First of all what is VNC?
When I was converting a kiosk with a touch panel, windows 7 installed, into Debian GNU/Linux I needed a tool for remote access other than ssh to solve the problems with GUI. I used Debian (jessie) with xfce window manager, which is a lightweight window manager. After some trial and errors with tightvncserver and vnc4server I found x11vnc server more practical (I just felt that way). x11vnc is available in the official repositories. For my project vnc server must not start a new session for each connection, instead it must start the current session logged in (visible display) for the regular user I created (who does not have root access). This becomes the display “:0” in vnc server. In this tutorial I will refer regular user as “theuser” after this point.
For security reasons you must not provide the vnc server password from the command line.
Instructions are applicable to the most Linux distributions including Raspbian or Kali Linux
First of all install x11vnc if not installed
aptitude update aptitude install x11vnc
You should create a password for theuser
[email protected]:~$ x11vnc -storepasswd Enter VNC password: .... Verify password: .... Write password to /home/theuser/.vnc/passwd? [y]/n y Password written to: /home/theuser/.vnc/passwd
Let's create a bash script to start vnc server from command line as a background process. Save this file to a folder where “theuser” can access and execute it (e.g. home folder of theuser). For Linux beginners; you can create a file and put content like this (use command line)
nano <filepath> then paste the bash code below and press
Ctrl+X then press
Enter. You can paste with mouse right menu or
#!/bin/bash x11vnc -display :0 -forever -shared -o /home/theuser/x11vnc.log -bg -rfbauth /home/theuser/.vnc/passwd
The parameters passed are;
-forever: If a client is connected, new connection does not end the previous connection.
-shared: If you want to enable multiple user logins simultaneously to vnc server
-bg: Server process returns to background after initialization
-o: write error output to the log file
-display: To mention the display number, it is :0 in our case
-rfbauth: authorization through passwd file
Do not forget to make the script executable
For Linux beginners; (use command line)
chmod +x <filepath>
You may want to start the script (x11vnc server) as soon as theuser logs in. To do that, you must add the script path to the startup. You can add it using the xfce settings manager as below
Do not forget that even if you add a startup script, x11vnc server does not start before user login. You may implement auto login for theuser or you may start the script using ssh if theuser has already logged in.
Note: VNC server default port is 5900. If port 5900 is not available, server tries these ports 5901,5902, etc. Make sure you don't run multiple server instance at different ports unintentionally.
Note: Do not try to modify script to start vnc server as a service (init.d script), it does not work because an X session is created after user login.
If you are also looking for a VNC viewer, www.realvnc.com offers a quite good free vnc viewer for many platforms. I do not want to advertise their product but I do feel comfortable with it. Unfortunately, it lacks ssl support. For encryption purposes, you may implement ssh port forwarding and tunneling.