How to install vnc server on RHEL 8 / CentOS 8

Remote connection to computers is as old as computer networks. Accessing the graphical interface (GUI) is a convenient way of working on a remote desktop. We can leave our graphical programs running and working, and we don’t need to keep the session open – we simply reconnect when we feel to do so.

VNC server is well-known graphical session server enabling remote connections that we can run with a non-privileged user. This way many users can access their own desktop on the same machine remotely, and will not block each other (apart from maybe using up the resources of the remove machine).

In this tutorial you will learn:

  • How to install required packages.
  • How to setup and start the VNC server on RHEL 8.
  • How to connect to a graphical session remotely.
  • How to run graphical programs in the xterm session.

VNC connection to RHEL8 with Remmina.

VNC connection to RHEL8 with Remmina.

Software Requirements and Conventions Used

Software Requirements and Linux Command Line Conventions
Category Requirements, Conventions or Software Version Used
System Red Hat Enterprise Linux 8
Software Tigervnc server 1.9
Other Privileged access to your Linux system as root or via the sudo command.
Conventions # – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command
$ – requires given linux commands to be executed as a regular non-privileged user

How to Install vnc server on RHEL 8 step by step instructions

There are many window managers we can use with the VNC server, but for the purpose of this tutorial we will setup a simple xterm session, as xterm is in the base repositories of Red Hat Enterprise Linux 8. We’ll show however, that this simple starting point gives about full functionality with a simple trick. Also note that there are much more sophisticated window managers out there, like xfce, but that is out of the scope of this tutorial.

  1. First we need to install the required packages for the server application:
    dnf install tigervnc-server xterm
  2. Next we need to open the firewall for the service. To check what services are permitted currently, we list enabled services:
    # firewall-cmd --list-services
    cockpit dhcpv6-client ssh

    Open the vnc-server service:

    # firewall-cmd --permanent --zone=public --add-service vnc-server

    Apply the configuration change:

    # firewall-cmd --reload

    And list services again to verify:

    # firewall-cmd --list-services
    cockpit dhcpv6-client ssh vnc-server
    Do not open your computer’s VNC service to the public! The firewall rule above is executed in a confined environment, and is for demonstration purposes only. Be sure to understand the risks before you open anything on an Internet-facing server, or even desktop.

  3. We need to setup the environment where the server will be running. In this example our goal is to run the server with a specified user testuser who does not have root privileges. Note that this step is done with the user that will run the server, not root. We set up a password that will allow connection (that has nothing to do with the user’s password used with ssh):
    $ vncpasswd 
    Would you like to enter a view-only password (y/n)? n

    We don’t need to have view-only logins in this example. Next we edit the /home/testuser/.vnc/xstartup text file with a text editor like nano. The file should be empty after install, and we’ll add only a minimal content to start xterm session on connection. We add the following line to the empty file:

    xterm -geometry 1044x810+10+10 &

    Adjust the geometry parameters to fit into your screen. Now we can start the server:

    $ vncserver 
    New 'rhel8beta.lab:1 (testuser)' desktop is
    Starting applications specified in /home/testuser/.vnc/xstartup
    Log file is /home/testuser/.vnc/rhel8beta.lab:1.log

    As the output suggests, we can follow the logs provided by the server in the logfiles under /home/<username>/.vnc/<hostname>:1.log, this filename will change if more than one VNC servers are running (as will the port you need to connect). The logfile also tells what port the server is listening on:

    vncext:      Listening for VNC connections on all interface(s), port 5901

    Which is the default VNC port.

  4. We can use many VNC clients to connect to the now started server. Remmina is a client shipped with recent Gnome desktops by default, and can handle SSH, RDP and VNC sessions. We need to provide the hostname or IP address of the host running the VNC server, as well as the port. The below example uses as address, and the default port 5901 we found in the logfile of the server in the previous step. We need to select “VNC” as protocol next to the address field, and type the password we specified with vncpasswd earlier.
    Connecting to tigervnc with Remmina.

    Connecting to tigervnc with Remmina.

    If everything works as expected, we are connected to the VNC server, and running xterm, accepting and providing clipboard content, protected from network failure. The top example below will run uninterrupted if we disconnect from the session, and reconnect later.

    Running top uninterrupted remotely.

    Running top uninterrupted remotely.

  5. While these steps basically show how to set up the VNC server and connect to it, it does not make much sense to run top on a remote xterm session, as we could do it with much less effort with ssh, and a session server like screen. To see the power of such a simple xterm setup, simply type gedit on the remote xterm console (assuming a Gnome desktop is installed).

    Running graphical programs within xterm.

    Running graphical programs within xterm.

    An empty document shows up in gedit, just as any graphical program would when started from command line. Note that the document that is being edited remotely, and the program that is holding it open is also protected by the VNC session. A network outage will not affect it, we can simply reconnect and continue work on the text, even if our client machine experiences unrecoverable error, and we forgot to save our work for the last few hours. Naturally the VNC server will not protect from the failure of the machine it is running on.