Saturday, May 30, 2009

Use VNC to view remote desktops

Normally, SSH is a great tool to administer a remote computer. However, if you need access to X programs, you have to use the -X switch which is terribly slow, even over broadband.

VNC isn't super-fast, but it is usable. It can be sped up somewhat by minimizing the size and color depth of the desktop window you use.

Fortunately, openSUSE 11.1 includes a VNC server and client under Applications | System | Remote Access. Unfortunately, the VNC server is severely buggy and incorrectly reproduces the server's desktop. It is bad enough to be unusable.

However, it is easy to start and connect to a VNC server from the console. For this walkthrough, the server is the remote computer you want to connect to and the client is your computer.

1. Install the necessary software on both machines. In this case, you''ll need TightVNC. It is usually installed by default. Check this using:

rpm -qa | grep tightvnc

If nothing comes up then install it using:

sudo zypper install tightvnc

2. You need to open TCP port 5901 on the server and every router/modem it is behind. For example, your connection might look like this:

client---client's router---cable modem---internet---dsl modem---server's router---server

You need to open 5901/TCP on the dsl modem, the server's router, and the server. To do this on the dsl modem and the router, you'll need to refer to the manuals that came with those products. For the server you can do this through the appropriate YaST module:

sudo /sbin/yast firewall

3. Start the vncserver on the server.


The first time you do this you'll be prompted to enter a password (read my note on VNC security at the end first). You'll also be asked if you want to setup a view-only password; choose 'no'.

4. Start the vncviewer on the client. You'll need the IP address of the server. Here, I'm assuming its


Enter the password and you'll be connected to the server.

A few notes on this:

-VNC does not use encryption by default. If you're going to use the above setup unmodified, then keep in mind that your password should not be the same as your root password. It could be easy for an attacker to capture that password and then connect remotely to the system, so make sure that you shut down the VNC immediately after you're finished using it. Also, start the VNC server not as root.

-You can shutdown the VNC on the server by using:

vncserver -kill :1

-The ":1" is the desktop number. If you start multiple VNC servers, each one will have a different number. vncserver by default starts with 1 and increments up. The port for each desktop is 5900+number. So that's why we needed port 5901 for desktop number 1.

-You can speed things up by sending a smaller desktop across the connection. Try this vncserver command instead of the one in step #3.

vncserver -depth 8 -geometry 800x600

No comments:

Post a Comment