VNC

From Noah.org
Jump to: navigation, search


Create a new X11 display and share via VNC

This creates a new X11 display that is shared via VNC:

vncserver

Set the virtual display size to 800x600:

vncserver -geometry 800x600 -depth 24

vncserver without a password

You may want to create a VNC display that does not require a password to connect. To set no password you need to run start `vncserver` with the following option, -SecurityTypes None. This is actually an option that is passed from `vncserver` to `Xvnc`. Not all versions of Xvnc support the "SecurityTypes" option. TightVNC 1.3.9 does not. RealVNC supports the "SecurityTypes" option, but you may need to use `vnc4server` instead of `vncserver` to start the VNC server. In the example below I use `vnc4server`.

vnc4server -geometry 800x600 -depth 24 -SecurityTypes None

Share an existing X11 desktop through VNC

If you want to expose a running X11 session over VNC use `x11vnc`.

simple

Just run it from the command-line with no arguments and then anyone can use a vnc client to use your desktop:

x11vnc

add a password

If you want to add a password to make it a little more secure:

x11vnc -passwd MYPASSWORD

It has lots of options to make password connections more secure, but this works well enough for a quick and dirty session.

Keep Listening

After the first client connection has exited x11vnc will also exit. If you want to keep the server running so that you can connect multiple times then use the -forever option.

x11vnc -forever

.x11vncrc

You can save all these options in a dotfile called .x11vncrc:

forever # keep listening for new connections after a client disconnects.

SSH Tunneling Simple

This is about the easiest way to connect to a remote machine desktop behind a firewall via VNC. In this exmaple, the remote server is called "remotehost.example.com". Login to the remote server and start `vncserver`.

vncserver -SecurityTypes None

You will get a response showing the display number.

New 'remotehost:1 (username)' desktop is remotehost:1

On your local server start `xvncviewer` with the -via option. Use the same display number found above with the localhost.

xvncviewer -via remotehost.example.com localhost:1

This automatically sets up local to remote port forwarding. Note that this is best for quick, one-time use sessions because there is no encryption and no password is required to connect.

SSH Tunneling Longer

Say you want to see the existing X11 desktop of a remote machine behind a firewall. The following command does two things. It creates a tunnel for port 5900 between the remote and local host. It also starts x11vnc on the remote host.

ssh -L 5900:localhost:5900 username@remote.example.com 'x11vnc -rfbport 5900 -display :0 -localhost'

Now fire up a vnc viewer on your local host:

vncviewer localhost:0

Note that you must have port 5900 free on both the remote and local hosts.

X11vnc actually defaults to 5900, so you don't need to specify the -rfbport option, but if you do not specify this option and port 5900 is not free then `x11vnc` will automatically pick another port. When you explicitly ask for a port then `x11vnc` will alert you with an error if the port is not free.

text mode VNC

Use linuxvnc to expose a text terminal to VNC clients. See also vncommand.

VNC Errors

channel 2: open failed: connect failed: Connection timed out

This is almost certainly due to a firewall restriction on the remote hosts that blocks the VNC port even for localhost connections. Check the iptables on the remote host for restrictions: `iptables -L`.

You may not see this error immediately. Running vncviewer may appear to freeze and do nothing. It will time-out after a few minutes. The annoying thing is that the SSH tunnel will not fail despite the fact that iptables is blocking connections to the localhost.

vncserver: couldn't find "xauth" on your PATH.

The PATH on the remote server was not set. Envoke the remote command something like this:

    'PATH=/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin vncserver'

SSH starts the remote command without envoking your environment, so you not have /usr/X11RB/bin in the PATH. Run `which xauth` to be sure you have to corrent path.