VNC on CentOS and RHEL 7

This is a follow-on to my earlier posts “VNC on CentOS and RHEL 6” and “RHEL 7 Administration Notes“.

Setup of VNC Server on RHEL 7/CentOS 7 is very similar to that of RHEL 6/CentOS 6. The biggest difference is probably the firewall management as those tools have been replaced with new utilities in 7.x. Here is a quick bash command sample to get you started with VNC on this RHEL release. Important commands include yum install tigervnc-server, firewall-cmd --add-port=5901-5910/tcp --permanent, firewall-cmd --reload, vncpasswd, vncserver, vncserver -list, and vncserver -kill :# (substitute your ACTUAL SESSION NUMBER for #).

Please see my previous VNC on RHEL 6 article linked above for hints on connecting from a VNC client. If you’re on a private LAN or VPN, you can connect directly, BUT if you’re trying to use VNC from the Internet, you MUST encrypt your session (likely through SSH port forwarding). You should never use un-encrypted VNC over the Internet and you should not allow the VNC ports to be accessed from public IP’s (usually this would be blocked at your router or border firewall, but you can also block with the RHEL firewall as well). When in doubt about system security, you should probably keep the VNC ports closed and require all VNC use over SSH port forwarding (difficult for the users).

About notesbytom

Keeping technology notes on to free up my mind to solve new problems rather than figuring out the same ones repeatedly :-).
This entry was posted in Linux, System Administration and tagged , . Bookmark the permalink.

1 Response to VNC on CentOS and RHEL 7

  1. Pingback: VNC on CentOS and RHEL 6 | Notes by Tom

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s