Ubuntu 12.04 Precise Pangolin – Complete VNC Server Setup

There are lots of guides for setting up VNC Server on 12.04, so why write another one?
I had my own requirements for setting up VNC:

1. It had to be configurable “headless” on a server or desktop ubuntu install via SSH.
2. I prefer to use vnc4server
3. You need to install gnome-session in 12.04 (in previous unity distros, it was pre-installed IIRC)

Without covering all the above points, a VNC install walkthrough is pretty pointless. There are plenty of prettier, easier, GUI based install guides. This assumes terminal, VNC and X11 knowledge. If you somehow break your config, you need to be able to work it out for yourself or with help from the ubuntu community.

First things first, make sure you have these packages, as they are essential to get this working. If you get a screen when you try and connect via VNC which only allows you to log out, it’s probably because you skipped these earlier steps.

sudo apt-get update
sudo apt-get install gnome-core gnome-session-fallback

Obviously this updates your package list to the latest 12.04 releases. You can optionally “sudo apt-get upgrade”, to keep your ubuntu up to date.
Now we get into install a VNC server and configuring it.

sudo apt-get install vnc4server
This installs the VNC server software we are going to use.

vncserver
vncserver -kill :1
cp .vnc/xstartup .vnc/xstartup.bak
nano .vnc/xstartup

The first line fires up VNC server with the default config. We do this because it will prompt you to enter a password. Bear in mind that passwords longer than 8 characters will be truncated to 8 characters :/ We’ll cover the security implications in a bit.
The second line kills the default VNC session.
The third line can be omitted, but it’s traditional IT paranoia.
The fourth line opens nano and allows you to edit the config for VNC server.

You need to edit the file to make it look like this:
#!/bin/sh

# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
#exec /etc/X11/xinit/xinitrc
gnome-session –session=gnome-classic &

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
#x-terminal-emulator -geometry 80×24+10+10 -ls -title “$VNCDESKTOP Desktop” &
#x-window-manager &

The changes of note are removing the # in front of unset SESSION_MANAGER (making that line active) and adding the “gnome-session –session=gnome-classic &” line, before commenting out (with hash) the x-terminal-emulator and x-window-manager lines. If you don’t do this, your VNC session will start, but it will be a blank grey hatched background.

EDIT: Make sure your file looks like this. WordPress is turning my double-dash into a single longer dash by the look of it, and triple dash doesn’t seem to fix it:Screen Shot of VNC4 login configuration

Save your changes to the file, and exit (in nano, it’s ctrl-x).

Now, we killed the VNC server session that was running before. So recreate it using the screen size you want. I use 1024×768 on my iPhone to reduce bandwidth, but that might not suit what you want to do. You can add -depth 24 for more colours, or -depth 8 to force 256 colour mode which is required for some VNC clients especially on mobile phones:
vncserver -geometry 1680x1050

so a good phone config might be:
vncserver -geometry 1024x768 -depth 8

iSSH connecting

iSSH connecting

iSSH connected to Ubuntu 12.04 Precise Pangolin via VNC over SSH

iSSH connected to Ubuntu 12.04 Precise Pangolin via VNC over SSH

If you get a grey screen when you try and connect tunnelling over SSH, don’t panic. Try using port 5902, because you might not have killed the initial session properly, or restarted a default one by mistake. If you don’t know what I mean by tunnelling, you might find that you can’t connect to the VNC server. The problem is the built-in firewall, ufw.

You can use the following code to see if ufw is enabled, and what it’s rules are:
sudo ufw status

If it’s enabled we need to tell it that it’s safe to allow VNC connections to the machine. But before we do that, a shot digression on security:

Hopefully your computer is behind a firewalled NAT. Most are these days, but if you are connecting directly to a modem, with no other computers connected to it, this might not be safe. As the maximum password length is 8 characters, there is a very finite number of passwords that exist. In theory, a hacker could see that your VNC port is open, and start guessing your password using software that will keep trying combinations until it gets in. After we open a hole for VNC in the firewall, we will test whether it’s visible to the internet.

