Digitalocean VNC in ubuntu allows us to use our keyboard and mouse to interact with a graphical desktop environment on a remote server.

Bobcares, as part of our DigitalOcean Managed Service, responds to all queries, big or small.

Let’s look at how to set up a VNC server on a Digital Ocean Ubuntu 22.04 machine.

Digitalocean VNC in Ubuntu

Virtual Network Computing(VNC), is a connection system that allows us to interact with a graphical desktop environment on a remote server using our keyboard and mouse. It allows users who are not yet comfortable with the command line to manage files, software, and settings on a remote server.

Prerequisites

• A single Ubuntu 22.04 server with a non-root administrative user and a UFW firewall.
• VNC client installed on a local computer. We need a VNC client that can connect over SSH tunnels. Many options are available, including vinagre, krdc, RealVNC, UltraVNC, and TightVNC.

Step 1: Installing the Desktop Environment and VNC Server

Because an Ubuntu server does not come pre-installed with a graphical desktop environment or a VNC server, we’ll start there. We’ll use the official Ubuntu repository to install packages for the latest Xfce desktop environment and the TightVNC package. Both Xfce and TightVNC are lightweight and fast, ensuring a smooth and stable VNC connection even on slower internet connections.

Follow the below steps to install the Desktop environment and VNC server:-

1. Firstly, use SSH to connect to the server.
2. Then, update the package list.
   sudo apt update
3. Then, Install Xfce and the xfce4-goodies package, which contains a few desktop enhancements.
   sudo apt install xfce4 xfce4-goodies
4. During installation, we may be asked to select an Xfce default display manager. Press ENTER after selecting one.
5. Once that installation completes, install the TightVNC server:
   sudo apt install tightvncserver
6. Then, run the vncserver command to create the initial configuration files, set a VNC access password, and start a VNC server instance.
   vncserver
7. To remotely access our machine, we’ll be asked to enter and verify a password.
8. The server’s default configuration files and connection information are then created by the process. Additionally, a default server instance is started on port 5901. This port is known as a display port, and VNC calls it:1.
9. We can use the vncpasswd command to change our password or add a view-only password at any time:
vncpasswd
10. The VNC server is now installed and operational. Now we’ll set it up to start Xfce.

Step 2:Configuring the VNC Server

When the VNC server starts up, it needs to know which commands to run. VNC, in particular, requires information about the graphical desktop environment to which it should connect. The commands that the VNC server runs at startup are stored in the xstartup configuration file in our home directory’s .vnc folder. We created the startup script when we ran the vncserver command in the previous step, but we’ll make our own to start the Xfce desktop.

1. Because we’ll be changing the VNC server’s configuration, use the following command to stop the VNC server instance currently running on port 5901.
   vncserver -kill :1
2. Then, before we modify the xstartup file, make a backup of the original file.
mv ~/.vnc/xstartup ~/.vnc/xstartup.bak
3. Make a new xstartup file now. Then, using a text editor like nano, open it:
   nano ~/.vnc/xstartup
4. Then, in the file, add the following lines:
   
#!/bin/bash
xrdb $HOME/.Xresources
startxfce4 &


   The first command in the file instructs VNC’s GUI framework to read the.Xresources file of the server user. Xresources is where a user can change things like terminal colours, cursor themes, and font rendering on the graphical desktop. The server is told to start Xfce with the second command. These commands will be executed automatically whenever the VNC server is started or restarted.
5. Finally, After adding these lines, save and close the file.
6. We’ll need to make this new startup file executable to ensure that the VNC server can use it properly:
chmod +x ~/.vnc/xstartup
7. Restart the VNC server after that.
vncserver -localhost

This time, the command includes the -localhost option, which connects the VNC server to the loopback interface on our server. As a result, VNC will only accept connections from the server on which it is installed.

In the next step, we’ll create an SSH tunnel between our local machine and our server, causing VNC to believe that the connection from our local machine came from our server. This strategy will add an extra layer of security to VNC because it will only be accessible to users who already have SSH access to our server.

