Virtual Network Computing, commonly known as VNC, is a technology that allows one to remotely view and control a computer's desktop. It is a very handy tool that is not specific only to Linux; however, it can be a bit more difficult to configure and effectively use. The aim of this document is to make that process a bit simpler.

The Basics

VNC may be obtained from a number of repositories, if it hasn't come pre-installed in your distribution. Originally developed by AT&T laboratories, it is now available in several flavors, such as RealVNC and TightVNC. By and large they are the same for basic functionality.

The idea of VNC is that one launches a VNC server which provides access to the machine on which it runs. Then, a remote VNC client may connect to the server and manipulate the machine remotely. VNC clients are included with the distributions as well. Some desktop environments include VNC clients as components of other remote desktop tools, such as Krdc. Also included as an option in some server packages are a Java web applet which allows any browser with a Java plugin to remotely control the server. This provides great accessibility to the server.

It should be noted, however, that VNC does not carry any intrinsic encryption or other forms of connection security. All data is sent in the clear from client to server. If this is over the Internet, this is a bad idea. That is, one should consdider use of VNC only on a protected network environment unless additional measures are taken to secure the session.

Starting and Stopping a Session

On Linux, the VNC session is initiated from a terminal session. This may be local to the machine or a remote terminal such as an SSH session. The following will start a session running:

user@host$vncserver -geometry 1024x768 -depth 24

From the output, you can tell what session number you have been assigned:

New 'host:1 (user)' desktop is host:1
 
Starting applications specified in /home/user/.vnc/xstartup
Log file is /home/user/.vnc/host:1.log

In this case, session 1 has been created. This differs from typical Windows implementations of VNC, which default to session number zero.

The nice thing about VNC is that it is persistent. It runs independently of the terminal session which spawned it; that is, you can close the SSH session or terminal window which you used to start the server and the server will continue to run.

When you're done with the session, you may kill it from any command line:

user@host$vncserver -kill :1
Killing Xvnc process ID 12345

VNC Port Settings

VNC sessions are easy to manage from a firewall perspective. All traffic for a particular session travels over a single port. The port is dependent on the session number as follows:

• 58xx for standard VNC clients
• 59xx for the Java browser client

where xx is the session number. For instance, to connect to session 3, you would require port 5803 open for standard VNC communications and 5903 if you wanted to allow a browser to connect via the Web client.

Connecting to a VNC Session

Using your VNC client of choice, all you need to do is connect to the VNC session you have created. For instance, using the command-line client:

user@host$vncviewer host:1

will connect to session 1 on host host, with network traffic over port 5801.