How to set up your own VNC server on Ubuntu Linux. Connecting to a remote computer via VNC

Remotely controlling a computer sounds intriguing, but only for those who have not encountered this before. In fact, this service has been around for a long time and is widely used by professionals. Many developers of various programs initially implement this feature into their products so that they can quickly help customers deal with problems or software settings. With high-speed Internet, this happens very easily and quickly. However, sometimes there is a need to help acquaintances, friends or relatives, especially if these are older people who have picked up a mouse for the first time. Also, from time to time you urgently need to get to your home computer, for example, when you forgot to download an important presentation to a flash drive, or, while in another city, you want to show your friend your photos from your last trip to the Urals.

UltraVnc is another program for remote computer control.
Advantages: free and supports both Windows and unixOS (for example Linux).
Flaws: a bunch of scary settings in English.

So, the eyes are afraid, but the hands do. Download the latest version from the official website www.uvnc.com or download. Let's launch. Select server and viewer. The server is installed on those computers to which we will connect, and the viewer on those from which we will connect.

« Install service" And " Allow Ctrl+Alt+Del" Yes.

Field " Incoming Connections" - "Incoming connections."

Accept Socket Connections- turn it on (i.e. don’t touch it).

Display- shows the port number (theoretically). We don't touch it.

Ports– let the car remain.

Enable JavaViewer(HTTP connect) - enable java viewer (via browser). Yes.

Allow Loopback Connections- allow connection through a “loop” (as if not by yourself for the test). We leave it.

Loopback Only- only a “loop” - nothing else will work. No.

Field “Authentication” - “Authentication” (confirmation of identity/rights).

VNC Password- control password (in English).

View-Only Password– password for viewing only (in English). It would be nice to set it up as different from VNC.

Require MS Logon— uses windows accounts. We don't tick the box.

Field “File Transfer” - “File transfer”. Yes, it will come in handy.

Field “DSM Plugin” - data encryption. Whatever you want, I don’t bet.

Field “When last client disconnects” - “When the last client is disconnected.”

- Nothing to do. We choose.
— Block the computer.
— End the session.

Field “Keyboard&Mouse” - “Keyboard and mouse”. I don't post anything.
— Disables the mouse and keyboard of the person who connects.
— Disables the mouse and keyboard of the person to whom it is connected.
— Japanese keyboard.

Field “Query on incoming connection” - “Request for an incoming connection”.
Asks the user if he allows a connection to it.
Display Query Window— message display time. If the user didn't click anything:
— Refuse– connection failure.
— Accept– connection resolution.

Field "Multi Viewer Connections" - " Simultaneous connection several clients."
— « Disconnect all existing connections"—disable the last one after connecting the new one. We leave it.
— « Keep existing connections» — hold all connections.
— « Refuse the new connection“- the item means that there is a ban on a new connection, although in practice there is no ban.
— « Refuse all new connections» - do not allow new connections if one already exists.

Field "Misc. “- there are all sorts of useful things for convenience, speeding up work, reducing traffic.
— Remove Aero (Vista)- disable Aero (3D, transparency and other “decorations”). Let's celebrate.
— Remove Wallpaperfor Viewers- removes wallpaper from the desktop. We put a tick.
— EnableBlank Monitor Viewer Request- disabling the monitor of the managed computer. This option It's not working properly, so I uncheck it.
— Disable Only Inputson Blanking Request- only prohibits input from the server console, but the screen does not close.
— Enable Alpha-Blending Monitor Blanking- another option to disable the server monitor. Use if there are problems with the first option.
— Capture Alpha-Blending- ability to see the included video. It works with glitches, but is a very useful function when you need to view video cameras, for example. Let's celebrate.
— Disable Tray icon- disables the tray icon. Let's celebrate.
— Forbid the user to close down WinVNC- prohibits disabling the server. We put a tick.
— Default Server Screen Scale- screen scale when connected. We leave 1/1.

Field “Logging” - “Creating a log file”
Log debug infos to the WinVNC.log file- writes the server log. No need.

The settings are set, click Apply and OK.

Three icons appear on the desktop: viewer ( Ultra VNC Viewer), server (Ultra VNC Server) and settings (Ultra VNC Settings).
Open “Settings” and we can change them here. But there is one new setting « ScreenCapture"—screen capture. Allows you to take screenshots of your desktop.

