VNC CentOS
Intro | |
Install tigervnc-server | |
Start VNC Server | |
Check Status | |
Open Port in Firewall | |
Connect to VNC Server | |
Stop VNC Server | |
Change Port | |
Display 0 | |
Related Articles |
Intro
In computing, Virtual Network Computing (VNC) is a graphical desktop-sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer.
It transmits the keyboard and mouse events from one computer to another, relaying the graphical-screen updates back in the other direction, over a network.
VNC is platform-independent – there are clients and servers for many GUI-based operating systems and for
Java. Multiple clients may connect to a VNC server at the same time.
Popular uses for this technology include remote technical support and accessing files on one's work computer from one's home computer, or vice versa.
VNC was originally developed at the Olivetti & Oracle Research Lab in Cambridge, United Kingdom.
The original VNC source code and many modern derivatives are open source under the GNU General Public License.
VNC in KDE 3.1
There are a number of variants of VNC which offer their own particular functionality; e.g., some optimised for
Microsoft Windows, or offering file transfer (not part of VNC proper), etc. Many are compatible (without their added features) with VNC proper
in the sense that a viewer of one flavour can connect with a server of another; others are based on VNC code but not compatible with standard VNC.
VNC and RFB are registered trademarks of RealVNC Ltd. in the US and some other countries.
Install tigervnc-server
Run
sudo yum install tigervnc-server
Login as user to whom you want to provide vnc access or create a new user e.g. vnc-user
vncpasswd
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
A view-only password is not used
view-only password is a password for read-only access. There are limitations for mouse and keyboard input for such users. I decided not to use it now.
sudo vi /lib/systemd/system/vncserver@.service
# The vncserver service unit file # # Quick HowTo: # 1. Copy this file to /etc/systemd/system/vncserver@.service # 2. Replace <USER> with the actual user name and edit vncserver # parameters in the wrapper script located in /usr/bin/vncserver_wrapper # 3. Run `systemctl daemon-reload` # 4. Run `systemctl enable vncserver@:<display>.service` # # DO NOT RUN THIS SERVICE if your local area network is # untrusted! For a secure way of using VNC, you should # limit connections to the local host and then tunnel from # the machine you want to view VNC on (host A) to the machine # whose VNC output you want to view (host B) # # [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB # # this will open a connection on port 590N of your hostA to hostB's port 590M # (in fact, it ssh-connects to hostB and then connects to localhost (on hostB). # See the ssh man page for details on port forwarding) # # You can then point a VNC client on hostA at vncdisplay N of localhost and with # the help of ssh, you end up seeing what hostB makes available on port 590M # # Use "-nolisten tcp" to prevent X connections to your VNC server via TCP. # # Use "-localhost" to prevent remote VNC clients connecting except when # doing so through a secure tunnel. See the "-via" option in the # `man vncviewer' manual page. [Unit] Description=Remote desktop service (VNC) After=syslog.target network.target [Service] Type=simple # Clean any existing files in /tmp/.X11-unix environment ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' ExecStart=/usr/bin/vncserver_wrapper <USER> %i ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' [Install] WantedBy=multi-user.target
Run first and second steps from Quick HowTo (they are colorcoded)
sudo cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:1.service
Please notice 1 - it is not a random number but a display number that will be used by this server.
You can choose some other number just need to remember what you choose.
This example configures the VNC service for display 1. You will need to adapt these instructions if using other displays.
