your running VNC Session Number(s), use the following command:
vncserver -list ps -ef | grep -i jsmith | grep -i vnc # if -list option is missing # SUBSTITUTE YOUR USERNAME for "jsmith" above
VNC Management for Systems Administrators
Verify that package “tigervnc-server” is installed:
rpm -qa | grep -i vnc sudo yum install tigervnc-server # if missing
Open up the VNC ports on your server firewall:
sudo system-config-firewall # Add "Other Ports" TCP 5901-5910 and Apply. sudo iptables -nvL # to verify