Linux Desktop configuration for VNC server

How to configure your desktop for VNC server.

Go through ONE of the two instruction sets below, then click on one of the following links for instructions on client side configuration.

Xvnc

Xvnc spawns a new virtual desktop that runs independently of your current desktop session.

What to do

  • Run Xvnc by calling the vncserver wrapper script:

    vncserver -localhost
    
  • You will be asked for a password - here pick a password of your choice which will grant access to your VNC session/desktop; therefore follow standard security practices for choosing passwords:

    • Do not use your login name

    • Use a combination of lower and upper case letters, digits and special characters

    • Do not re-use your login password here or any other password

  • Verify this password by entering it a second time

  • You will get a message telling you the name of your new virtual desktop:

    [hgutch@asimov ~]$ vncserver -localhost
    
    You will require a password to access your desktops.
    
    Password:
    Verify:
    
    New 'asimov.oden.utexas.edu:1 (hgutch)' desktop is asimov.oden.utexas.edu:1
    
    Starting applications specified in /oden/hgutch/.vnc/xstartup
    Log file is /oden/hgutch/.vnc/asimov.oden.utexas.edu:1.log
    
    [hgutch@asimov ~]$
    
  • Take note of the display, here asimov.oden.utexas.edu:1; the display number is the number after the colon, in this example 1

  • The port to connect to is 5900+display number, in this case 5901; this is important in the next step

  • To reset your password, simply delete the ~/.vnc/pass and start vncserver as above

  • To shut down Xvnc, run

    vncserver -kill :1
    

    where :1 is your display number (see above)

Mate built-in VNC

The Mate desktop environment allows you to connect from remote via VNC. This does not spawn an extra desktop session, you instead now have a second (remote) screen and keyboard/mouse that can see and control this desktop. This allows you to control your running desktop session from a remote location (e.g., from at home or while abroad)

ATTENTION - anything you do in this VNC session can be seen by anybody physically sitting in front of your desktop so this might be considered a privacy/security risk, depending on the physical location and setup of your desktop. If this is a problem, consider using Xvnc (see above).

What to do

  • Go to System -> Preferences -> Other -> Remote Desktop

  • Check the box “Enable Remote Access (VNC)

  • Uncheck the box “View only”

  • Uncheck the box “Ask user for access”

  • Check the box “Require a password”

  • Choose a password and fill it in. This password will grant access to your desktop; therefore follow standard security practices for choosing passwords:

    • Do not use your login name

    • Use a combination of lower and upper case letters, digits and special characters

    • Do not re-use your login password here or any other password

  • Do not enable encryption(!) as this is not compatible with all VNC clients – connections will be restricted to localhost only in the next step and the client-side configuration explains how to tunnel everything through SSH anyway

../_images/vnc_server_1.png
  • Open a terminal and run:

    gsettings set org.gnome.Vino network-interface lo
    

    This will allow connections only from localhost. In case you want to reset this you can use this command:

    gsettings reset org.gnome.Vino network-interface
    
  • The port to connect to is 5900

  • To shut down this VNC service, open the Settings window as above and uncheck “Unable Remote Access (VNC)”