VNC
Configure VNC Server on CentOS 7 / RHEL 7
Let’s start. If you don’t have desktop environment ( X windows ), issue the below commands one by one to install. It will take few minutes to install packages.
[root@world ~]# yum check-update
[root@world ~]# yum groupinstall "X Window System"
[root@world ~]# yum install gnome-classic-session gnome-terminal nautilus-open-terminal control-center liberation-mono-fonts
[root@world ~]# unlink /etc/systemd/system/default.target
[root@world ~]# ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target
[root@world ~]# reboot
After reboot, you will get Centos 7 desktop .
[root@server ~]# yum groupinstall "GNOME Desktop" "Graphical Administration Tools"
----X----
# yum -y install tigervnc-server xorg-x11-fonts-Type1 xinetd xrdp
# yum install tigervnc-server xorg-x11-fonts-Type1 -y
IF Problem
# yum -y install xrdp --enablerepo=cr
# cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:1.service
# vi /etc/systemd/system/vncserver@:1.service
At the end of the file, you will find the lines like below.
Now open /etc/systemd/system/vncserver@:1.service file and replace with your username .
---------------------------------------------------------
[Unit]Description=Remote desktop service (VNC)After=syslog.target network.target[Service]Type=simple
# Clean any existing files in /tmp/.X11-unix environment#ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'#ExecStart=/usr/bin/vncserver_wrapper <USER> %i#ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'ExecStart=/usr/sbin/runuser -l root -c "/usr/bin/vncserver %i"PIDFile=/home/root/.vnc/%H%i.pidExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
[Install]WantedBy=multi-user.target
---------------------------------------------------------
Find these lines:
ExecStart=/sbin/runuser -l <USER> -c "/usr/bin/vncserver %i"PIDFile=/home/<USER>/.vnc/%H%i.pidReplace (username as faruq ):ExecStart=/sbin/runuser -l faruq -c "/usr/bin/vncserver %i"PIDFile=/home/faruq/.vnc/%H%i.pid
Or root user:ExecStart=/sbin/runuser -l root -c "/usr/bin/vncserver %i"PIDFile=/root/.vnc/%H%i.pid
31 # `man vncviewer' manual page.323334 [Unit]35 Description=Remote desktop service (VNC)36 After=syslog.target network.target3738 [Service]39 Type=forking
40 # Clean any existing files in /tmp/.X11-unix environment41 ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'42 #ExecStart=/usr/sbin/runuser -l <USER> -c "/usr/bin/vncserver %i"43 #PIDFile=/home/<USER>/.vnc/%H%i.pid44 ExecStart=/sbin/runuser -l root -c "/usr/bin/vncserver %i -geometry 1280x1024"45 PIDFile=/home/root/.vnc/%H%i.pid46 ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'4748 [Install]49 WantedBy=multi-user.target
Replace <USER> with your real user, in my case, i replaced with a user called “root” .
Line Edit ---------------
40 ExecStart=/sbin/runuser -l root -c "/usr/bin/vncserver %i"
41 PIDFile=/root/.vnc/%H%i.pid
-----OR-------
[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target
[Service]
Type=simple
# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/usr/sbin/runuser -l root -c "/usr/bin/vncserver %i"
PIDFile=/home/root/.vnc/%H%i.pid
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
[Install]
WantedBy=multi-user.target
# systemctl daemon-reload
# vncpasswd
# c
systemctl enable vncserver@:1.service
systemctl start vncserver@:1.service
systemctl restart vncserver@:1.service
systemctl start xrdp.service
systemctl enable xrdp.service
systemctl start vncserver@:display_number.service
systemctl enable vncserver@:display_number.service
Firewall settings:
# firewall-cmd --permanent --zone=public --add-service vnc-server
# firewall-cmd --reload
# systemctl restart firewalld.service
Additional Commands :
» To stop VNC service .
[root@world ~]# systemctl stop vncserver@:1.service
» To disable VNC service from startup ( permanent ).
[root@world ~]# systemctl disable vncserver@:1.service
» To stop firewall ( For troubleshooting ).
[root@world ~]# systemctl stop firewalld.service
systemctl daemon-reload
systemctl start vncserver@:1
systemctl status vncserver@:1
systemctl enable vncserver@:1
In order to list the opened ports that are in the listening state, run the ss command as below.
# ss -tulpn| grep vnc
Then to allow external VNC clients to connect to the VNC server in CentOS, ensure that the proper VNC open ports are allowed to pass through your firewall.
