Friday, March 29, 2019

Setup VNC Server on Ubuntu: Complete Ubuntu Remote Desktop Guide

Setup VNC Server on Ubuntu: Complete Ubuntu Remote Desktop Guide

VNC server on Linux servers can greatly simplify remote administration. One of the scariest things about Linux for most people is the use of commandline line work. SSH remains the most commonly used remote administration tool. But if you are not too comfortable with SSH and commandline, you may want to setup VNC Server on Ubuntu or other Linux servers.
Setting up a Linux server is a handy way of managing your files over your home network. Setting up an NFS share or SAMBA share on a home server is a common application, among other home server uses.. However, you might want to be able to access USB drives connected to your server or get access to other Ubuntu programs remotely. For this, we will be using Tight VNC server for Linux. combined with apps such as a Guacamole, you can now have remote desktop access to your server from anywhere using a HTML5 enabled browser.
Sounds exciting? In this post, I will show you how to setup VNC server on Ubuntu 18.04 Bionic Beaver. I will also show you to use VNC viewer in order to access your home server remotely.

What is VNC – Virtualizing with VNC

VNC stands for Virtual Network Computing and is a great way of accessing your server remotely. VNC is platform-independent, having clients and servers for many operating systems using a graphical user interface (GUI). VNC is a protocol like SMB or NFS. Unlike these protocols, VNC has different variations, all with different features and price points.
Since we’re interested in free and open-source here at SmartHomeBeginner, we’ll be using TightVNC for this guide. There are other options such as tigervnc, vnc4server, and x11vnc. But TightVNC is one of the most common ones, it is tried and test low no RAM usage, and generally considered a great solution.
TightVNC is a free VNC software package that allows users to utilize the VNC protocol on their network. In other words, this will allow you to view a desktop GUI on your server from another laptop, on your smartphone, or even on the internet using SSH or Guacamole as shown below. So let’s see how to install VNC Server on Ubuntu.
Setup VNC Server on Ubuntu - Guacamole VNC Viewer
Ubuntu VNC Server Remote Access through Chrome using Guacamole

Step 1: Prepare your System for Ubuntu VNC Setup

Before installing VNC on Ubuntu let’s update the system. First, gain access to your server’s command line. This can be done through SSH remotely, terminal if you are on the server, or whatever method you usually use. Once you’ve gained access to your server, make sure you have the latest packages using the following two commands:
sudo apt-get update
sudo apt-get upgrade

Step 2: Install a Lightweight Desktop Environment

Depending on what flavor of Ubuntu you are using, you may already have a desktop environment. If not, we will have to install a desktop environment. We have previously covered several lightweight desktop options for Ubuntu Server. You only need one of the following options.

Xfce Desktop Environment

Xfce is my favorite desktop environment for home servers. It is very lightweight by nature, easy to use, and is one of the top choices for a VNC server.
sudo apt-get install -y xfce4 xfce4-goodies
Note: adding ‘-y ‘will stop the system giving information about the package sizes, and asking if you want to continue. Remove this if you need to keep an eye on space usage.
Alternatively, you could configure VNC server on Ubuntu with Xubuntu Core. Xubuntu-Core looks visually appealing and yet lightweight without apps such as IM client, mail client, etc. that are not needed on a server.
sudo apt-get install -y xubuntu-core^
Note: The caret(^) at the end of the above command is not a mistake.
Xubuntu-Core is the DE installed on my new Ubuntu 18.04 Server built using Docker.

Gnome Desktop Environment

If you want to go with, Gnome, the default desktop environment that ships with Ubuntu then I suggest installing a lighter version of Gnome using the --no-install-recommends switch.
sudo apt-get install --no-install-recommends ubuntu-desktop gnome-panel gnome-settings-daemon metacity nautilus gnome-terminal -y
If you want the full desktop with all the bells and whistles then you can remove --no-install-recommends switch.

Step 3: Install VNC Server on Ubuntu

Now that our system is updated and has a desktop environment, we are ready to setup VNC Server on Ubuntu. To install VNC server on Ubuntu, use the following command:
sudo apt-get -y install tightvncserver
Once TightVNC installation completes, it’s time to configure VNC server on Ubuntu according to your preferences.

