Install and Configure VNC Server on CentOS 8


This guide will take you through how to install and configure VNC Server on CentOS 8. VNC is an acronym for Virtual Network Computing. It makes it easy to share the graphical desktop of a system for remote control of the system.

Install and Configure VNC Server on CentOS 8

In this guide, we are using TigerVNC to setup VNC Server on CentOS 8. TigerVNC works in a client-server architecture with vncserver being the utility that provides access to remote desktop and vncviewer being the client used to connect to VNC server.

Install VNC Server

VNC server is provided by the tigervnc-server package which is available on the default CentOS 8 AppStream repos. Therefore, update your system and install VNC server by running the commands below;

sudo dnf update
sudo dnf install tigervnc-server

Configure VNC Server on CentOS 8

Once the installation completes, proceed to configure VNC server to define the users that are allowed to access remote desktop. VNC server configuration is managed by Systemd.

NOTE: The user must already be existing on the system. Hence, create the user account for VNC logins.

useradd USER_A
passwd USER_A

Next, create a per user VNC systemd configuration file under, /etc/systemd/system/ directory.

For example, if you want to configure VNC server to provide a display for user, USER_A, create the VNC systemd configuration file for this user.

You can simply copy the /usr/lib/systemd/system/[email protected] file renaming it per user and modify it as shown below;

cp /usr/lib/systemd/user/[email protected] /etc/systemd/system/[email protected]
vim /etc/systemd/system/vncserver-USER_A@.service
Description=Remote desktop service (VNC)


ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/usr/bin/vncserver -autokill %i
ExecStop=/usr/bin/vncserver -kill %i



Restrict connection to the VNC server only through localhost (Loopback) interface by adding the keyword, -localhost to the ExecStart line.

ExecStart=/usr/bin/vncserver -localhost %i

Then when run, it only opens connection on localhost.

Reload systemd configurations to effect the changes made above.

systemctl daemon-reload

Next, create the VNC password for the user whose VNC display has been configured. The password can set using the vncpasswd command.

su - USER_A

Next, create the VNC password. When prompted to set the read-only password, you can choose to not to set it


The VNC passwords are stored under $HOME/.vnc/passwd.

Once you have set the password, logout to root account by pressing Ctrl+d or just type exit.

Running VNC Server

VNC server can be run as a normal systemd service. However, to run it, you need to assign a display number to the service. Systemd will automatically substitute the %i with the specified display number.

One thing to note before starting VNC user service is that, if you

To start and enable VNC server on display number 1;

systemctl start vncserver-USER_A@:1

To enable the service to run on system boot;

systemctl enable vncserver-USER_A@:1

To check the status;

systemctl status vncserver-USER_A@:1
[email protected]:1.service - Remote desktop service (VNC)
   Loaded: loaded (/etc/systemd/system/[email protected]; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2019-10-04 02:17:28 EDT; 21s ago
    Tasks: 156 (limit: 11512)
   Memory: 204.1M
   CGroup: /system.slice/system-vncserver\x2damos.slice/[email protected]:1.service
           ├─4016 /usr/bin/Xvnc :1 -auth /home/amos/.Xauthority -desktop (amos) -fp catalogue:/etc/X11/fontpath.d -geomet>
           ├─4021 /bin/sh /home/amos/.vnc/xstartup
           ├─4022 /usr/libexec/gnome-session-binary

VNC server listens on TCP port 590N. Where N is the VNC display number. This port is incremented based on the VNC display number. For example, for a display number 1, the VCN listens on port 5901.

ss -alt | grep 5901
LISTEN   0         5             *      
LISTEN   0         5                      [::]:5901                 [::]:*

You can as well stop the VNC server session by running;

systemctl stop vncserver-USER_A@:1

Allow VNC Server Access on FirewallD

If firewalld is running, you need to open each VNC display port. For example to open port 5901 for display 1 on your active firewalld zone, execute;

firewall-cmd --get-active-zones
firewall-cmd --add-port=5901/tcp --zone=ACTIVE_ZONE --permanent

Replace ACTIVE_ZONE accordingly.

firewall-cmd --reload

Test VNC Server Connection

So how do you connect to your CentOS 8 system via the VNC server? To connect to a VNC server, you need to a VNC client. vncviewer is the commonly used VNC client.

Install TigerVNC client, which provides vncviewer.

dnf install tigervnc

Once the installation is done, you can test VNC server connection to your CentOS 8 system locally as follows;

vncviewer localhost:5901

If you are testing the above command from an SSH session, ensure X11 forwarding is enabled. (ssh -X [email protected])

If all is well, you will be prompted to enter the authentication password.

Once logged in, run through the initial VNC gnome session setup for the user after which you land on CentOS 8 desktop.

Install and Configure VNC Server on CentOS 8

That is all on how to install and configure VNC Server on CentOS 8.

Learn how to remotely connect to VNC server via SSH by following the link below.

Connect to VNC Server via SSH Tunnel

Other CentOS 8 guides

Install MariaDB 10.4 on CentOS 8

Install Webmin on CentOS 8

Install MySQL 8 on CentOS 8

Install PHP 7.4 on CentOS 8


Please enter your comment!
Please enter your name here