Updates from Ricky Lindén

VNC server setup on Debian 10


As much as I find Windows cumbersome to use in most use cases, I will give the devil his due and admit that setting up RDP on Windows is a breeze compared to setting up VNC on Linux. (If there are distros out there that has a well working VNC server setup out of the box one enable check away, I take back what I said, but my experience with Debian and CentOS has been it needs to be setup from scratch practically.)

Personally I had issues with TigerVNC, which seems to be the default option in many tutorials. But this is Linux and there are many other alternatives, I found tightvncserver worked well. This guide also includes setting up a local ssh tunnel to your server and connecting with Remmina as VNC client.

The following instructions are mostly based on this tutorial by TechRepublic with some slight changes.

On the server side

1. After having updated your Debian 10 server you need to install a desktop environment. (If you don't got one already.) I will go with good ol' xfce:

sudo apt install xfce4 xfce4-goodies

2. Then we'll install the vnc server. Please pay attention to the output when the server starts:

sudo apt install tightvncserver

3. Kill the VNC-server. We need to change some settings. :1 might change depending on your setup, check the output when you installed the server:

vncserver -kill :1

4. In your text editor of choice, open up (or create) ~/.vnc/xstartup so it looks like this:

xrdb $HOME/.Xresourcces
startxfce4 &

5. Make the config executable:

chmod +x ~/.vnc/xstartup

6. Start the vncserver in a resolution of your choice (or go with running only ''vncserver'' command without the geometry flag and resolution). Pro tip: Save this command as a script or bashalias:

vncserver -geometry 1850x1000

On the client side

1. On your own local computer you need a VNC client. I am assuming you are using a Debian/Ubuntu-based distribution, so let's install Remmina:

sudo apt install remmina

2. Before connecting to your vnc server, we need to secure the connection because vnc is out of the box unencrypted. This can be done with a local ssh tunnel for instance.
Change SERVER-USERNAME-HERE with the user on your server and SERVER-IP-HERE with the ip of your server. In case you are already running something on port 5901 you need to change that accordingly, most probably though that port is free to use.
Pro tip: Make this command a bash alias or save it as a script or add it to your openssh config:


3. Open up Remmina. Create a new VNC connection where you enter your server's username and password and as server IP enter your local tunnel:


If the resolution is wrong, close the Remmina client connection and on the server side kill the vnc server and when starting it again change the resolution before reconnecting through Remmina again.