Most of the time as a Linux system administrator you are managing your servers over the network. It is very rare that you will need to have a physical access to any of your managed servers. In most cases all you need is to SSH remotely to do your administration tasks. In this article we will configure a GUI alternative to a remote access to your RHEL server, which is VNC. VNC allows you to open a remote GUI session to your server and thus providing you with a full graphical interface accessible from any remote location.In this tutorial you will learn:
- How to install required VNC packages
- How to setup and start the VNC server on RHEL
- How to connect to a graphical session remotely
- How to run graphical programs in the xterm session
|Category||Requirements, Conventions or Software Version Used|
|System||Red Hat Enterprise Linux|
|Other||Privileged access to your Linux system as root or via the |
|Conventions|| # - requires given linux commands to be executed with root privileges either directly as a root user or by use of |
Installation and setup of VNC server
There are many window managers we can use with the VNC server, but for the purpose of this tutorial we will setup a simple xterm session, as
xterm is in the base repositories of Red Hat Enterprise Linux. We'll show however, that this simple starting point gives about full functionality with a simple trick. Also note that there are much more sophisticated window managers out there, like
xfce, but that is out of the scope of this tutorial.
- First, we need to install the required packages for the server application:
# dnf install tigervnc-server xterm
- Next we need to open the firewall for the service. To check what services are permitted currently, we list enabled services:
# firewall-cmd --list-services cockpit dhcpv6-client sshOpen the
# firewall-cmd --permanent --zone=public --add-service vnc-server successApply the configuration change:
# firewall-cmd --reloadAnd list services again to verify:
# firewall-cmd --list-services cockpit dhcpv6-client ssh vnc-server
Do not open your computer's VNC service to the public! The firewall rule above is executed in a confined environment, and is for demonstration purposes only. Be sure to understand the risks before you open anything on an Internet-facing server, or even desktop.
- We need to setup the environment where the server will be running. In this example our goal is to run the server with a specified user
testuserwho does not have
rootprivileges. Note that this step is done with the user that will run the server, not
root. We set up a password that will allow connection (that has nothing to do with the user's password used with
$ vncpasswd Password: Verify: Would you like to enter a view-only password (y/n)? nWe don't need to have view-only logins in this example. Next we edit the
/home/testuser/.vnc/xstartuptext file with a text editor like
nano. The file should be empty after install, and we'll add only a minimal content to start
xtermsession on connection. We add the following line to the empty file:
xterm -geometry 1044x810+10+10 &Adjust the geometry parameters to fit into your screen. Now we can start the server:
$ vncserver New 'rhel8beta.lab:1 (testuser)' desktop is rhel8beta.home.hu:1 Starting applications specified in /home/testuser/.vnc/xstartup Log file is /home/testuser/.vnc/rhel8beta.lab:1.logAs the output suggests, we can follow the logs provided by the server in the logfiles under
/home/<username>/.vnc/<hostname>:1.log, this filename will change if more than one VNC servers are running (as will the port you need to connect). The logfile also tells what port the server is listening on:
vncext: Listening for VNC connections on all interface(s), port 5901Which is the default VNC port.
- We can use many VNC clients to connect to the now started server.
Remminais a client shipped with recent Gnome desktops by default, and can handle SSH, RDP and VNC sessions. We need to provide the hostname or IP address of the host running the VNC server, as well as the port. The below example uses
192.168.1.14as address, and the default port
5901we found in the logfile of the server in the previous step. We need to select "VNC" as protocol next to the address field, and type the password we specified with
vncpasswdearlier.If everything works as expected, we are connected to the VNC server, and running
xterm, accepting and providing clipboard content, protected from network failure. The
topexample below will run uninterrupted if we disconnect from the session, and reconnect later.
- While these steps basically show how to set up the VNC server and connect to it, it does not make much sense to run
topon a remote
xtermsession, as we could do it with much less effort with ssh, and a session server like
screen. To see the power of such a simple xterm setup, simply type
gediton the remote xterm console (assuming a Gnome desktop is installed).
An empty document shows up in gedit, just as any graphical program would when started from command line. Note that the document that is being edited remotely, and the program that is holding it open is also protected by the VNC session. A network outage will not affect it, we can simply reconnect and continue work on the text, even if our client machine experiences unrecoverable error, and we forgot to save our work for the last few hours. Naturally the VNC server will not protect from the failure of the machine it is running on.
If you get a "connection refused" error, it's most likely an issue with your firewall settings. Ensure you have configured access for VNC with the following commands:
# firewall-cmd --permanent --zone=public --add-service vnc-server # firewall-cmd --reload
Otherwise, it could be a device between the two systems that is blocking the connection, or just a routing issue with the network.
If you try to connect to the VNC server and end up with only a black screen, it's likely because there is no window manager for VNC. In the instructions above, we show how to configure
xterm for this purpose. You can also use a full-featured window manager like GNOME or XFCE, but you have to set something. Ensure that xterm is configured as the VNC window manager per the instructions above.