It is possible to use multiple monitors but in this chapter we will stick to simple single monitor configuration
sudo vi /etc/systemd/system/vncserver@\:1.service
In the line
ExecStart=/usr/bin/vncserver_wrapper <USER> %i
Change <USER> to correct username (vnc-user in this example). You can do it manually by vi or with a sed command
sudo sed -i 's/wrapper\ <USER>/wrapper\ vnc-user/' /etc/systemd/system/vncserver@\:1.service
Start VNC server
To autostart VNC sever with system boot run
systemctl enable vncserver@:1
To start VNC sever manually
sudo systemctl daemon-reload
sudo systemctl start vncserver@:1
Check VNC server status
systemctl status vncserver@:1
● vncserver@:1.service - Remote desktop service (VNC) Loaded: loaded (/etc/systemd/system/vncserver@:1.service; enabled; vendor preset: disabled) Active: active (running) since Tue 2021-03-16 13:49:55 EET; 3min 56s ago Process: 23138 ExecStartPre=/bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2>&1 || : (code=exited, status=0/SUCCESS) Main PID: 23145 (vncserver_wrapp) CGroup: /system.slice/system-vncserver.slice/vncserver@:1.service ├─23145 /bin/sh /usr/bin/vncserver_wrapper andrei :1 └─24097 /bin/sh /usr/bin/vncserver_wrapper andrei :1 Apr 19 05:37:32 localhost.localdomain systemd[1]: Starting Remote desktop service (VNC)... Apr 19 05:37:32 localhost.localdomain systemd[1]: Started Remote desktop service (VNC). Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[23145]: New 'localhost.localdomain:1 (andrei)' desktop is localhost.localdomain:1 Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[23145]: Creating default startup script /home/andrei/.vnc/xstartup Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[23145]: Creating default config /home/andrei/.vnc/config Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[23145]: Starting applications specified in /home/andrei/.vnc/xstartup Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[23145]: Log file is /home/andrei/.vnc/localhost.localdomain:1.log
Confirm, that vnc server is listening on port 5901 by running
ss -tulpn| grep vnc
tcp LISTEN 0 5 *:5901 *:* users:(("Xvnc",pid=1330,fd=9)) tcp LISTEN 0 128 *:6001 *:* users:(("Xvnc",pid=1330,fd=6)) tcp LISTEN 0 5 [::]:5901 [::]:* users:(("Xvnc",pid=1330,fd=10)) tcp LISTEN 0 128 [::]:6001 [::]:* users:(("Xvnc",pid=1330,fd=5))
Open Port in Firewall
Now port 5901 should be opened in
firewall
Run
sudo firewall-cmd --add-port=5901/tcp --permanent
sudo firewall-cmd --reload
sudo firewall-cmd --list-ports
19999/tcp 5901/tcp
As you can see - port 5901 is added to the list of open ports
If you are curious what port 19999 is - it is used by
Locust
Connecting to VNC server
Now it is time to test it with VNC client, e.g. with Remmina
sudo yum install remmina
Visit VNC server by typing correct IP and port :5901
Enter password for the user you have chosen as vnc user (vnc-user in the example) vncpasswd
Stop VNC server
with command
systemctl stop vncserver@:1
==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units === Authentication is required to manage system services or units. Authenticating as: andrei Password: ==== AUTHENTICATION COMPLETE ===
Change Port and Display
If you copy existing file /etc/systemd/system/vncserver@:1.service
cp /etc/systemd/system/vncserver@:1.service /etc/systemd/system/vncserver@:0.service
systemctl daemon-reload
==== AUTHENTICATING FOR org.freedesktop.systemd1.reload-daemon === Authentication is required to reload the systemd state. Authenticating as: andrei Password: ==== AUTHENTICATION COMPLETE === [andrei@localhost system]$ systemctl start vncserver@:0 ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units === Authentication is required to manage system services or units. Authenticating as: andrei Password: ==== AUTHENTICATION COMPLETE === [andrei@localhost system]$ systemctl status vncserver@:0 ● vncserver@:0.service - Remote desktop service (VNC) Loaded: loaded (/etc/systemd/system/vncserver@:0.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Wed 2021-03-17 16:55:56 EET; 11s ago Process: 8426 ExecStart=/usr/bin/vncserver_wrapper andrei %i (code=exited, status=2) Process: 8424 ExecStartPre=/bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2>&1 || : (code=exited, status=0/SUCCESS) Main PID: 8426 (code=exited, status=2) Apr 19 05:37:32 localhost.localdomain systemd[1]: Starting Remote desktop service (VNC)... Apr 19 05:37:32 localhost.localdomain systemd[1]: Started Remote desktop service (VNC). Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[8426]: Warning: localhost.localdomain:0 is taken because of /tmp/.X0-lock Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[8426]: Remove this file if there is no X server localhost.localdomain:0 Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[8426]: A VNC server is already running as :0 Apr 19 05:37:32 localhost.localdomain systemd[1]: vncserver@:0.service: main process exited, code=exited, status=2/INVALIDARGUMENT Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[8426]: FATAL: 'runuser -l andrei' failed! Apr 19 05:37:32 localhost.localdomain systemd[1]: Unit vncserver@:0.service entered failed state. Apr 19 05:37:32 localhost.localdomain systemd[1]: vncserver@:0.service failed.