Field “Capture Options” - “Capture options”. — Poll Full Screen– the whole screen.
— Poll Foreground Window– active window.
— Poll Console Windows Only– console window only.
— Poll On Event Only–event window only.
— Poll Window Under Cursor– window under the cursor.
— LowAccuracy(low accuracy) - gives an increase in speed at the expense of accuracy.

Field "Advanced" - "Advanced".
Use System HookDll- the option makes sense on Windows 9x.
Video Hook Driver- use the video capture driver. Provides best performance on Windows XP, Vista, 7.
Show Primary Display— show the first screen.
Show Secondary Display– show second screen.
Capture Alpha-Blending– video image capture.
Remote Aer While connected– disable Aero when connected.
Remote Wall paper While connected– disable desktop wallpaper when connected.

Double clicking on the “server” icon (Ultra VNC Server) starts the server if it is not already running.
Now we launch the “viewer” (Ultra VNC Viewer).

The “Quick Options” field configures the connection speed.
We leave the car. There are also settings:
— View Only– viewing only. Only when peeking.
— Auto Scaling– there are no scroll bars; when you move the mouse down, the screen moves on its own. Let's put it.
— Confirm Exit— confirm exit. No need .

In general, we don’t need anything else, so we enter the computer’s IP address ( How to find out the IP address of your computer, see), on which there is an already configured server (UltraVNCServer) and click “ Connect" After asking for a password, we get to the computer we need.

(Visited 28,161 times, 7 visits today)

We present to your attention a new course from the team The Codeby- "Penetration testing of Web Applications from scratch." General theory, Environment Preparation, Passive Fuzzing and Fingerprinting, Active Fuzzing, Vulnerabilities, Post Exploitation, Tooling, Social Engeneering and much more.

Virtual Network Computing (VNC) allows for shared access to other remote users to the localhost desktop environment over the network. To provide desktop access, a VNC server must be running on the local host, and remote users connect to the VNC server using some kind of VNC viewer client.

In this tutorial I will explain how to set up a VNC server on Linux. For this I will be using vino, a VNC server software for the GNOME desktop environment.

To install the VNC server vino on a machine with Debian, Ubuntu or Linux Mint:

$ sudo apt-get install vino

To install the vino VNC server on a machine running Fedora, CentOS or RHEL:

$ sudo yum install vino

After installation, you can run vino and enable the VNC server by entering the vino-preferences command.

$vino-preferences

The above command will open the vino settings window to access the desktop as shown below. In the window where “Sharing” is located, check the box to allow other users to see your desktop. You can also set a VNC password. When the settings are done, this window can be closed.

In theory, the vino-preferences utility itself should start the VNC server. If the VNC server is not running for some reason, you can start the VNC server manually as follows.

$ /usr/lib/vino/vino-server &

On the latest Linux Mint with the Cinnamon desktop, vino-preferences are known to be missing. To enable VNC settings server in Mint on the Cinnamon desktop, use dconf-editor instead, as described here.

You can check if vino is running by typing the following command.

$ sudo netstat -pl | grep vino tcp 0 0 *:5900 *:* LISTEN 3246/vino-server tcp6 0 0 [::]:5800 [::]:* LISTEN 3246/vino-server tcp6 0 0 [::]:5900 [:: ]:* LISTEN 3246/vino-server

As you can see above, vino-server is running on TCP port with numbers 5800 and 5900. You can use any software with VNC client function to connect to the VNC server.

If the VNC server is configured so that you must confirm each VNC access to your desktop, you will see the following pop-up message every time a VNC connection request is received. Only after you enable VNC will the VNC client be able to access your desktop.

How to help your users access a multi-user Linux system from anywhere

VNC and X server architecture

The graphical user interface (GUI) in Linux® uses the X Window System (abbreviated X). X is an unusual GUI in several respects, notably because it is natively a network interface. X server, in essence, is a program network server. Network server programs provide client programs with access to local resources, and this is true for the X server as well. The peculiarity is that in the case of the X server, “local resources” are the display, keyboard and mouse with which the user works. In the most common configuration, X client programs run on the same computer as the server. Thus, LibreOffice, the GNU Image Manipulation Program (GIMP), or other programs are X clients that use X network protocols to accept data from the user and display the results on the same computer.

However, when X is used on a network, the user sits at an X server computer, and the X clients are programs that need to be run on another computer. This configuration requires a second network protocol to establish the connection. This second protocol could be telnet, Secure Shell (SSH) or X Display Manager Control Protocol (XDMCP). The server for this remote login protocol runs on the X client computer, and the remote login client runs on the X server computer. The remote login server runs X clients, which in turn establish a connection to the X server. illustrates this interaction. Dotted arrows indicate the beginning of the session. (With XDMCP, the XDMCP client is built into the X server program.)

