vncserver<\/strong><\/code> being the utility that provides access to remote desktop and vncviewer<\/strong><\/code> being the client used to connect to VNC server.<\/p>\n\n\n\nInstall VNC Server<\/h3>\n\n\n\n
VNC server is provided by the tigervnc-server<\/code> package which is available on the default Rocky Linux 8 AppStream repos. Therefore, update your system and install VNC server by running the commands below;<\/p>\n\n\n\nsudo dnf update<\/code><\/pre>\n\n\n\nsudo dnf install tigervnc-server<\/code><\/pre>\n\n\n\nConfigure VNC Server on Rocky Linux 8<\/h3>\n\n\n\nCreate VNC Connection User Account<\/h4>\n\n\n\n
Once the installation completes, proceed to configure VNC server to define the users that are allowed to access remote desktop. <\/p>\n\n\n\n
NOTE:<\/strong> The user must already be existing on the system.<\/p>\n\n\n\nYou can however create a user account for VNC logins.<\/p>\n\n\n\n
useradd janedoe<\/code><\/pre>\n\n\n\npasswd janedoe<\/code><\/pre>\n\n\n\nDisable Wayland and enable Xorg display server on Rocky Linux 8<\/a><\/h4>\n\n\n\nBy default, Rocky Linux 8 uses Wayland s the default X server<\/strong>. For the VNC logins to work, you need to force the login screen to use Xorg<\/strong> server by uncommenting the line #WaylandEnable=false<\/strong><\/code>, on the \/etc\/gdm\/custom.conf<\/code> configuration file.<\/p>\n\n\n\nsed -i 's\/#WaylandEnable<\/strong>\/WaylandEnable<\/strong>\/' \/etc\/gdm\/custom.conf<\/code><\/pre>\n\n\n\nReboot the System<\/h4>\n\n\n\n
Reboot your Rocky Linux 8 system to apply the changes.<\/p>\n\n\n\n
Once the system boots, login as the user with which you will be using for remote VNC desktop logins,<\/strong> in this case, janedoe.<\/p>\n\n\n\nCreate VNC Systemd Service Unit file<\/h4>\n\n\n\n
Next, create a per user VNC systemd unit file under the home directory of every user you want to allow to connect to your remote desktop via VNC server.<\/p>\n\n\n\n
For example, if you want to configure VNC server to provide a display for user, janedoe<\/code><\/strong>, create the VNC systemd configuration file for this user under \/home\/janedoe\/.config\/systemd\/user<\/strong><\/code>.<\/p>\n\n\n\nAs a user in question and create the service unit directory above;<\/p>\n\n\n\n
su - janedoe<\/code><\/pre>\n\n\n\nmkdir -p ~\/.config\/systemd\/user<\/code><\/pre>\n\n\n\nCreate user vnc service as follows.<\/p>\n\n\n\n
\ncat > ~\/.config\/systemd\/user\/vncserver@.service << 'EOL'\n[Unit]\nDescription=Remote desktop service (VNC)\nAfter=syslog.target network.target\n\n[Service]\nType=forking\n\nExecStartPre=\/bin\/sh -c '\/usr\/bin\/vncserver -kill %i > \/dev\/null 2>&1 || :'\nExecStart=\/usr\/bin\/vncserver %i -geometry 1912x988\nExecStop=\/usr\/bin\/vncserver -kill %i\n\nRestart=on-success\nRestartSec=15\n\n[Install]\nWantedBy=default.target\nEOL\n<\/code><\/pre>\n\n\n\nYou can also restrict connection to the VNC server only through localhost (Loopback) interface by adding the keyword, -localhost<\/code> to the ExecStart<\/code> line.<\/p>\n\n\n\nExecStart=\/usr\/bin\/vncserver -localhost %i<\/code><\/pre>\n\n\n\nThen when run, it only opens connection on localhost.<\/p>\n\n\n\n
