RHEL BasedRocky Linux

How To Install VNC Server on Rocky Linux 9

r00t

Install VNC Server on Rocky Linux 9

In this tutorial, we will show you how to install VNC Server on Rocky Linux 9. Remote access to your Rocky Linux 9 system has never been more crucial, especially in today’s distributed work environments. Virtual Network Computing (VNC) offers a robust solution for managing your server or desktop from afar. This comprehensive guide will walk you through the process of installing and configuring a VNC server on Rocky Linux 9, ensuring you can securely access your system’s graphical interface from anywhere in the world.

Introduction to VNC Remote Access

VNC technology allows users to view and interact with a remote computer’s desktop environment as if they were sitting directly in front of it. TigerVNC, a high-performance VNC server, is particularly well-suited for Rocky Linux 9 due to its compatibility and optimization for modern Linux distributions.

Key benefits of using TigerVNC on Rocky Linux include:

  • Cross-platform compatibility
  • Efficient bandwidth usage
  • Enhanced security features
  • Support for multiple simultaneous connections

Common use cases for VNC servers range from remote system administration and troubleshooting to accessing resource-intensive applications on more powerful machines.

System Requirements and Prerequisites

Before diving into the installation process, ensure your Rocky Linux system meets the following requirements:

  • Rocky Linux version 8.x or 9.x (this guide focuses on 9.x)
  • Minimum 2GB RAM (4GB recommended for smoother performance)
  • At least 20GB of free disk space
  • A stable internet connection
  • Root or sudo access to the system

Additionally, you’ll need to consider network requirements. VNC typically uses ports in the range of 5900-5909. Ensure these ports are accessible through your firewall if you plan to connect from outside your local network.

For secure remote access, an SSH client on your local machine is essential. This will allow you to create encrypted tunnels for VNC connections, significantly enhancing security.

Preparing Rocky Linux 9 System

System Update and Maintenance

Begin by updating your Rocky Linux 9 system to ensure you have the latest security patches and package versions:

sudo dnf update -y

This command will fetch the latest package information and upgrade all installed packages to their newest versions. It’s crucial to perform this step regularly to maintain system security and stability.

Desktop Environment Installation

VNC requires a graphical desktop environment to function. While GNOME is the default for Rocky Linux, XFCE is often preferred for VNC due to its lighter resource footprint. Let’s install XFCE:

First, enable the EPEL repository:

sudo dnf install epel-release -y

Next, install XFCE and the necessary X Window System components:

sudo dnf groupinstall "Xfce" "base-x" -y

After installation, set the default target to graphical:

sudo systemctl set-default graphical.target

This ensures that the system boots into a graphical environment, which is necessary for VNC to function properly.

TigerVNC Server Installation

4.1 Package Installation

Now that our system is prepared, let’s install TigerVNC server:

sudo dnf install tigervnc-server tigervnc-server-module -y

This command installs both the TigerVNC server and its associated kernel module. Always verify package signatures to ensure you’re installing authentic software from trusted repositories.

User Configuration

It’s a best practice to create a dedicated user account for VNC access, rather than using your primary account. This enhances security by isolating VNC sessions. Create a new user with the following command:

sudo adduser vncuser
sudo passwd vncuser

Next, set up a VNC password for this user:

su - vncuser
vncpasswd
exit

Follow the prompts to set a strong password. Remember, this password is separate from the user’s system password and will be used specifically for VNC authentication.

Service Configuration

Configure the VNC service by editing the vncserver.users file:

sudo nano /etc/tigervnc/vncserver.users

Add the following line to assign display :1 to your VNC user:

:1=vncuser

This configuration maps port 5901 to the vncuser account. You can add additional lines for more users, incrementing the display number (e.g., :2, :3) and corresponding ports (5902, 5903).

Advanced Configuration

Resolution and Display Settings

Customize your VNC session’s screen resolution by creating a configuration file for your user:

sudo nano /home/vncuser/.vnc/config

Add the following lines to set a 1920×1080 resolution:

geometry=1920x1080
depth=24

Adjust these values according to your preferences and display capabilities.

Security Hardening

Enhance VNC security by implementing SSH tunneling. This encrypts your VNC traffic, protecting it from potential eavesdropping. To create an SSH tunnel, use the following command on your local machine:

ssh -L 5901:localhost:5901 vncuser@your_server_ip

Configure your firewall to allow VNC traffic:

sudo firewall-cmd --permanent --add-service=vnc-server
sudo firewall-cmd --reload

If you’re using SELinux, you may need to adjust contexts to allow VNC to function properly:

sudo setsebool -P vncserver_x11_t on

Multi-User Configuration

For environments requiring multiple VNC users, repeat the user creation and configuration steps for each account. Assign unique display numbers and ports to each user in the vncserver.users file.

Connection Methods

Local Network Access

To connect within your local network, use a VNC viewer application and enter your server’s IP address followed by the port number. For example:

192.168.1.100:5901

Secure Remote Access

For remote access, always use SSH tunneling as described earlier. Once the tunnel is established, connect your VNC client to localhost:5901.

Consider implementing a VPN for an additional layer of security, especially in corporate environments.

Web-Based Clients

For convenient access without installing a VNC client, consider setting up noVNC, a HTML5 VNC client. This allows you to access your VNC server through a web browser.

Maintenance and Troubleshooting

Service Management

Start your VNC server with:

sudo systemctl start vncserver@:1

To enable VNC to start automatically at boot:

sudo systemctl enable vncserver@:1

Monitor VNC logs for troubleshooting:

journalctl -u vncserver@:1

Common Issues

  • Authentication Failures: Double-check your VNC password and ensure you’re using the correct credentials.
  • Black Screen: This often occurs due to mismatched display settings. Verify your .vnc/config file and ensure your client supports the specified resolution.
  • Connection Refused: Check your firewall settings and ensure the VNC service is running.

Performance Optimization

Improve VNC performance by adjusting compression settings in your .vnc/config file:

CompressLevel=9
Quality=5

Experiment with these values to find the optimal balance between image quality and responsiveness.

Security Best Practices

Implement these additional security measures to protect your VNC server:

  • Regularly rotate VNC passwords
  • Use Fail2ban to prevent brute-force attacks
  • Implement IP whitelisting in your firewall configuration
  • Consider certificate-based authentication for enhanced security
  • Regularly audit your VNC logs for suspicious activity

Congratulations! You have successfully installed VNC. Thanks for using this tutorial for installing the VNC Server on your Rocky Linux 9 system. For additional help or useful information, we recommend you check the official VNC website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2025 idroot.us | All Rights Reserved | Follow us for more tutorials!
Back to top button