How to Install and Configure VNC Server in CentOS 7

In this guide we’ll explain how to install and configure VNC Remote Access in latest release of CentOS 7 and RHEL 7 Desktop edition via tigervnc-server program.

VNC (Virtual Network Computing) is a server-client protocol which allows user accounts to remotely connect and control a distant system by using the resources provided by the Graphical User Interface.

Unlike other VNC servers available which connects directly to the runtime desktop, such as VNC X or Vino, tigervnc-vncserver uses a different mechanism that configures a standalone virtual desktop for each user.

Requirements

1. CentOS 7 Installation Procedure

 

Step 1: — Installing GNOME Desktop

Now we will install GNOME desktop. GNOME is a collaborative effort: it's a collection of free and open source software that makes up a very popular desktop environment. There are other desktop environments like KDE, but GNOME is more popular. Our VNC users will use GNOME to interact with the server from its desktop:

sudo yum groupinstall -y "GNOME Desktop"

Depending on the speed of your network, this can take a few minutes.

Once the package group is installed, reboot the server:

sudo reboot

Troubleshooting — Server Stuck at Boot Phase

Depending on how your server has been set up, when the machine starts up it may remain in the boot phase showing a message like this:

Initial setup of CentOS Linux 7 (core)
1) [!] License information (Licence not accepted)
Please make your choice from above ['q' to quit | 'c' to continue | 'r' to refresh]:

To get past this, press 1 (license read), then 2 (accept licence), and then C (to continue). You may have to press C two or more times. The image below shows this:

 

Step  2: Install and Configure VNC in CentOS 7

1. Tigervnc-server is a program which executes an Xvnc server and starts parallel sessions of Gnome or other Desktop Environment on the VNC desktop.

A started VNC user session can be accessed by same user from multiple VNC clients. In order to install TigerVNC server in CentOS 7, open a Terminal session and issue the following command with root privileges.

$ sudo yum install tigervnc-server

2. After, you’ve installed the program, login with the user you want to run the VNC program and issue the below command in terminal in order to configure a password for the VNC server.

Be aware that the password must be at least six characters length.

$ su - your_user  # If you want to configure VNC server to run under this user directly from CLI without switching users from GUI
$ vncpasswd

3. Next, add a VNC service configuration file for your user via a daemon configuration file placed in systemd directory tree. In order to copy the VNC template file you need to run the following command with root privileges.

If your user is not granted with sudo privileges, either switch directly to root account or run the command from an account with root privileges.

# cp /lib/systemd/system/vncserver@.service  /etc/systemd/system/vncserver@:1.service

4. On the next step edit the copied VNC template configuration file from /etc/systemd/system/ directory and replace the  values to reflect your user as shown in the below sample.

The value of 1 after @ sign represents the display number (port 5900+display). Also, for each started VNC server, the port 5900 will be incremented by 1.

# vi /etc/systemd/system/vncserver@\:1.service

Add the following lines to file file vncserver@:1.service.

（my_user ）:  

sudo useradd -c "User Joe Configured for VNC Access" my_user
sudo passwd my_user
su my_user 切換使用者
vncserver 設定vnc連線密碼

 

[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target
[Service]
Type=forking
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/sbin/runuser -l my_user -c "/usr/bin/vncserver %i -geometry 1280x1024"
PIDFile=/home/my_user/.vnc/%H%i.pid
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
[Install]
WantedBy=multi-user.target

5. After you’ve made the proper changes to VNC service file, reload systemd system initialization program to pick up the new vnc configuration file and start the TigerVNC server.

Also, check VNC service status and enable the VNC daemon system-wide by issuing the below commands.

# systemctl daemon-reload
cd  /etc/systemd/system
# systemctl start vncserver@:1
# systemctl status vncserver@:1
# systemctl enable vncserver@:1

systemctl start vncserver@:1這邊可能出錯，出錯的原因可能是你之前已經起過，需要使用如下指令刪除服務。

vncserver -kill :1

 

6. To list the opened ports in listening state owned by the VNC server, run the ss command, which is used in CentOS 7 to display network sockets. Because you’ve only started one instance of VNC server, the first open port is 5901/TCP.

Again, the ss command must be executed with root privileges. In case you start other VNC instances in parallel for different users, the port value will be 5902 for the second, 5903 for the third and so on. The ports 6000+ are used for allowing the X applications to connect to the VNC server.

# ss -tulpn| grep vnc

 

7. In order to allow external VNC clients to connect to the VNC server in CentOS, you need to make sure the proper VNC open ports are allowed to pass through your firewall.

In case just one instance of VNC server is started, you only need to open the first allocated VNC port: 5901/TCPby issuing the below commands to apply the firewall configuration at runtime.

# firewall-cmd --add-port=5901/tcp
# firewall-cmd --add-port=5901/tcp --permanent

 

Step 3: Connecting to CentOS Desktop via VNC Client

8. Being a platform independent protocol, remote Graphical User Interface VNC connections can be performed from almost any operating system with a GUI and a specialized VNC client.

A popular VNC client used in Microsoft based operating systems, fully compatible with Linux TigerVNC server, is the RealVNC VNC Viewer.

 

In order to remotely connect to CentOS Desktop from a Microsoft OS via VNC protocol, open VNC Viewerprogram, add the IP address and port number of CentOS VNC server and hit [enter] key.

After the VNC connection has been established a warning saying that the connection is not encrypted should be displayed on your screen as illustrated in the below screenshots.

VNC Viewer Client

VNC Viewer Client Connection

9. In order to bypass the warning, hit on Continue button, add the password setup for the VNC server at point 2 and you should be remotely connected to CentOS Desktop with the user configured to run the VNC server instance.

VNC Server User Password

VNC Remote CentOS Desktop

10. In case a new Authentication message appears on your screen and your user has no root privileges, just hit Cancel button to continue to CentOS Desktop, as shown in the below screenshot.

VNC Server Authentication Warning

Be aware that the established VNC communication between the server and client and any data exchanged (except the password) run over an unencrypted channel. In order to encrypt and secure the VPN data transfer, first you need to setup a secure SSH tunnel and run any subsequent VPN traffic over the SSH tunnel.

Read Also: Remotely Install CentOS 7 or RHEL 7 Using VNC Mode

That’s all! You can now access your CentOS 7 system and perform administrative tasks by using the graphical user interface provided by the operating system.

 

Refer:

1. How To Install and Configure VNC Remote Access for the GNOME Desktop on CentOS 7

2. https://www.tecmint.com/install-and-configure-vnc-server-in-centos-7/

 

VNC配置

1. yum install tigervnc-server
2. cp /lib/systemd/system/vncserver@.service  /etc/systemd/system/vncserver@:1.service
3. vi /etc/systemd/system/vncserver@\:1.service
    > sudo useradd -c "User Joe Configured for VNC Access" cuckoo
    > 
    > sudo passwd cuckoo
    > 
    > su cuckoo 切換使用者
    > 
    > vncserver 設定vnc連線密碼 <root 使用者直接設定即可>

        [Unit]
        Description=Remote desktop service (VNC)
        After=syslog.target network.target
        [Service]
        Type=forking
        ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
        ExecStart=/sbin/runuser -l root -c "/usr/bin/vncserver %i -geometry 1920x1080"
        PIDFile=/home/root/.vnc/%H%i.pid
        ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
        [Install]

4. systemctl daemon-reload
5. cd  /etc/systemd/system
6. systemctl start vncserver@:1
7. systemctl status vncserver@:1
8. systemctl enable vncserver@:1

(vnc刪除指令： vncserver -kill :1)