Remote connection to computers is as old as computer networks. Accessing the graphical interface (GUI) is a convenient way of working on a remote desktop. We can leave our graphical programs running and working, and we don’t need to keep the session open – we simply reconnect when we feel to do so.
VNC server is well-known graphical session server enabling remote connections that we can run with a non-privileged user. This way many users can access their own desktop on the same machine remotely, and will not block each other (apart from maybe using up the resources of the remove machine).
In this tutorial you will learn:
- How to install required packages.
- How to setup and start the VNC server on RHEL 8.
- How to connect to a graphical session remotely.
- How to run graphical programs in the xterm session.
Software Requirements and Conventions Used
Category | Requirements, Conventions or Software Version Used |
---|---|
System | Red Hat Enterprise Linux 8 |
Software | Tigervnc server 1.9 |
Other | Privileged access to your Linux system as root or via the sudo command. |
Conventions |
# – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command$ – requires given linux commands to be executed as a regular non-privileged user |
How to Install vnc server on RHEL 8 step by step instructions
There are many window managers we can use with the VNC server, but for the purpose of this tutorial we will setup a simple xterm session, as xterm
is in the base repositories of Red Hat Enterprise Linux 8. We’ll show however, that this simple starting point gives about full functionality with a simple trick. Also note that there are much more sophisticated window managers out there, like xfce
, but that is out of the scope of this tutorial.
- First we need to install the required packages for the server application:
dnf install tigervnc-server xterm
- Next we need to open the firewall for the service. To check what services are permitted currently, we list enabled services:
# firewall-cmd --list-services cockpit dhcpv6-client ssh
Open the
vnc-server
service:# firewall-cmd --permanent --zone=public --add-service vnc-server success
Apply the configuration change:
# firewall-cmd --reload
And list services again to verify:
# firewall-cmd --list-services cockpit dhcpv6-client ssh vnc-server
WARNING
Do not open your computer’s VNC service to the public! The firewall rule above is executed in a confined environment, and is for demonstration purposes only. Be sure to understand the risks before you open anything on an Internet-facing server, or even desktop. - We need to setup the environment where the server will be running. In this example our goal is to run the server with a specified user
testuser
who does not haveroot
privileges. Note that this step is done with the user that will run the server, notroot
. We set up a password that will allow connection (that has nothing to do with the user’s password used withssh
):$ vncpasswd Password: Verify: Would you like to enter a view-only password (y/n)? n
We don’t need to have view-only logins in this example. Next we edit the
/home/testuser/.vnc/xstartup
text file with a text editor likenano
. The file should be empty after install, and we’ll add only a minimal content to startxterm
session on connection. We add the following line to the empty file:xterm -geometry 1044x810+10+10 &
Adjust the geometry parameters to fit into your screen. Now we can start the server:
$ vncserver New 'rhel8beta.lab:1 (testuser)' desktop is rhel8beta.home.hu:1 Starting applications specified in /home/testuser/.vnc/xstartup Log file is /home/testuser/.vnc/rhel8beta.lab:1.log
As the output suggests, we can follow the logs provided by the server in the logfiles under
/home/<username>/.vnc/<hostname>:1.log
, this filename will change if more than one VNC servers are running (as will the port you need to connect). The logfile also tells what port the server is listening on:vncext: Listening for VNC connections on all interface(s), port 5901
Which is the default VNC port.
- We can use many VNC clients to connect to the now started server.
Remmina
is a client shipped with recent Gnome desktops by default, and can handle SSH, RDP and VNC sessions. We need to provide the hostname or IP address of the host running the VNC server, as well as the port. The below example uses192.168.1.14
as address, and the default port5901
we found in the logfile of the server in the previous step. We need to select “VNC” as protocol next to the address field, and type the password we specified withvncpasswd
earlier.
If everything works as expected, we are connected to the VNC server, and running
xterm
, accepting and providing clipboard content, protected from network failure. Thetop
example below will run uninterrupted if we disconnect from the session, and reconnect later. - While these steps basically show how to set up the VNC server and connect to it, it does not make much sense to run
top
on a remotexterm
session, as we could do it with much less effort with ssh, and a session server likescreen
. To see the power of such a simple xterm setup, simply typegedit
on the remote xterm console (assuming a Gnome desktop is installed).
An empty document shows up in gedit, just as any graphical program would when started from command line. Note that the document that is being edited remotely, and the program that is holding it open is also protected by the VNC session. A network outage will not affect it, we can simply reconnect and continue work on the text, even if our client machine experiences unrecoverable error, and we forgot to save our work for the last few hours. Naturally the VNC server will not protect from the failure of the machine it is running on.