Install and Configure VNC Server on CentOS 8

5
5807

This guide will take you through how to install and configure VNC Server on CentOS 8. VNC is an acronym for Virtual Network Computing. It makes it easy to share the graphical desktop of a system for remote control of the system.

Install and Configure VNC Server on CentOS 8

In this guide, we are using TigerVNC to setup VNC Server on CentOS 8. TigerVNC works in a client-server architecture with vncserver being the utility that provides access to remote desktop and vncviewer being the client used to connect to VNC server.

Install VNC Server on CentOS 8

VNC server is provided by the tigervnc-server package which is available on the default CentOS 8 AppStream repos. Therefore, update your system and install VNC server by running the commands below;

sudo dnf update
sudo dnf install tigervnc-server

Configure VNC Server on CentOS 8

Create VNC Connection User Account

Once the installation completes, proceed to configure VNC server to define the users that are allowed to access remote desktop.

NOTE: The user must already be existing on the system.

You can however create a user account for VNC logins.

useradd johndoe
passwd johndoe

Disable Wayland and enable Xorg display server on CentOS 8

By default, CentOS 8 uses Wayland s the default X server. For the VNC logins to work, you need to force the login screen to use Xorg server by uncommenting the line #WaylandEnable=false, on the /etc/gdm/custom.conf configuration file.

sed -i 's/#WaylandEnable/WaylandEnable/' /etc/gdm/custom.conf

Reboot the System

Reboot your CentOS 8 system to apply the changes.

Once the system boots, login as the user with which you will be using for remote VNC desktop logins, in this case, johndoe.

Create VNC Systemd Service Unit file

Next, create a per user VNC systemd unit file under the home directory of every user you want to allow to connect to your remote desktop via VNC server.

For example, if you want to configure VNC server to provide a display for user, johndoe, create the VNC systemd configuration file for this user under /home/johndoe/.config/systemd/user.

As a user in question and create the service unit directory above;

[[email protected] ~]$ whoami
johndoe
mkdir -p ~/.config/systemd/user

Create user vnc service as follows.

cat > ~/.config/systemd/user/[email protected] << 'EOL'
[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target

[Service]
Type=forking

ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/usr/bin/vncserver %i -geometry 1912x988
ExecStop=/usr/bin/vncserver -kill %i

Restart=on-success
RestartSec=15

[Install]
WantedBy=default.target
EOL

You can also restrict connection to the VNC server only through localhost (Loopback) interface by adding the keyword, -localhost to the ExecStart line.

ExecStart=/usr/bin/vncserver -localhost %i

Then when run, it only opens connection on localhost.

You can as well copy the /usr/lib/systemd/system/[email protected] file to the user systemd service directory created above.

cp /usr/lib/systemd/user/[email protected] ~/.config/systemd/user

And modify it to suite your settings. For example, you can adjust the screen size geometry.

Reload systemd configurations to effect the changes made above.

systemctl --user daemon-reload

NOTE: If you get the error, Failed to connect to bus: No such file or directory, then you need to set your XDG_RUNTIME_DIR environment variable properly (This is usually done automatically when you login via GUI). Setting this environment variable manually, export XDG_RUNTIME_DIR=/run/user/$(id -u), doesn’t fix this.

To fix this, you MUST LOG OUT of your system and LOGIN as the user you will use for remote VNC logins, in this case johndoe.

Once you login, you can confirm your environment variables, using systemctl --user show-environment command.

[[email protected] ~]$ systemctl --user show-environment
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1001/bus
DESKTOP_SESSION=gnome
DISPLAY=:0
GDMSESSION=gnome
GDM_LANG=en_US.UTF-8
...
XDG_MENU_PREFIX=gnome-
XDG_RUNTIME_DIR=/run/user/1001
...

Create VNC Connection Password

Next, create the VNC password for the user whose VNC display has been configured. The password can set using the vncpasswd command.

vncpasswd

When prompted to set the read-only password, you can choose to not to set it

The VNC passwords are stored under $HOME/.vnc/passwd.

Once you have set the password, logout by pressing Ctrl+d or just type exit.

Running VNC Server

VNC server can be run as a normal systemd service. However, to run it, you need to assign a display number to the service. Systemd will automatically substitute the %i with the specified display number.

Start and enable VNC server on a specific display number, by running run the command below.

NOTE that am running this commands as remote VNC login user, johndoe in this case and starting VNC server on display number N.

