/
VNC over SSH

VNC over SSH

eNOTE: The X2Go Client is an easier alternative to VNC over SSH

This example is one method of setting up a secure VNC session tunneling over SSH. It assumes a VNC server has been installed on the remote system.


First SSH into the remote system configure the VNC session and start VNC server

  • Run the command vncpasswd to create a VNC session password. It is separate than your login password, but can be set the same
    • The vncpasswd command can also change/reset an existing password
    • The vncpasswd command will create a ~/.vnc directory if it does not exist
    • If needed, edit the file ~/.vnc/xstartup
      •  xstartup example

        #!/bin/sh

        unset SESSION_MANAGER
        unset DBUS_SESSION_BUS_ADDRESS
        gnome-session &

    • Start vncserver

      •  If vncserver uses systemd (example using tigervnc)
        • Add user to /etc/tigervnc/vncserver.users
          • Start vncserver for user port: sudo systemctl start vncserver@:x
          • (optional) Set the vncserver to start on system (re)boot: sudo systemctl enable vncserver@:x
      •  If vncserver does not use systemd
        • Check if any VNC ports are in use using the command ‘vncserver -list’ . Any active VNC ports will be listed like :1 or :2. By default VNC runs on port in the range 590x
          • Each VNC session runs on a unique port so to start on port 5902 use the command: 
            • vncserver :2 -localhost no
            • NOTE: if VNC session is already running on port :2, try a higher port number like :7 or :8
          • The VNC server can be stopped with the command:
          • vncserver -kill :2
          • The VNC session resolution can be set using the -geometry option. Stop vncserver before starting a new session.
            • vncserver -kill :2
              • vncserver :2 -localhost -geometry 1280x1024



macOS

After the vncserver is running, on the Mac open the Teminal app in the Applications → Utilities folder

Create a SSH tunnel to remote VNC session using the command:

ssh -L 8888:127.0.0.1:5902 <username>@<servername>.ae.utexas.edu
  • 8888 is the local port number
  • 5902 is the remote VNC session port created above

Select "Connect to Server..." under the Go menu in the Finder. Enter the server name:

 vnc://localhost:8888

Enter your VNC session password

 VNC session password


Windows

Download and unzip MobaXterm Home Edition (portable edition) 

Open MobaXterm and start local terminal

After the vncserver is running, in MobaXterm select the Session icon to configure the VNC session

 session image

Select VNC and enter name or IP address of the VNC server in the remote hostname and select the port the vncserver was started on like 5902 in the example above

 VNC Server


Select the Network settings tab in the image above, then select the SSH gateway (jump host)
In the Gateway host info, enter the VNC server name and your logon name. 

 session settings 1 image

Select the Bookmark settings and change the session name from localhost to the remote system name

 session settings 2 image

When you connect (execute) the session, it will first ask for your remote system password, then ask for your vncpasswd

 start session image

 remote system password image

 vncserver password image






Related content

Macintosh Remote Desktop Access via Screen Sharing
Macintosh Remote Desktop Access via Screen Sharing
More like this
Remote Access to a computer on a NAT network
Remote Access to a computer on a NAT network
More like this
Using the SSH Gateway (SSHG)
Using the SSH Gateway (SSHG)
More like this