Figure 1: Remote Access X requires a client and server on both computers

This configuration works great in many local networks, but is not without its shortcomings. For example, it requires a two-way network protocol to be initiated, which may be prevented by a firewall or Network Address Translation (NAT) router. (SSH removes this obstacle by allowing X sessions to be tunneled.) Additionally, although X servers exist for most platforms, they are not typically installed on computers running Windows control®. For these and other reasons, many people prefer to use another protocol, Remote Frame Buffer (RFB), which is implemented in the Virtual programs Network Computing (VNC).

VNC is a cross-platform tool that allows remote access to Linux, UNIX®, Mac OS X, Windows and other systems from any type of client. The user sits at the client computer and accesses the remote server computer. In Linux, a VNC server either mirrors the contents of the local X server screen to a remote computer, or contains its own own X server, capable of running independently of whatever controls the local screen. The result is shown in Figure 2. Again, the dotted arrow indicates the start of the session. This configuration eliminates the need for reverse network connection, and since VNC clients and servers are available for many operating systems, the same client program provides access to any server.

Figure 2. The VNC server includes an X server that can communicate with local programs via X client

The disadvantage of VNC is that RFB authentication is based on passwords without usernames. So each user must start an independent VNC server session and establish a connection to that VNC instance by specifying correct number port. This requirement is tolerable for a single-user system, but causes extreme inconvenience when working on a multi-user computer.

To solve this problem, you can combine these two approaches: reconfigure the local XDMCP server so that it helps the X server built into VNC provide the missing multi-user authentication. (The resulting configuration is illustrated in Figure 3. The dotted arrow indicates the start of the session.) Now that remote users VNC accesses the VNC server's computer, and they can enter usernames and passwords to access their own unique VNC sessions, so that as many users can access the computer as they want.

Figure 3: Adding XDMCP to a VNC configuration provides increased flexibility

Setting up a VNC server

There are several ways to run VNC, including using scripts, binding VNC to your desktop environment using desktop instruments and using xinetd to listen to VNC connections. This latter approach is described here because it allows VNC to run in a way that can use an XDMCP server. Before moving on to the instructions for setting up VNC to run through xinetd, you must select a VNC server.

Selecting a VNC server

There are several VNC server programs. (See section). Some of the most popular are TightVNC, TigerVNC and RealVNC. This article uses TightVNC as an example. Unfortunately, configuration details are both server and distribution specific, so the instructions here will need to be tailored to your software.

Installing xinetd

Many distributions install the xinetd superserver by default, but not all. Because the method described here assumes the use of xinetd, you must install xinetd if it is not already installed. On most distributions, xinetd can be installed using a package manager, for example by calling apt-get install xinetd on distributions on Debian based or zypper install xinetd in openSUSE.

You may also need to configure the xinetd startup process. Typically, you can use the System V (SysV) startup script for a one-time startup:

# /etc/init.d/xinetd start

For settings automatic start xinetd, when booting a computer, requires knowledge of the operating methods of startup scripts for your distribution. Typically this is done with a utility such as chkconfig (used on Fedora, openSUSE and related distributions), update-rc.d (used on Debian and related distributions) or rc-update (used on Gentoo), something like this:

# chkconfig xinetd on # update-rc.d xinetd enable # rc-update add xinetd default

Enter only one from these commands or find the equivalent for your distribution.

Note that xinetd may not start if it is not configured to run any services. So you may have to wait to run it until you have configured xinetd to manage your VNC server.

Setting up xinetd

Servers to be managed by xinetd place configuration files in the /etc/xinetd.d directory. Thus, to configure xinetd to manage VNC, you need to create or edit a file with the name type /etc/xinetd.d/vnc.(On some distributions, such as openSUSE, the VNC server package installs such a file.) Listing 1 shows an example.

Listing 1. Example of VNC configuration for xinetd

service vnc ( disable = no socket_type = stream protocol = tcp wait = no user = nobody server = /usr/bin/Xvnc server_args = -inetd -once -query localhost -geometry 1024x768 -depth 16 type = UNLISTED port = 5900 )

This entry specifies several xinetd options, most of which should be left as is. Listed below are the settings that may need to be configured.

• service. VNC with different parameters can be run on multiple ports, but in this case, in the first line of Listing 1, you need to give VNC a separate service name for each port.
• server. This parameter needs to be changed to point to the main binary file VNC server, which is usually called Xvnc.
• server_args. You will almost certainly want to change some of these values, as described below.
• port. VNC uses port numbers 5900 and above. You can run the server with different parameter values ​​through different ports. In this case, each instance must be assigned its own port number.

The trickiest part of setting up xinetd is setting the server arguments. You can use the arguments shown in Listing 1 as a model, changing some of them.

• -query localhost . This option specifies that the VNC X server should check the localhost system for XDMCP authentication. It can be changed if you want to use one computer as a translator to access the programs of another.
• -geometry 1024x768 . This option sets the virtual resolution of the VNC session. Note that this resolution does not have to match that of a regular X server running on the server machine. You can create multiple entries running at different resolutions so that users can log into the VNC server at the resolution that suits their needs. local systems.
• -depth 16 . This parameter sets the color depth. The lower the value, the faster the display updates, but on a screen with big amount colors may be distorted. Range acceptable values from 2 to 32.

There are many other options, and some of them depend on the VNC server. Refer to your VNC server documentation.

Setting up an XDMCP server

Most Linux distributions configure their XDMCP servers to only manage the local display. To enable remote access, you need to reconfigure the XDMCP server to accept access requests from a VNC server running on the same computer. The details depend on the XDMCP server. The three most commonly used on Linux are GNOME Display Manager (GDM), Light Display Manager (LightDM), and KDE Display Manager (KDM). Other XDMCP servers, such as XDM, require different settings than those described here. In any case, after reconfiguring the XDMCP server, you will have to restart it.

Editing the XDMCP Configuration File

If you are not sure which XDMCP server is being used on your system, you can determine this by viewing the process listing using the dm line, for example:

$ ps ax | grep dm 929 ? Ss 0:00 /usr/bin/kdm 962 tty7 Ss+ 0:19 /usr/bin/Xorg -br:0 vt7 -nolisten tcp -auth \ /var/lib/xdm/authdir/authfiles/A:0-pp4shb 30157 pts/3 S+ 0:00 grep --color=auto dm

The first line of this printout states that KDM is running, so in order for VNC to use XDMCP, you need to edit that server's configuration file. The configuration files of most XDMCP programs follow the same format. They contain sections with names given in square brackets, such as . The lines following the section name specify parameters using an equal sign, for example: enable=true . Table 1 lists the configuration file names, section names, and parameters that must be defined for XDMCP to work on several common Linux XDMCP servers.

Table 1. Parameters that allow XDMCP to support VNC for different XDMCP servers

The XDMCP section in the configuration file may be completely missing. If present, it may explicitly disable XMDCP support, contain commented out options, or be empty. Regardless initial state file, you must make sure that the XDMCP section is present and that support is enabled. As an example, let's look at configuring KDM to enable XDMCP:

Enable=true

Some distributions allow you to enable additional security measures that you may need to relax. One of them is a firewall. Firewall scripts are typically distribution-specific, so refer to your system's documentation for instructions on configuring a firewall. You want localhost to have access to port 177 and VNC clients to access port 5900 (or any other ports that are used for VNC).

OpenSUSE has additional file configuration, which controls some types of access, including XDMCP access: /etc/sysconfig/displaymanager. Open this file in text editor and find the following line:

DISPLAYMANAGER_REMOTE_ACCESS="no"

Change the value of this parameter to "yes" . If you leave "no" , the XDMCP server login window will not be displayed when connecting to a VNC server. In most distributions this change Not required: This file only uses openSUSE.

Restarting the XDMCP server

Once the XDMCP server is configured to support remote connections, it must be restarted. On distributions that start X via a SysV init file, such as Debian and Gentoo, this can be done using the restart option:

# /etc/init.d/gdm restart

On a system that uses a runlevel to run X, such as Fedora or openSUSE, you need to go to the text mode level (usually 3) and then back to the GUI level (usually 5):

# telinit 3 # telinit 5

Keep in mind that either approach logs you out of X, so save any work you've done in your X session before continuing.

Testing and Debugging

You can now log in from a remote computer using a VNC client. Most Linux distributions include the vncviewer command, so you can type:

vncviewer

To login remotename via VNC. If VNC is configured and working correctly, the result will be something like Figure 4. If you set up multiple VNC sessions on different ports, you can specify the VNC session number by passing it as part of the hostname. Enter:

vncviewer:3

To log into session 3 (via port 5903).