Okay, so to open a hole in the firewall we need to add a rule that allows connections on the correct port, which are initiated from outside your computer. Obviously the computer doesn’t dial out to your phone, and command it to connect via VNC, the phone or other external device is the instigator of the connection, and this is what a firewall is designed to prevent.

sudo ufw allow 5901
This tells ufw to allow connections for screen0 and screen1 over VNC to any outside computer.

Now we will test whether there is another firewall in between your computer and the internet.

Go to the ShieldsUp! site, and click “proceed” enter “5900-5902″ into the blank box then “user specified custom port probe” button below. If it says “Stealth” in green for each port, then your system is secure.

ShieldsUp! Scan of VNC ports - Stealthed!

If you don’t get the green “Stealth” next to each port, you have opened a potential vulnerability to your system.
Fix this by reversing the firewall rule we made:
sudo ufw deny 5901

Assuming you have SSH access remotely for this machine, you can tunnel the SSH connection from an external machine with ssh -NfL 5901:127.0.0.1:5901 user@remote.host replacing the 5901s with the correct port for the desktop you want to access if necessary. You can now VNC to the server by telling the machine you run the above code on, to connect to itself on the same port. Alternatively, because of the ufw fix, you can connect directly while on the same subnet.

If you use an iOS device, i highly recommend iSSH as it allows you to easily set up an SSH tunnelled VNC connection.

We are nearly done!

Once you reboot, The VNC Server isn’t up any more.

sudo nano /etc/rc.local

Go to the line above “exit 0″.
paste in: “/usr/bin/vncserver -geometry 1024×768 -depth 8″ or similar.

You are now done!

EDIT: If you get a grey screen, please read the comments. There is a problem with how wordpress renders double-dashes, apparently turning them into a single dash, which will misconfigure your vnc login data. The other most common problem is that VNC server doesn’t work on startup automatically. Check that you’ve edited your /etc/rc.local correctly, and that you are connecting to the correct port for screen 0. The way VNC server works, the first “screen” is 0, the next is 1, the next is 2. If you are trying to connect to screen 1, then it won’t appear to be running, because the rc.local version will be running on screen 0.

About these ads

93 thoughts on “Ubuntu 12.04 Precise Pangolin – Complete VNC Server Setup

  1. Nice work, I really appreciated the article. It was the only one that worked out of the box.

    There’s 2 dashes before the word session (I think the CMS is removing one)
    “gnome-session –session=gnome-classic &”

  2. thanks
    fallowed all the steps and every thing is working except that i get unity instead of gnome classic.

      • I’m away from home at the moment. I’ll see if I can replicate the problem when I get back. Can you check if you’ve got double dashes in there, like another comment recommends?

      • my bad. the hash in the fallowing line was missing.
        #x-window-manager &

        tried to start cheese on command line and i get “Clutter-CRITICAL **: Unable to initialize Clutter: Unable to find suitable fbconfig for the GLX context: Failed to find any compatible fbconfigs”
        It starts directly on the pc and it used to start in x11vnc.

  3. Reblogged this on arman belajar linux and commented:
    Nemu tutorial yang cukup mencakup ttg instalasi dan konfigurasi VNC server.. *tapi ane belum berhasil, tampilannya gda toolbar dll, kayaknya DE (Desktop Environmnet)-nya belum terinstall dan dikonfigurasi dengan baik, ntar deh dicoba lagi.. ato nyari tutorial yang lain..

  4. adding the line to rc.local does not work to adding to startup on 12.04 server. Do you know a fix. I have tried update-rc.d, also tried using a cron job to @reboot.. nothing will start my vnc service on boot wtf am i doing wrong?

  5. Hi coddswallop,
    mate i am geeting the following when trying to install gnome-core gnome-session-fallbak?

    Errors were encountered while processing:
    bluez
    gnome-bluetooth
    gnome-shell
    gnome-user-share
    gnome-core
    gnome
    E: Sub-process /usr/bin/dpkg returned an error code (1)

    any ideas?
    cheers

  6. