How to Install and Configure VNC Server in CentOS 7

In this guide we’ll explain how to install and configure VNC Remote Access in latest release of CentOS 7 and RHEL 7 Desktop edition via tigervnc-server program.

VNC (Virtual Network Computing) is a server-client protocol which allows user accounts to remotely connect and control a distant system by using the resources provided by the Graphical User Interface.

Unlike other VNC servers available which connects directly to the runtime desktop, such as VNC X or Vino, tigervnc-vncserver uses a different mechanism that configures a standalone virtual desktop for each user.

Requirements

  1. CentOS 7 Installation Procedure
  2. RHEL 7 Installation Procedure

Step 1: Install and Configure VNC in CentOS 7

1. Tigervnc-server is a program which executes an Xvnc server and starts parallel sessions of Gnome or other Desktop Environment on the VNC desktop.

A started VNC user session can be accessed by same user from multiple VNC clients. In order to install TigerVNC server in CentOS 7, open a Terminal session and issue the following command with root privileges.

$ sudo yum install tigervnc-server

2. After, you’ve installed the program, login with the user you want to run the VNC program and issue the below command in terminal in order to configure a password for the VNC server.

Be aware that the password must be at least six characters length.

$ su - your_user  # If you want to configure VNC server to run under this user directly from CLI without switching users from GUI
$ vncpasswd

3. Next, add a VNC service configuration file for your user via a daemon configuration file placed in systemd directory tree. In order to copy the VNC template file you need to run the following command with root privileges.

If your user is not granted with sudo privileges, either switch directly to root account or run the command from an account with root privileges.

# cp /lib/systemd/system/[email protected]  /etc/systemd/system/[email protected]:1.service

4. On the next step edit the copied VNC template configuration file from /etc/systemd/system/ directory and replace the values to reflect your user as shown in the below sample.

The value of 1 after @ sign represents the display number (port 5900+display). Also, for each started VNC server, the port 5900 will be incremented by 1.

# vi /etc/systemd/system/[email protected]\:1.service

Add the following lines to file file [email protected]:1.service.

[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target

[Service]
Type=forking
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/sbin/runuser -l my_user -c "/usr/bin/vncserver %i -geometry 1280x1024"
PIDFile=/home/my_user/.vnc/%H%i.pid
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'

[Install]
WantedBy=multi-user.target

5. After you’ve made the proper changes to VNC service file, reload systemd system initialization program to pick up the new vnc configuration file and start the TigerVNC server.

Also, check VNC service status and enable the VNC daemon system-wide by issuing the below commands.

# systemctl daemon-reload
# systemctl start [email protected]:1
# systemctl status [email protected]:1
# systemctl enable [email protected]:1
Start VNC Service

Start VNC Service

6. To list the opened ports in listening state owned by the VNC server, run the ss command, which is used in CentOS 7 to display network sockets. Because you’ve only started one instance of VNC server, the first open port is 5901/TCP.

Again, the ss command must be executed with root privileges. In case you start other VNC instances in parallel for different users, the port value will be 5902 for the second, 5903 for the third and so on. The ports 6000+ are used for allowing the X applications to connect to the VNC server.

# ss -tulpn| grep vnc
Verify VNC Listening Ports

Verify VNC Listening Ports

7. In order to allow external VNC clients to connect to the VNC server in CentOS, you need to make sure the proper VNC open ports are allowed to pass through your firewall.

In case just one instance of VNC server is started, you only need to open the first allocated VNC port: 5901/TCP by issuing the below commands to apply the firewall configuration at runtime.

# firewall-cmd --add-port=5901/tcp
# firewall-cmd --add-port=5901/tcp --permanent

Step 2: Connecting to CentOS Desktop via VNC Client

8. Being a platform independent protocol, remote Graphical User Interface VNC connections can be performed from almost any operating system with a GUI and a specialized VNC client.

A popular VNC client used in Microsoft based operating systems, fully compatible with Linux TigerVNC server, is the RealVNC VNC Viewer.

In order to remotely connect to CentOS Desktop from a Microsoft OS via VNC protocol, open VNC Viewer program, add the IP address and port number of CentOS VNC server and hit [enter] key.

After the VNC connection has been established a warning saying that the connection is not encrypted should be displayed on your screen as illustrated in the below screenshots.

VNC Viewer Client

VNC Viewer Client

VNC Viewer Client Connection

VNC Viewer Client Connection

9. In order to bypass the warning, hit on Continue button, add the password setup for the VNC server at point 2 and you should be remotely connected to CentOS Desktop with the user configured to run the VNC server instance.

VNC Server User Password

VNC Server User Password

VNC Remote CentOS Desktop

VNC Remote CentOS Desktop

10. In case a new Authentication message appears on your screen and your user has no root privileges, just hit Cancel button to continue to CentOS Desktop, as shown in the below screenshot.

VNC Server Authentication Warning

VNC Server Authentication Warning

Be aware that the established VNC communication between the server and client and any data exchanged (except the password) run over an unencrypted channel. In order to encrypt and secure the VPN data transfer, first you need to setup a secure SSH tunnel and run any subsequent VPN traffic over the SSH tunnel.

