What is VNC?
VNC or Virtual Network Computing is an independent platform that allows you to remote and control another computer desktop with GUI (Graphical User Interface) over the network connection.
It’s desktop-sharing software that transmits keyboard and mouse events from one computer to another through the RFB (Remote Frame Buffer) protocol.
How VNC Works?
The VNC works on the client-server model architecture. A VNC Client uses the VNC viewer application (installed on the client-side) to connect and remote to the VNC server, which is the VNC Server components installed on it.
In this tutorial, you will learn how to install VNC Server on the CentOS 8 Server. You will learn how to install Graphical Desktop Environment GNOME, setup the VNC Server with TigerVNC, and connect securely to the VNC Server through SSH Tunnel.
For this tutorial, make sure you have got a CentOS 8 server with root privileges. Also, you need to install a VNC Viewer on your local computer.
Below is the tutorial about the CentOS 8 server installation.
Before going any further, log in to your CentOS server and type the sudo command to get the root privileges.
Step 1 – Install GNOME Desktop on CentOS 8
In this step, you will install the GNOME Desktop to your CentOS 8 Server.
By default, the CentOS 8 provides 2 different group packages for Graphical Environment, the “Workstation” and “Server with GUI”.
Both group packages use the GNOME as it’s default Desktop Environment (DE), but for slightly different purposes.
- The “Workstation” group is a user-friendly desktop system, usually installed on laptops and PCs.
- However the “Server with GUI” is focused on the Server environment, it’s an integrated Desktop for easy-to-manage server through Graphical Environment.
To get information about both group packages, run the dnf command as below.
dnf group info "Workstation" dnf group info "Server with GUI"
For this tutorial, you will install the GNOME Desktop through the group packages “Server with GUI”, install it using the dnf command below.
dnf group install "Server with GUI"
Once all packages installation is finished, move to step 2 for installing the TigerVNC Server.
Step 2 – Install TigerVNC Server
After installing the GNOME Desktop on the CentOS 8 Server, you will install the VNC Server software named ‘TigerVNC Server’.
It’s available by default on the CentOS AppStream repository and provides a set of utilities which makes your VNC Server is more user-friendly and easy to manage and install.
Install TigerVNC Server software to the CentOS system using the dnf command as below.
dnf install tigervnc-server tigervnc-server-module
As a result, you’ve installed the TigerVNC Server on your CentOS 8 Server, and you’re ready setup your VNC Server.
Step 3 – Add New User
For this tutorial, you will run the VNC Server for a non-root user but have the root/sudo privileges.
For this example, the VNC Server will run as a user ‘chaewon’.
Create a new user ‘chaewon’ and set up its password using the following commands.
useradd -m -s /bin/bash chaewon passwd chaewon
Now type the strong password for user ‘chaeowon’.
After that, add the ‘chaewon’ user to the ‘wheel’ group, so the user will be able to run the sudo command to get the root privileges.
usermod -a -G wheel chaewon
As a result, you’ve created a new user ‘chaewon’ with the root/sudo privileges through the ‘wheel’ group on the CentOS system.
Step 4 – Initialize VNC Server Configuration
In this step, you will initialize the VNC Server configuration for user ‘chaewon’. Also, you will set up the password authentication for your VNC Server.
Now log in to the user ‘chaewon’ using the following command.
su - chaewon
Then initialize the VNC Server configuration using the ‘vncserver’ command as below.
Now you will be asked for the VNC Server password authentication. Type your password and repeat to verify, then type ‘n’ to disable the view-only password configuration.
And the VNC Server initialization will be completed, below is the response you will get.
Password: Verify: Would you like to enter a view-only password (y/n)? n A view-only password is not used xauth: file /home/chaewon/.Xauthority does not exist New 'sysadminjournal:1 (chaewon)' desktop is sysadminjournal:1 Creating default startup script /home/chaewon/.vnc/xstartup Creating default config /home/chaewon/.vnc/config Starting applications specified in /home/chaewon/.vnc/xstartup Log file is /home/chaewon/.vnc/sysadminjournal:1.log
As can be seen, you’ve successfully initialized the VNC Server configuration. Also, you’ve created the new VNC Server desktop ‘sysadminjounal:1‘.
Now kill the process of desktop ‘sysadminjournal:1’, because you must customize the VNC Server configuration.
To terminate/kill the VNC Server desktop, run the command below.
vncserver -kill $(hostname):1
And you will get the response as below.
Killing Xvnc process ID 3067
As a result, you’ve terminated the desktop ‘sysadminjournal:1‘ session, and you’ready to add additional configuration to the VNC Server.
Step 5 – Configure VNC Server
In this step, you will add additional configuration to the VNC Server.
Go to the ‘~/.vnc’ directory and edit the startup file ‘xstartup’ using vim editor.
cd ~/.vnc/ vim xstartup
At the bottom section, you will get the GNOME Desktop configuration. It will automatically run the GNOME Desktop, otherwise, the VNC Server will be terminated.