Step 4: Configure VNC Server on Ubuntu

After you setup VNC Server on Ubuntu, there are things that need to be configured: VNC password and VNC session information. To configure VNC server on Ubuntu you need to first start it once using the following command:
vncserver
You will be prompted to enter a password for TightVNC (as shown below), and if you want, a read-only password. A read-only password is great if you want to share your screen with others.
Setup VNC Server on Linux home server
Set password for TightVNC server
Before configuring VNC Server for a specific desktop, you will have to kill all running instances of the TightVNC server. The highlighted number in the image above should be used in place of “X” in the below command
vncserver -kill :X 
X starts at 1, so you’ll need to kill all instances. If you’re unsure how many instances you have running, just enter:
ps -ef | grep Xtightvnc
The results of this output are below. Highlighted in yellow are the X values you will need to use with the vncserver -kill :X command.
Install VNC Server on Ubuntu - Find running instances
How to find all running instances of TightVNC
Before proceeding, lets make a copy of your existing / default VNC configuration using the following command:
cp ~/.vnc/xstartup ~/.vnc/xstartup_backup

Configure VNC Server for Xfce Desktop

This should work for both Xfce or Xubuntu desktop. To configure TightVNC to use Xfce, enter the following:
nano ~/.vnc/xstartup
Then, edit the file to make it look like what is shown below (you can copy-paste):
#!/bin/sh
def
export XKL_XMODMAP_DISABLE=1
unset SESSION_MANAGER
unset DBUS_SESSION_BUS_ADDRESS

xrdb $HOME/.Xresources
xsetroot -solid grey

startxfce4 &
Then hit Ctrl + X, and then Y to save and exit Nano. A grey screen is a commonly encountered issue while setting VNC server on Ubuntu. The 4 lines after the #!/bin/sh should help solve this problem. The last line startxfce4 & starts the full Xfce desktop available through VNC viewer. If you want only specific apps available through VNC, you can replace startxfce4 & with the following:
thunar &
xfce4-panel &
xterm &
You can add any number of Xfce applications to the list above. You may find various packages available for addition here.

Configure VNC Server for Gnome Desktop

If you decided to go with the default Gnome desktop, here is how to configure your ~/.vnc/xtartup file:
For full Gnome Desktop:
#!/bin/sh
def
export XKL_XMODMAP_DISABLE=1
unset SESSION_MANAGER
unset DBUS_SESSION_BUS_ADDRESS

xrdb $HOME/.Xresources
xsetroot -solid grey

gnome-session &
To make only specific applications available through a VNC session, replace gnome-session & with the following:
gnome-panel &
gnome-settings-daemon &
metacity &
nautilus &
Again, you may add or delete applications to the list above. That’s it you are done configuring VNC server.

Step 5: Start VNC Server on Ubuntu

Ubuntu VNC Server setup is now done. To start VNC Server on Ubuntu, use the following command:
vncserver
By default, VNC server shows content in low resolution. If you want a higher resolution, you can specify the resolution while starting VNC Server, as shown below:
vncserver -geometry 1280x720 -depth 24
Replace 1280x720 with whatever resolution you prefer. Note that higher resolution and color depth can degrade performance.

Step 6: Use VNC Viewer

If you want the challenge of using commandline, you may want to read our introduction to SSH And htop. For all others, there is VNC Viewer. Let’s continue to configure VNC.
To connect to your home server through VNC, you need to know the IP address of the VNC server. In the command line on your server, enter:
sudo ifconfig
This will provide you with the information you will need to use VNC Viewer. Make note of the IP address displayed by the output of the above command, as shown below:
Get IP address of TightVNC Server
Get IP address of TightVNC Server
Viewing your remote VNC server depends on the client platform (Windows, Linux, Mac, Android, etc.). Follow the instructions applicable to your platform. Download the VNC Viewer client for your platform from here. MobaxTerm is my favorite SSH client on Windows and it does VNC too.
There are also iOS and Android apps available from your respective app stores. Alternatively, you can configure Guacamole and access your server through any HTML5 browser.

Insecure VNC Connection – Local Use

Connecting directly using IP address and port is insecure. But this may be acceptable in your home network. Enter the IP address you found in the previous step – the default port is 5901 (for server instance 1). You will then be asked for a password, which you set earlier:
How to use VNC viewer
Configuring VNC Viewer
Once you enter your password, you will have access to desktop and can control and interface your desktop, remotely.
VNC Server for Linux
Xfce Desktop

Secure VNC Connection using Secure Shell – Remote Use

What do you do if you are away from your server’s network and want to connect to your VNC Server through the internet? You can set port forwarding on your router to forward port 5901 to your VNC Server and then connect remotely using the VNC client by providing your VNC Server’s WAN IP address or domain name if you have one. However, it is strongly recommended that you do not make your VNC server directly open to the internet. This is a big security risk. The recommended method is to route your VNC connection through an SSH tunnel.