11. In order to remotely connect to CentOS Desktop via VNC protocol from other CentOS Desktop, first make sure that the vinagre package is installed on your system by issuing the below command.

$ sudo yum install vinagre

12. To open vinagre utility, go to Applications -> Utilities -> Remote Desktop Viewer as shown in the below screenshot.

Open Vinagre Tool

Open Vinagre Tool

13. To remotely connect to a CentOS Desktop, hit on Connect button, select VNC protocol from the list and add the IP address and port (5900+display number) of the remote VNC server. Also, supply the password setup for the VNC user as illustrated in the following screenshots.

Select Remote Desktop Protocol

Select Remote Desktop Protocol

Enter Remote VNC Details

Enter Remote VNC Details

Remote VNC CentOS Desktop

Remote VNC CentOS Desktop

14. Another popular VNC client for Linux based platforms is Remmina, is a remote desktop client is especially used in Debian-based distributions that run the GNOME desktop environment.

To install Remmina Remote Desktop client in Debian based distros issue the following command.

$ sudo apt-get install remmina

Step 3: Configure Multiple VNC Sessions in CentOS 7

15. In case you need to run a new parallel VNC session under the same user, open a Terminal console, log in with the user you want to start the new VNC session and execute the below command.

When you first start the server you will be asked to supply a new password for this session. However, be aware that this session runs with your logged-in user permissions and independently from the started systemd VNC server session.

$ vncserver
Start New VNC Session

Start New VNC Session

16. The new VNC sessions will open the next available VNC based ports (5900+3 display in this example). To display the opened ports, execute ss command without root privileges as illustrated in the below excerpt. It will list only the started VNC sessions owed by your user.

$ ss -tlpn| grep Xvnc
List VNC Open Ports

List VNC Open Ports

17. Now, remotely connect to CentOS Desktop using this new VNC session, supply the IP:port combination (192.168.1.23:5903) in VNC client as illustrated in the below image.

Connect to VNC Remote Desktop

Connect to VNC Remote Desktop

In order to stop the VNC server instances started with this logged in user permissions, issue the following command without any root privileges. This command will destroy all started VNC instances owned only by the user who stated them.

$ su - your_user
$ killall Xvnc

Read Also: Remotely Install CentOS 7 or RHEL 7 Using VNC Mode

That’s all! You can now access your CentOS 7 system and perform administrative tasks by using the graphical user interface provided by the operating system.

Best Affordable Linux and WordPress Services For Your Business
Outsource Your Linux and WordPress Project and Get it Promptly Completed Remotely and Delivered Online.

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Matei Cezar

I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

10 Responses

  1. Paul Moore says:

    Only one port functions. I am struggling with VNC connections for ports other than 5901. I introduced new hardware and I cannot determine which one is causing the problem. I believe it is my firewall but it would be my ATT router/modem talking to the firewall.

  2. Tom knotts says:

    I have been using the VNC server on Linux and Real VNC on remote Windows for 15 years and it has always worked beautifully. But something has gone wrong. Since my most recent yum update on my Centos 7.2 there is a problem.

    Whenever a graphical window inside the Remote Desktop is closed by me or the program that invoked it, Xvnc on Linux throws a segmentation fault 0x38 and Xvnc crashes. Apparently it is dereferencing a null pointer or some such. So those of you who follow these very finely written installation instructions may be in for a disappointment.

  3. Lionel says:

    Not everyone use (or can use) “yum” to install VNC or any other application !
    Can you indicate the mandatory RPMs individually so that one can install VNC manually ?

    Thanks

  4. Travis says:

    Hey Matei. Thanks so much. This was very detailed and clear to follow. It was working great and then after a reboot, I’m getting “Unable connect to socket: Connection refused (10061)”. Been googling around for a bit and can’t seem to find a solution for this. Reloaded systemctl, stopped it, disabled/enabled it, etc. and still getting no connection. Any thoughts on this?

  5. Joe F. says:

    I’m getting a large solid blue background, but no icons or menus.

    I can open the window, but can’t do anything inside of it, because none of the expected buttons, icons, task bars are visible.

  6. Rana faisal says:

    This configuration is not working, invalid argument in Unit and I don’t know what is the problem.

  7. Don says:

    How can you set this up so that it works on boot up? It seems it only works after you have made it past the login screen. So if I were remote, rebooting the machine then locks me out as I am not physically there to enter the user credentials into the Desktop login screen. Does that make sense?

  8. Mario Cajina says:

    Thank you very much! These were the best instructions I’ve found for setting up tigervnc-server on CentOS 7.x. It worked perfectly. Previous instructions I’ve found always leave out something, and even though I’ve gotten it to work, when I start the service I always get some errors. I didn’t get any errors at all following these instructions.

    I do agree with @Todor Petkov, that one should run the service through SSH tunnel. Perhaps Tecmint can post a revision to these with the option to run VNC via SSH.

  9. ramesh bolaram says:

    VNC Viewer is not able to display graphical window properly seems pixel – resolution issue, please help me

    FYI: https://imgur.com/a/F0MS2

  10. Todor Petkov says:

    Since VNC is not secured by default, I suggest making the server listen only on lo device and connecting to it via ssh tunnel.

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.