To create a systemd service as shown above, you can as well copy the \/usr\/lib\/systemd\/system\/vncserver@.service<\/code> file to the user systemd service directory created above.<\/p>\n\n\n\ncp \/usr\/lib\/systemd\/user\/vncserver@.service ~\/.config\/systemd\/user<\/code><\/pre>\n\n\n\nAnd modify it to suite your settings. For example, you can adjust the screen size geometry.<\/strong><\/p>\n\n\n\nReload systemd configurations to effect the changes made above.<\/p>\n\n\n\n
systemctl --user daemon-reload<\/code><\/pre>\n\n\n\nNOTE: <\/strong>If you get the error, Failed to connect to bus: No such file or directory<\/strong>, then you need to set your XDG_RUNTIME_DIR<\/code><\/strong> environment variable properly (This is usually done automatically when you login via GUI).<\/p>\n\n\n\nIf you logged in via the GUI and still experience the issue, set this environment variable manually, export XDG_RUNTIME_DIR=\/run\/user\/$(id -u)<\/code>, on your bashrc file.<\/p>\n\n\n\necho 'export XDG_RUNTIME_DIR=\/run\/user\/$(id -u)' >> ~\/.bashrc\nsource ~\/.bashrc<\/code><\/pre>\n\n\n\nNext, confirm your environment variables, using systemctl --user show-environment<\/strong><\/code> command.<\/p>\n\n\n\nsystemctl --user show-environment<\/strong><\/code><\/pre>\n\n\n\n\nDBUS_SESSION_BUS_ADDRESS=unix:path=\/run\/user\/1001\/bus\nDESKTOP_SESSION=gnome\nDISPLAY=:1\nGDK_BACKEND=x11\nGDMSESSION=gnome\nGDM_LANG=en_US.UTF-8\nGNOME_DESKTOP_SESSION_ID=this-is-deprecated\nHISTCONTROL=ignoredups\nHISTSIZE=1000\nHOME=\/home\/janedoe\n...\n...\n<\/code><\/pre>\n\n\n\nCreate VNC Connection Password<\/h4>\n\n\n\n
Next, create the VNC password for the user whose VNC display has been configured. The password can set using the vncpasswd<\/code><\/strong> command.<\/p>\n\n\n\nvncpasswd<\/code><\/pre>\n\n\n\nWhen prompted to set the read-only password, you can choose to not to set it<\/strong><\/p>\n\n\n\nThe VNC passwords are stored under $HOME\/.vnc\/passwd<\/code>.<\/p>\n\n\n\nOnce you have set the password, logout by pressing Ctrl+d<\/code> or just type exit<\/code>.<\/p>\n\n\n\nRunning VNC Server<\/h3>\n\n\n\n
VNC server can be run as a normal systemd service. However, to run it, you need to assign a display number to the service. Systemd will automatically substitute the %i<\/code> with the specified display number.<\/p>\n\n\n\nStart and enable VNC server on a specific display number, by running run the command below.<\/p>\n\n\n\n
NOTE<\/strong> that am running this commands as remote VNC login user, janedoe<\/strong> in this case and starting VNC server on display number 2.<\/p>\n\n\n\nEnsure that the display number you are using is not being used;<\/p>\n\n\n\n
echo $DISPLAY<\/code><\/pre>\n\n\n\nStart VNC on display number not being used currently.<\/p>\n\n\n\n
systemctl --user enable vncserver@:2 --now<\/code><\/pre>\n\n\n\nTo ensure the service runs persistently, even when the user logs out, enable lingering;<\/p>\n\n\n\n
loginctl enable-linger<\/code><\/pre>\n\n\n\nTo check the status;<\/p>\n\n\n\n
systemctl status --user vncserver@:2<\/code><\/pre>\n\n\n\n\n\u25cf vncserver@:2.service - Remote desktop service (VNC)\n Loaded: loaded (\/home\/janedoe\/.config\/systemd\/user\/vncserver@.service; enabled; vendor preset: enabled)\n Active: active (running) since Mon 2021-06-21 13:29:55 EDT; 31s ago\n Process: 4696 ExecStart=\/usr\/bin\/vncserver :2 -geometry 1912x988 (code=exited, status=0\/SUCCESS)\n Process: 4690 ExecStartPre=\/bin\/sh -c \/usr\/bin\/vncserver -kill :2 > \/dev\/null 2>&1 || : (code=exited, status=0\/SUCCESS)\n CGroup: \/user.slice\/user-1001.slice\/user@1001.service\/vncserver.slice\/vncserver@:2.service\n \u251c\u25004703 \/usr\/bin\/Xvnc :2 -auth \/run\/user\/1001\/gdm\/Xauthority -desktop localhost.localdomain:2 (janedoe) -fp catalogue:\/etc\/X11\/fontpath.d -geometry 1912x988 -pn >\n \u251c\u25004716 \/usr\/libexec\/gnome-session-binary\n \u251c\u25004725 dbus-launch --sh-syntax --exit-with-session\n \u251c\u25004756 \/usr\/bin\/dbus-daemon --syslog --fork --print-pid 6 --print-address 8 --session\n \u251c\u25004768 \/usr\/bin\/VBoxClient --checkhostversion\n \u251c\u25004770 \/usr\/bin\/VBoxClient --checkhostversion\n \u251c\u25004804 \/usr\/libexec\/at-spi-bus-launcher\n...\n<\/code><\/pre>\n\n\n\nYou can as well stop the VNC server session by running;<\/p>\n\n\n\n
systemctl --user stop vncserver@:2<\/code><\/pre>\n\n\n\nAllow VNC Server Access on FirewallD<\/h3>\n\n\n\n
VNC server listens on TCP port 590N<\/strong>. Where N is the VNC display number. This port is incremented based on the VNC display number. For example, for a display number 1, the VCN listens on port 5901.<\/p>\n\n\n\nss -alt | grep 590<\/code><\/pre>\n\n\n\nLISTEN 0 5 0.0.0.0:5902 0.0.0.0:* \nLISTEN 0 5 [::]:5902 [::]:*<\/code><\/pre>\n\n\n\nIf firewalld is running, you need to open each VNC display port. For example to open port 5902 for display 2, execute;<\/p>\n\n\n\n
sudo firewall-cmd --add-port=5902\/tcp --permanent<\/code><\/pre>\n\n\n\nsudo firewall-cmd --reload<\/code><\/pre>\n\n\n\nTest VNC Server Connection<\/h3>\n\n\n\n
So how do you connect to your Rocky Linux 8 desktop via the VNC server? vncviewer<\/code> is the commonly used VNC client for connection to remote desktops via VNC server.<\/p>\n\n\n\nInstall TigerVNC package on another Rocky Linux 8, which provides vncviewer<\/code> utility.<\/p>\n\n\n\ndnf install tigervnc<\/code><\/pre>\n\n\n\nIf you are connection from Ubuntu\/Debain, install VNC viewer client:<\/p>\n\n\n\n
sudo apt install xtightvncviewer -y<\/code><\/pre>\n\n\n\nOnce the installation is done, you can test VNC server connection to your Rocky Linux 8 system from another host;<\/p>\n\n\n\n
vncviewer host_IP_or_hostname:5902<\/code><\/pre>\n\n\n\nWhere host_IP_or_hostname<\/strong> is the resolvable hostname for my Rocky Linux 8 desktop with VNC server running. It can be an IP address.<\/p>\n\n\n\nIf all is well, you will be prompted to enter the VNC authentication password.<\/p>\n\n\n\n
Connected to RFB server, using protocol version 3.8\nPerforming standard VNC authentication\nPassword: PASSWORD_SET_WITH_vncpasswd<\/strong><\/code><\/pre>\n\n\n\nAfter a successful authentication, you should now land on Rocky Linux 8 desktop environment.<\/p>\n\n\n\n![\"Install](\"https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/06\/vnc-viewer-rocky-linux.png\" "\\"\\"")
<\/figure>\n\n\n\nYou have successfully connected to your remote Rocky Linux 8 desktop via VNC server and that marks the end of our guide is all on how to install VNC Server on Rocky Linux 8.<\/p>\n\n\n\n
You can use a more secure way of logging into to a remote desktop via VNC using SSH by following the link below.<\/p>\n\n\n\n
Connect to VNC Server via SSH Tunnel<\/a><\/p>\n\n\n\nOther Rocky Linux 8 guides<\/h3>\n\n\n\n
Install phpLDAPadmin on Rocky Linux 8<\/a><\/p>\n\n\n\nConfigure SSSD for LDAP Authentication on Rocky Linux 8<\/a><\/p>\n\n\n\nInstall and Setup OpenLDAP on Rocky Linux 8<\/a><\/p>\n\n\n\n