SSH Tunnel for VNC on Linux Client

Establish an SSH Tunnel using the following command:
ssh -L 5901:localhost:5901 -N -f -l USER IP/DOMAINNAME
Replace USER with the username on your VNC Server and IP/DOMAINNAME with your server’s WAN IP address or a domain name if you have one. What the above command does is that it routes port 5901 on localhost to port 5901 on the remote host (IP/DOMAINNAME) through a secure tunnel. All information is transferred through this secure tunnel, protecting your privacy and security.
The -N option is a security measure to allow only port forwarding and not execute any command on the remote server. The -f option makes SSH go to the background just before command execution.
You should now be able to fire up your Linux or Ubuntu VNC client and establish a VNC session with localhost as hostname and 5901 as port.

SSH Tunnel for VNC on Windows Client

On Windows, you could use PuTTY to setup a VNC session through a secure tunnel. Open PuTTY and (1) create a new SSH session as shown in the picture below. Provide an IP address, hostname, or a domain name (2) and finally provide the SSH port (3).
New SSH Connection on PuTTY
New SSH Connection on PuTTY
Then navitage to Tunnels (4), provide 5901 as the port on the source VNC server (5), provide localhost:5901 as the port on the local system (6), and finally click Open (7) to create an SSH tunnel for VNC.
SSH Tunnel for VNC using PuTTY
SSH Tunnel for VNC using PuTTY
Then open up any VNC Viewer (there are several free ones) and start a new VNC session with localhost as hostname and 5901 as port.

Secure VNC Using HTML5 Browser from Anywhere

There is another option that I really like for remote VNC connections from the internet: Guacamole. I came to know about this app while building my Docker Media Server and I love it. Guacamole not only allows VNC sessions using an HTML5 browser (most modern browsers) but it also allows SSH, SFTP, and RDP (remote desktop to Windows systems). With guacamole, I do not need a VNC client/viewer. All I need is a browser.
Setting up Guacamole is out the scope of this guide. But I will cover this as a separate guide in future. If you take this route, I strongly recommend setting up 2-factor authentication using services such as DUO, for security.

Step 7: Autostart VNC Server

There are two ways to autostart VNC Server on Ubuntu.

Autostart VNC Session using Cron

The easiest way to auto start VNC Server is through crontab and making it start during reboot. To do this, edit your cron list using the following command:
crontab -e
If you are asked to select an editor, choose /bin/nano or any other editor you are comfortable with. Then add the following line to the end of your cron list:
@reboot vncserver -geometry 1280x720 -depth 24 :1
Now, VNC Server should start automatically during boot and be available for you at port 5901.

Autostart VNC Server using SystemD Service

Cron restart method may not work for everybody because it does not create a service, which means you cannot start, stop, or restart VNC server. You will have to kill it and start again. Creating a service, on the other hand, gives you that ability.
Create a service file for VNC server using the following command:
nano /etc/systemd/system/vncserver@.service
Add the following contents to it. Replace USER with your username in two locations. Press Ctrl+X, Y, and finally Enter to save and exit nano editor.
[Unit]
Description=Start TightVNC server at startup
After=syslog.target network.target

[Service]
Type=forking
User=USER
PAMName=login
PIDFile=/home/USER/.vnc/%H:%i.pid
ExecStartPre=-/usr/bin/vncserver -kill :%i > /dev/null 2>&1
ExecStart=/usr/bin/vncserver -depth 24 -geometry 1280x720 :%i
ExecStop=/usr/bin/vncserver -kill :%i

[Install]
WantedBy=multi-user.target
Reload services using the following command:
sudo systemctl daemon-reload
Finally, enable VNC Server using the following command:
sudo systemctl enable vncserver@1.service
Now you will be able to start and stop VNC server using the following commands:
 
systemctl start vncserver@1.service
systemctl stop vncserver@1.service

Setup VNC Server on Ubuntu Linux – Final Thoughts

You may think that reading a 2500-word article to setup VNC Server on Ubuntu is a lot. But if you know what you are doing, it only takes about 5 minutes to install and configure VNC server.
The default resolution that Ubuntu TightVNC server provides is pretty ugly. Today’s internet speeds can support much higher resolutions. Therefore, I strongly suggest running your server at a higher resolution but may be lower depth.
Ubuntu is the most commonly used server OS, so in this guide, we chose to show how to setup VNC Server on Ubuntu. But this guide is essentially the same for most Linux operating systems.
If you do not like the commandline work then the truth you may not enjoy Linux. Once you become a good commandline user, you will appreciate the convenience of administering a server with just the keyboard and without having to move your hand to find a mouse. But if you still prefer a GUI, then I hope this Ubuntu VNC Server guide helped you.