Step 3:Connecting to the VNC Securely

When connecting to VNC, it does not use secure protocols. To connect to the server securely, we’ll create an SSH tunnel and instruct our VNC client to use that tunnel rather than a direct connection. On our local computer, create an SSH connection that securely forwards to the localhost connection for VNC. We can do this using the ssh command in the terminal on Linux or macOS:
ssh -L 59000:localhost:5901 -C -N -l bobcares our_server_ip

If we connect to our server with PuTTY, we can create an SSH tunnel by following the steps below.

1. Firstly, right-click on the terminal window’s top bar.
2. Then, click the Change Settings option.
3. In the tree menu on the left-hand side of the PuTTY Reconfiguration window, look for the Connection branch.
4. Then, click on Tunnels after expanding the SSH branch.
5. Enter 59000 as the Source Port and localhost:5901 as the Destination Port on the Options controlling SSH port forwarding screen.
6. Then click the Add button.
7. Finally, click the Apply button to implement the tunnel.

Connect to localhost:59000 using a VNC client once the tunnel is up and running. We’ll be asked to log in with the password we created in Step 1. We’ll see the default Xfce desktop once we’ve connected.

We can use the file manager or the command line to access files in our home directory. To stop the SSH tunnel and return to our prompt, press CTRL+C in our local terminal. This will also terminate our VNC session. Our VNC server can now be configured to run as a systemd service.

Step 4:Running VNC as a System Service

We can start, stop, and restart the VNC server like any other service by setting it up as a systemd service. To ensure that VNC starts when our server boots up, we can use systemd’s management commands.

1. First, create a new unit file called /etc/systemd/system/vncserver@.service
   sudo nano /etc/systemd/system/vncserver@.service
   We can pass an argument in the service configuration using the @ symbol at the end of the name. When we manage the service, we’ll use this to specify the VNC display port we want to use.
2. Add the lines below to the file. Change the values of User, Group, WorkingDirectory, and the username in the PIDFILE value to match our username.
   

   [Unit]
   Description=Start TightVNC server at startup
   After=syslog.target network.target
   
   [Service]
   Type=forking
   User=bobcares
   Group=bobcares
   WorkingDirectory=/home/bobcares
   
   PIDFile=/home/bobcares/.vnc/%H:%i.pid
   ExecStartPre=-/usr/bin/vncserver -kill :%i > /dev/null 2>&1
   ExecStart=/usr/bin/vncserver -depth 24 -geometry 1280x800 -localhost :%i
   ExecStop=/usr/bin/vncserver -kill :%i
   
   [Install]
   WantedBy=multi-user.target
3. If VNC is already running, the ExecStartPre command will stop it. The ExecStart command starts VNC and changes the colour depth to 24-bit colour with a 1280×800 resolution.
4. Then, save and close the file.
5. Then, inform the system about the new unit file.
   sudo systemctl daemon-reload
6. Finally, enable the unit file.
sudo systemctl enable vncserver@1.service
   The 1 after the @ sign indicates which display number the service should appear on, in this case the default:1 as mentioned in Step 2.
7. If the current VNC server instance is still running, stop it.
   vncserver -kill :1
8. Then, as with any other systemd service, start it.
   sudo systemctl start vncserver@1
9. Finally, we can verify that it started with this command.
sudo systemctl status vncserver@1

When our server boots up, the VNC server is ready to use, and we can manage it with systemctl commands just like any other systemd service. Restart our SSH tunnel to reconnect.

ssh -L 59000:localhost:5901 -C -N -l bobcares our_server_ip

Then, using our VNC client software, connect to localhost:59000 to connect to our server.

[Looking for a solution to another query? We are just a click away.]

Conclusion

To sum up, our Skilled engineers showed how to set up a VNC server on a Digital Ocean Ubuntu 22.04 machine.