Notice the following warning: Warning: localhost.localdomain:0 is taken because of /tmp/.X0-lock
File .X0-lock should be deleted
rm /tmp/.X0-lock
systemctl start vncserver@:0
systemctl status vncserver@:0
● vncserver@:0.service - Remote desktop service (VNC) Loaded: loaded (/etc/systemd/system/vncserver@:0.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Wed 2021-03-17 17:14:50 EET; 13s ago Process: 9358 ExecStart=/usr/bin/vncserver_wrapper andrei %i (code=exited, status=2) Process: 9356 ExecStartPre=/bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2>&1 || : (code=exited, status=0/SUCCESS) Main PID: 9358 (code=exited, status=2) Apr 19 05:37:32 localhost.localdomain systemd[1]: Starting Remote desktop service (VNC)... Apr 19 05:37:32 localhost.localdomain systemd[1]: Started Remote desktop service (VNC). Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[9358]: Warning: localhost.localdomain:0 is taken because of /tmp/.X11-unix/X0 Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[9358]: Remove this file if there is no X server localhost.localdomain:0 Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[9358]: A VNC server is already running as :0 Apr 19 05:37:32 localhost.localdomain systemd[1]: vncserver@:0.service: main process exited, code=exited, status=2/INVALIDARGUMENT Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[9358]: FATAL: 'runuser -l andrei' failed! Apr 19 05:37:32 localhost.localdomain systemd[1]: Unit vncserver@:0.service entered failed state. Apr 19 05:37:32 localhost.localdomain systemd[1]: vncserver@:0.service failed.
Now delete .X11-unix/X0k
rm /tmp/.X11-unix/X0k
systemctl daemon-reload
systemctl start vncserver@:0
systemctl status vncserver@:0
● vncserver@:0.service - Remote desktop service (VNC) Loaded: loaded (/etc/systemd/system/vncserver@:0.service; enabled; vendor preset: disabled) Active: active (running) since Wed 2024-04-19 17:16:39 EET; 4s ago Process: 9513 ExecStartPre=/bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2>&1 || : (code=exited, status=0/SUCCESS) Main PID: 9516 (vncserver_wrapp) CGroup: /system.slice/system-vncserver.slice/vncserver@:0.service └─9516 /bin/sh /usr/bin/vncserver_wrapper andrei :0 Apr 19 05:37:32 localhost.localdomain systemd[1]: Starting Remote desktop service (VNC)... Apr 19 05:37:32 localhost.localdomain systemd[1]: Started Remote desktop service (VNC). Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[9516]: WARNING: The first attempt to start Xvnc failed, possibly because the font Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[9516]: catalog is not properly configured. Attempting to determine an appropriate Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[9516]: font path for this system and restart Xvnc using that font path ...
Display 0
If you try to start server on display 0 and receiving an error
● vncserver@:0.service - Remote desktop service (VNC) Loaded: loaded (/etc/systemd/system/vncserver@:0.service; enabled; vendor preset: Active: failed (Result: exit-code) since Thu 2021-03-18 15:50:32 EET; 2min 8s ago Process: 4260 ExecStart=/usr/bin/vncserver_wrapper andrei %i (code=exited, status= Process: 4255 ExecStartPre=/bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2>&1 Main PID: 4260 (code=exited, status=2) Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[4260]: (EE) Cannot establish Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[4260]: _XSERVTransSocketUNIX Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[4260]: _XSERVTransMakeAllCOT Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[4260]: (EE) Apr 19 05:37:32 localhost.localdomain vncserver_wrapper[4260]: Fatal server error:
Confim that you do not have X Window System
running on the same machine - usually it uses display 0
If it is running you need to stop X-server
Read
«How to stop / restart X-server in CentOS / RedHat»
if you need instructions.