Figure 4. When configured to work with XDMCP, VNC provides the usual Linux prompt

If you do not see the XDMCP login screen when you run this test, you will need to debug. Below are some recommendations.

• If vncviewer reports that the connection was refused, it most likely means that the superserver on the VNC server machine is not configured properly. Check xinetd configuration and try restarting the superserver. It is also possible that the firewall is blocking access to the VNC server computer.
• If the VNC client starts and connects to the server, but you only see a gray screen with a cursor that can be moved, the problem is most likely with the XDMCP server configuration. Check the settings above and restart the XDMCP server.
• Review the event log files as you would normally do when debugging. You may need to search for all log files in the /var/log directory using links to your xinetd, XDMCP server, and VNC server.

VNC Security Issues

RFB is not a secure protocol; Most VNC clients and servers do not encrypt their data. (VNC encrypts its own passwords, but the approach described here does not use these passwords.) Be careful when choosing how and where to install VNC. If you want to use VNC in unsecured network, three options are possible:

• use virtual private network(VPN);
• tunnel protocol via SSH;
• Use a VNC option that supports encryption, such as TigerVNC with Transport Layer Security encryption capability.

When you enable VNC login windows as described in this article, external world At least two ports are opened (VNC and XDMCP). Both ports can be restricted by firewall rules to minimize the risk of abuse. Note that the XDMCP port (UDP 177) should only be open to localhost, so the firewall rule for it can be quite restrictive.

Conclusion

Overall, VNC and XDMCP connection is a useful method for providing remote login with graphical interface user for multi-user Linux computers. This method has advantages over directly applying XDMCP in a cross-platform environment or when there are problems caused by a firewall or NAT. On multi-user computers it is preferable to more common methods direct connection VNC. There are safety issues to consider when using this method. Be prepared to set up firewall rules to limit unwanted outside access, and use encryption if data is traveling over an untrusted network.

VNC (or Virtual Network Computing) is a system that allows you to use a graphical interface remote server. It can transmit screen updates and keyboard and mouse events over the network.

VNC is useful in situations where the server needs a graphical desktop environment.

XFCE is a lightweight graphical desktop environment. IN this manual XFCE will be used because it has low system resource requirements and many users are familiar with this tool.

Note: If you wish, you can use another desktop environment (Gnome or KDE, for example).

This guide will help you prepare Debian 8, install the desktop environment XFCE table and configure VNC. Additionally, the guide shows how to create a VNC server startup script and secure it via SSH.

Requirements

Pre-configured Debian 8 (or 8.1) with root access. 512 MB of memory will be enough to run VNC and XFCE. However, depending on your plans, you may need more memory.

VNC client on your computer to be able to connect to the server. The tutorial uses UltraVNC on Windows, but of course any other VNC client can be used. You can download UltraVNC from this link. OS X comes with its own VNC client, Screen Sharing.

SSH client for secure connection. On Windows, PuTTY will be used (download here). On OS X, use the built-in Terminal application.

1: Installing VNC and XFCE

First you need to install the VNC server and the XFCE desktop environment, as well as a few additional programs.

Update the server package list:

Now update the package list

apt-get -y upgrade

Install tightvncserver, XFCE4, several useful packages and icon-theme:

apt-get install xfce4 xfce4-goodies gnome-icon-theme tightvncserver

By default, the browser is not installed. You can install iceweasel (version Mozilla Firefox for Debian) to be able to browse sites:

apt-get install iceweasel

2: Create a user for VNC

Create individual user for VNC connections. It is recommended to use sudo instead of the root user.

To add a vnc user to the server, run the command:

Create a password for the new user. For other questions, you can simply press Enter to accept the standard information.

To install sudo, use the command:

apt-get install sudo

Add the new vnc user to the sudo group, which will give it root privileges.

gpasswd -a vnc sudo

Switch to the vnc user session:

3: Starting the VNC server

In a vnc user session, start the VNC server and test the connection.

When you first launch the program, you will be prompted to set a password for connecting to clients. Set a password and remember/write it down, you will need it later. You can also set a view-only password, which will allow users to see the screen but block interaction with it. Note: The password must be 6-8 characters long.

The current display number will appear on the screen:

xauth: file /home/vnc/.Xauthority does not exist
New "X" desktop is vnc:1
Creating default startup script /home/vnc/.vnc/xstartup
Starting applications specified in /home/vnc/.vnc/xstartup
Log file is /home/vnc/.vnc/vnc:1.log

By default, the first VNC connection is served on port 5901, the second on port 5902, etc.

