How to Configure a SSH Tunnel On A VNC Server – Ubuntu 14

Reading Time: 3 minutesVNC is short for ‘Virtual Network Computing’. It’s a simple method for sharing a graphical desktop environment. For example, if you install VNC on your hosted server, you could connect to its graphical desktop environment remotely.

Pre-Flight Check

Step #1: Create a New xstartup Configuration File
We’ll have to configure a new xstartup file, so let’s take a backup of the original: mv ~/.vnc/xstartup ~/.vnc/xstartup.bak For a refresher on editing files with vim see: New User Tutorial: Overview of the Vim Text Editor vim ~/.vnc/xstartup Insert the following into the new file: #!/bin/bash xrdb $HOME/.Xresources startxfce4 & Save and exit, and then correct the permissions on the new file: sudo chmod +x ~/.vnc/xstartup
Step #2: Create a VNC Service File
We’re going to use vim to create and edit a service file for the vncserver service. sudo vim /etc/init.d/vncserver There are four sections that will be added to the service file. The first sets up the environment that the service will run. Here you can manipulate the user, which in this case is exampleuser, and the display resolution, which in this case is 1024×768: #!/bin/bash PATH=”$PATH:/usr/bin/” export USER=”exampleuser” DISPLAY=”1″ DEPTH=”16″ GEOMETRY=”1024×768″ OPTIONS=”-depth ${DEPTH} -geometry ${GEOMETRY} :${DISPLAY} -localhost” . /lib/lsb/init-functions Using the -localhost feature is what limits VNC Server connections to ONLY possible once connected via an SSH Tunnel.
Be absolutely sure to replace exampleuser with the non-root user that you have set up prior to this tutorial.
The second sections binds the start command to two functions: starting a VNC server and a message stating that it is being started: case “$1” in start) log_action_begin_msg “Starting vncserver for user ‘${USER}’ on localhost:${DISPLAY}” su ${USER} -c “/usr/bin/vncserver ${OPTIONS}” ;; The third sections binds the stop command to two functions: stopping the VNC server and a message stating that it is being stopped: stop) log_action_begin_msg “Stopping vncserver for user ‘${USER}’ on localhost:${DISPLAY}” su ${USER} -c “/usr/bin/vncserver -kill :${DISPLAY}” ;; The fourth sections binds the restart command to running the stop and start command: restart) $0 stop $0 start ;; esac exit 0 And then correct the permissions on the new file: sudo chmod +x /etc/init.d/vncserver
Step #3: Use the VNC Service File
Start VNC Server: sudo service vncserver start Stop VNC Server: sudo service vncserver stop Restart VNC Server: sudo service vncserver restart
Step #4: Connection to the VNC Server via an SSH Tunnel
netstat -plant Shows: Proto  Recv-Q  Send-Q  Local Address  Foreign Address  State  PID/Program name tcp    0       0       127.0.0.1:5901   0.0.0.0:*        LISTEN 27760/Xtightvnc Per the previous article (How to Install VNC Server on Ubuntu 14.04 LTS), that means that VNC is listening on port 5901. But, instead of listening on all IPs (0.0.0.0:5901) VNC is only listening on 127.0.0.1, or localhost. To Connect via Linux First, establish an SSH tunnel: ssh -L 5901:127.0.0.1:5901 -N -f -l exampleuser ip_address Then connect to localhost:5901 via a VNC viewer such as TightVNC. To Connect via PuTTy Under Connection -> SSH -> Tunnels add: Source port: 5901 Destination: localhost:5901 And connect to your server at its IP address and port 22 via PuTTY. And then connect to localhost:5901 via a VNC viewer such as TightVNC.
Refer a friend and get hosting credit!