# firewall-cmd --add-port=5901/tcp
# firewall-cmd --add-port=5901/tcp --permanent
Connecting to CentOS Desktop via VNC Client
# yum -y install vinagre
# ss -tlpn| grep Xvnc
3. Now, remotely connect to CentOS Desktop using this new VNC session, supply the IP: port combination (192.168.1.23:5903) in VNC client
Then to stop the VNC server instances, run the below command.
# killall Xvnc
# vncserver -kill :1
-------------Config VNC --------------
Install the tigervnc server, X11 fonts and xinetd.
[root@server ~]# yum install tigervnc-server xorg-x11-fonts-Type1 xinetd
Enable the XDMCP.
[root@server ~]# vi /etc/gdm/custom.conf
Add the following content.
[security] AllowRemoteRoot=true DisallowTCP=false [xdmcp] Enable=true MaxSessions=30
Create Xinetd service.
[root@server ~]# vi /etc/xinetd.d/vncserver
Place the following content on the above file.
service vncserver { disable = no socket_type = stream protocol = tcp group = tty wait = no user = nobody server = /usr/bin/Xvnc server_args = -inetd -query localhost -geometry 1024×768 -depth 16 -once -fp /usr/share/X11/fonts/misc -securitytypes=none }
Create VNC service.
[root@server ~]# vi /etc/services
Add the following line at the end of file.
vncserver 5900/tcp # VNC and GDM
Restart xinetd service
[root@server ~]# systemctl restart xinetd.service
Add firewall rules to allow the VNC connection, the following rule is set as per the port-offset mentioned in the previous step.
[root@server ~]# firewall-cmd --permanent --zone=public --add-port=5900/tcp [root@server ~]# firewall-cmd --reload
Reboot the machine, if required.
[root@server ~]# reboot
Use VNC viewer to connect.
ipaddress:5900
###################################################################################
------------XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX____________XXXXXXXXXXXXXXXXXXXXXXXX______________________
CentOS 7.4
[root@dlp ~]# yum -y install tigervnc-server
[root@dlp ~]# su - user1 # switch to a user you'd like to config VNC
[cent@dlp ~]$ vncpasswd # set VNC password
Password:# input
Verify:# confirm
# run with diplay number '1', screen resolution '800x600', color depth '24'
[cent@dlp ~]$ vncserver :1 -geometry 1200x786 -depth 24
[srijan@world ~]$
Configuring Your Firewall
Next, we will need to configure the firewall to allow VNC traffic through ports 5904 and 5905 only. CentOS 7 uses Dynamic Firewall through the firewalld daemon; the service doesn't need to restart for changes to take effect.
The firewalld service should start automatically at system boot time, but it's always good to check:
# firewall-cmd --state
This should show:
running
If the state is "not running" for any reason, execute the following command to make sure it's running:
# systemctl start firewalld
Now add the rules for ports 5904 and 5905:
# firewall-cmd --permanent --zone=public --add-port=5904-5905/tcp
OR
# firewall-cmd --permanent --zone=public --add-port=5905/tcp
Output:
success
Reload the firewall:
# firewall-cmd --reload
Output:
success
-----------------------ERROR
VNC won't start CentOS 7
# rm -f /tmp/.X4-lock
# rm -f /tmp/.X11-unix/X4
This worked for me on Centos7:
$ rm /tmp/.X11-unix/*
# systemctl restart vncserver@:1.service
Automatic (recommended):
Install EPEL and nux Desktop repository rpms.
# rpm -Uvh https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm # rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-1.el7.nux.noarch.rpm
Manual:
Create a repository file.
# vi /etc/yum.repos.d/xrdp.repo
Place the following content. Once added, save and close the file.
[xrdp] name=xrdp baseurl=http://li.nux.ro/download/nux/dextop/el7/x86_64/ enabled=1 gpgcheck=0
---------------------------------------------
As a temporary fix you could delete them:
rm -i /tmp/.X11-unix/X4
rm /tmp/Xn
rm -rf /tmp/.X11-unix/Xn (where n is the port/socket number)
For a more permanent solution, you can add this line under the "ExecStartPre" line:
ExecStartPre=/bin/sh -c 'rm -rf /tmp/.X11-unix/X* > /dev/null 2>&1 || :'
After doing either of these steps, you should either (re)start the vnc daemon or reboot.
------------------------------
# vncserver -kill :1
# vncserver -kill :#
# vi ~/.vnc/xstartup
# Uncomment the following two lines for normal desktop: unset SESSION_MANAGER exec /etc/X11/xinit/xinitrc
----------OR-------
####### Content of home/USERNAME/.vnc/xstartup, owned by USERNAME #!/bin/sh unset SESSION_MANAGER unset DBUS_SESSION_BUS_ADDRESS
exec /etc/X11/xinit/xinitrc &
----------------------