Note: There is no need to stop the server at this stage. The command to stop the server is given below for your reference.

To stop the VNC server, run the following command on Display 1 (port 5901):

vncserver -kill:1

where: 1 is the number of the display that needs to be stopped.

If necessary, the VNC server can be started manually. Later we will show how to create a service for VNC.

4: Connection from the client

Now you can connect to VNC. To do this, use a local VNC client, which depends on the operating system.

On Windows you can use UltraVNC.

OS X provides a built-in Screen Sharing application for this. You can also use Safari. To do this, enter:

vnc://yourserverip:5901

For the VNC server address, enter:

yourserverip:5901

and enter the newly selected password for VNC connections.

Now you can use the remote desktop.

5: Creating a service for VNC

Now you can create a service by adding VNC to system. Services allow you to start and stop the VNC server, as well as start it automatically when the virtual server is rebooted.

Stop the current interface:

vncserver -kill:1

Create a simple script to control a VNC server.

In a vnc user session (or any other user with sudo rights), create a script file.

Paste the following code into it without changes. This script contains several parameters to start VNC.

#!/bin/bash
PATH="$PATH:/usr/bin/"
DISPLAY="1"
DEPTH="16"
GEOMETRY="1024x768"

case "$1" in
start)
/usr/bin/vncserver $(OPTIONS)
;;
stop)
/usr/bin/vncserver -kill:$(DISPLAY)
;;
restart)
$0 stop
$0 start
;;
esac
exit 0

You can modify the script slightly to adjust the VNC color depth.

In the nano text editor, press CTRL+O to save and CTRL+X to close the file.

Make the file executable:

sudo chmod +x /usr/local/bin/myvncserver

This script allows you to edit settings and quickly start and stop the server.

Note: If necessary, the script can be started/stopped manually.

sudo /usr/local/bin/myvncserver start
sudo /usr/local/bin/myvncserver stop
sudo /usr/local/bin/myvncserver restart

Now we can create a file for the service to describe it and tell the machine how to start/stop/restart that service.

sudo nano /lib/systemd/system/myvncserver.service

Copy the following code to a file. This service will simply call the previously created launch script.

Description=Manage VNC Server on this droplet
Type=forking
ExecStart=/usr/local/bin/myvncserver start
ExecStop=/usr/local/bin/myvncserver stop
ExecReload=/usr/local/bin/myvncserver restart
User=vnc
WantedBy=multi-user.target

Restart systemctl and enable the service:

sudo systemctl daemon-reload
sudo systemctl enable myvncserver.service

So now the service is enabled. Use following commands to control the service using systemctl:

sudo systemctl stop myvncserver.service
sudo systemctl restart myvncserver.service

Start the VNC server as a service.

6: Securing VNC with SSH Tunneling

By default, VNC connections are not encrypted. Therefore, it is recommended to use an SSH tunnel to protect data.

To do this, you need to allow VNC to run only on the local host. Add the -localhost flag to the OPTIONS line in the script you created earlier.

Stop the VNC server:

sudo systemctl stop myvncserver.service

Edit the script:

sudo nano /usr/local/bin/myvncserver

Find this line:

. . .
OPTIONS="-depth $(DEPTH) -geometry $(GEOMETRY) :$(DISPLAY)"
. . .

And replace it:

. . .
OPTIONS="-depth $(DEPTH) -geometry $(GEOMETRY) :$(DISPLAY) -localhost"
. . .

Then start VNC:

sudo systemctl start myvncserver.service

Now you can connect to the VNC server from a remote computer.

For Windows users

To create an SSH tunnel, use PuTTY.

Open PuTTY.

In the left menu, go to the Connection->SSH->Tunnels section.

In the Add New Forwarded Port section, specify port 5901 as the Source port, and in the Destination field, specify localhost:5901. Click Add.

Then open the Session section and enter your IP address in the Host Name (or IP address) field. To connect, click Open.

Open a vnc session. Do not close the PuTTY window until the VNC connection is established.

Then use the VNC client. Just enter localhost::5901 and put the SSH connection in the background.

For OS X users

To create an SSH tunnel, enter in the terminal:

ssh vnc@your_server_ip -L 5901:localhost:5901

Authenticate. Then specify localhost:5901 for Screen Sharing.

Conclusion

You now have access to the shared remote desktop on Debian server 8, which can be used to set up a server or collaborate.

Tags: ,