Ensure that the display number you are using is not being used;

echo $DISPLAY

Start VNC on display number not being used currently.

systemctl --user enable [email protected]:2 --now

To ensure the service runs persistently, even when the user logs out, enable lingering;

loginctl enable-linger

To check the status;

systemctl status --user [email protected]:2
[email protected]:2.service - Remote desktop service (VNC)
   Loaded: loaded (/home/johndoe/.config/systemd/user/[email protected]; enabled; vendor preset: enabled)
   Active: active (running) since Thu 2020-06-25 15:52:49 EDT; 13s ago
  Process: 10858 ExecStart=/usr/bin/vncserver :2 -geometry 1912x988 (code=exited, status=0/SUCCESS)
  Process: 10852 ExecStartPre=/bin/sh -c /usr/bin/vncserver -kill :2 > /dev/null 2>&1 || : (code=exited, status=0/SUCCESS)
   CGroup: /user.slice/user-1001.slice/[email protected]/vncserver.slice/[email protected]:2.service
           ├─10866 /usr/bin/Xvnc :2 -auth /run/user/1001/gdm/Xauthority -desktop centos8.kifarunix-demo.com:2 (johndoe) -fp catalogue:/etc/X11/fontpath.d -geometry 1912x988 -pn -rfbauth /home/johndoe/.vnc/passw>
           ├─10871 /bin/sh /home/johndoe/.vnc/xstartup
           ├─10878 /usr/libexec/gnome-session-binary
           ├─10887 dbus-launch --sh-syntax --exit-with-session
           ├─10888 /usr/bin/dbus-daemon --syslog --fork --print-pid 6 --print-address 8 --session
           ├─10930 /usr/libexec/at-spi-bus-launcher
           ├─10935 /usr/bin/dbus-daemon --config-file=/usr/share/defaults/at-spi2/accessibility.conf --nofork --print-address 3
           ├─10939 /usr/libexec/at-spi2-registryd --use-gnome-session
           ├─10966 /usr/bin/gnome-shell
           ├─10976 /usr/libexec/gvfsd
           ├─11016 ibus-daemon --xim --panel disable
           ├─11018 /usr/libexec/xdg-permission-store
           ├─11025 /usr/libexec/ibus-dconf
           ├─11026 /usr/libexec/ibus-extension-gtk3
           ├─11030 /usr/libexec/ibus-x11 --kill-daemon

You can as well stop the VNC server session by running;

systemctl --user stop [email protected]:2

Allow VNC Server Access on FirewallD

VNC server listens on TCP port 590N. Where N is the VNC display number. This port is incremented based on the VNC display number. For example, for a display number 2, the VCN listens on port 5902.

ss -alt | grep 590
LISTEN   0         5                   0.0.0.0:5902              0.0.0.0:*      
LISTEN   0         5                      [::]:5902                 [::]:*

If firewalld is running, you need to open each VNC display port. For example to open port 5902 for display 2 on your active firewalld zone, execute;

firewall-cmd --get-active-zones

Replace ACTIVE_ZONE accordingly in the command below;

sudo firewall-cmd --add-port=5902/tcp --zone=ACTIVE_ZONE --permanent
sudo firewall-cmd --reload

Test VNC Server Connection

So how do you connect to your CentOS 8 desktop via the VNC server? vncviewer is the commonly used VNC client for connection to remote desktops via VNC server.

Install TigerVNC package on CentOS 8, which provides vncviewer utility.

dnf install tigervnc

Once the installation is done, you can test VNC server connection to your CentOS 8 system from another host;

vncviewer centos8.kifarunix-demo.com:5902

Where centos8.kifarunix-demo.com is the resolvable hostname for my CentOS 8 desktop with VNC server running. It can be an IP address.

If all is well, you will be prompted to enter the VNC authentication password.

Connected to RFB server, using protocol version 3.8
Performing standard VNC authentication
Password: PASSWORD_SET_WITH_vncpasswd

After a successful authentication, you should now land on CentOS 8 desktop environment.

Install and Configure VNC Server on CentOS 8

You have successfully connected to your remote CentOS 8 desktop via VNC server and that marks the end of our guide is all on how to install and configure VNC Server on CentOS 8.

You can use a more secure way of logging into to a remote desktop via VNC using SSH by following the link below.

Connect to VNC Server via SSH Tunnel

Other CentOS 8 guides

Install MariaDB 10.4 on CentOS 8

Install Webmin on CentOS 8

Install MySQL 8 on CentOS 8

Install PHP 7.4 on CentOS 8

5 COMMENTS

  1. I have follow the guide here and everything running as expected but vnc into my server will only show black screen? any ideas can help?

  2. I have met the same issue with Jason, after setting vncserver, when i enter into the server with vnc, the server only show black screen, so would you please help me show solve it, thx

LEAVE A REPLY

Please enter your comment!
Please enter your name here