How to Remote Control Linux Server Using VNC through SSH Tunnel

Sometimes we need to have the GUI of some application on the remote server. ssh’s X11 forwarding with “-X” parameter is a good and fast method. But if we want to have a whole desktop environment, vnc is a good choice. In this post, the method of how to control remote server using vnc through a ssh tunnel is instructed. By using the ssh tunnel, the communication between the client and the server is encrypted. And under some condition we can only use the port 22 of the server, so this method is more valuable.

The default window manager of vncserver is twm.

ssh’s port forwarding function give us the convenient way to do this.

1) Connect to the server and meantime set up the port forwarding ssh tunnel

Suppose we use port 1111 on localhost for the remote control and the remote vnc server is the first one so the default port is 5901 on the server. We need to forward port 1111 on locahost to 5901 of the remote server. The command is like this:

ssh -L 1111:localhost:5901 username@vnc_server

This ssh tunnel works in this way: when a packet goes to port 1111 on localhost, this packet is forwarded to sshd running on the vnc_server, then the sshd running on the vnc_server forwards this packet to localhost:5901 that is the port 5901 on itself (vnc_server). The response packet follows the opposite of the path. So port 1111 of localhost can be regarded as the port 5901 on vnc_server.

2) Create a vncserver on vnc_server

If you haven’t set the vnc password, use “vncpasswd” to set it first. Then set up a vncserver:

vncserver

If it successes, it will give a message like this:
New ‘vnc_server:1 (username)’ desktop is vnc_server:1

1 means this is the first desktop. The port for this desktop is 5901. the nth desktop’s port is 590n.

3) Connect to the vnc server on client now

On the client side:

vncviewer localhost:1111

Now enjoy it ;)

After finished using this desktop, remember to close is on the server side:

vncserver -kill :1

1 is the server number that is used.

Eric Ma

Eric is a systems guy. Eric is interested in building high-performance and scalable distributed systems and related technologies. The views or opinions expressed here are solely Eric's own and do not necessarily represent those of any third parties.

2 comments:

  1. Actually, I think you should tell the reader how to install vncserver as
    follows ;-)

    # yum install tigervnc-server

Leave a Reply

Your email address will not be published. Required fields are marked *