Leave it as default as below.
#!/bin/sh unset SESSION_MANAGER unset DBUS_SESSION_BUS_ADDRESS /etc/X11/xinit/xinitrc # Assume either Gnome will be started by default when installed # We want to kill the session automatically in this case when the user logs out. In case you modify # /etc/X11/xinit/Xclients or ~/.Xclients yourself to achieve a different result, then you should # be responsible to modify below code to avoid that your session will be automatically killed if [ -e /usr/bin/gnome-session ]; then vncserver -kill $DISPLAY fi
Save and close.
Next, edit the ‘config’ file using vim editor.
Uncomment the ‘geometry’ option to set up the default resolution of your VNC Server Desktop session. Change the value with your own as below.
## Supported server options to pass to vncserver upon invocation can be listed ## in this file. See the following manpages for more: vncserver(1) Xvnc(1). ## Several common ones are shown below. Uncomment and modify to your liking. ## # securitytypes=vncauth,tlsvnc # desktop=sandbox geometry=1920x1080 # localhost # alwaysshared
Save and close.
As a result, you’ve successfully configured the VNC Server with the GNOME Desktop. Also, you’ve set up the default resolution of your VNC Server Desktop.
Step 6 – Running VNC Server as Systemd Service
After configuring the VNC Server, you will set up the VNC Server as a systemd service.
Log in to the user ‘chaewon’ using the following command.
su - chaewon
Allow the user ‘chaewon’ to run the Systemd services and create a new environment variable ‘XDG_RUNTIME_DIR’ using the following command.
loginctl enable-linger chaewon export XDG_RUNTIME_DIR=/run/user/`id -u`
Now create a new systemd service directory and copy the default vnc service script into it.
mkdir -p ~/.config/systemd/user/ cp /usr/lib/systemd/user/[email protected] ~/.config/systemd/user/
After that, reload the systemd manager and make sure there is no error.
systemctl --user daemon-reload
Then start the VNC Server service for Desktop session number ‘1’ and add it to the system boot. After that, check the vnc service status using the systemctl command below.
systemctl --user enable --now [email protected]:1.service systemctl --user status [email protected]:1.service
Below is the result you will get.
As a result, the VNC Server is up and running as a systemd service. It’s running on default VNC Server port ‘5901’, check the system ports using netstat command below.
As a result, you’ve successfully setup the VNC Server as a systemd service.
Step 7 – Setup Firewalld
In this step, you will add the VNC Server port ‘5901’ to the firewalld.
Back to your root user and add the VNC Server port ‘5901’ using the firewall-cmd command below.
firewall-cmd --permanent --add-port=5901/tcp firewall-cmd --reload
As a result, you’ve added the VNC Server port ‘5901’ to the firewalld. In effect, the VNC Server is now accessible over the network.
Step 8 – Install VNC Client Software
To connect to the VNC Server, you must install the VNC Viewer software on your local computer. You can use UltraVNC, RealVNC, or TigerVNC Viewer.
For Windows users, download and install RealVNC Viewer from the following URL.
And for Mac users, download and install RealVNC Viewer from the following URL.
For Ubuntu users, you can install the ‘TigerVNC Viewer’ from the Ubuntu repository using the apt command below.
apt install tigervnc-viewer
Optionally, you use RealVNC for Debian based operating system.
Download the RealVNC Package for Linux Debian from the URL below.
Now install the RealVNC Viewer using the “dpkg” command below.
sudo dpkg -i VNC-Viewer-*.deb
As a result, you’ve successfully installed the VNC Viewer software to your local computer.
Step 9 – Connect to VNC Server with SSH Tunneling
It’s important to connect to your VNC Server securely. To do that, you can use the special VPN connection installed on the server, or using the simple SSH tunneling.
For this step, you will learn how to connect to the VNC Server securely through the SSH Tunneling.
First, create a new SSH tunneling connection to the VNC Server port ‘5901‘ using the SSH command below.
ssh -L 5901:127.0.0.1:5901 -C -N -l chaewon 10.5.5.25
Change the ‘chaewon’ user with your own and type your password.
Next, open your VNC Viewer software (we’re using RealVNC Viewer) and type the localhost address ‘127.0.0.1‘ with default VNC Server port ‘5901‘ and press Enter to connect.
Now type your VNC Server password and click “OK” to continue.
And you will be prompted about the unsecure connection to ‘localhost’, it’s fine because you’re connected locally, click the ‘Continue‘ button.
And you will get the default CentOS 8 with the GNOME Desktop.
As a result, you’ve successfully connected to the VNC Server securely through the SSH Tunneling.
Finally, you’ve installed the VNC Server on CentOS 8 Server with the GNOME as a default Desktop Environment. Also, you’ve successfully connected securely to the VNC Server through SSH Tunneling.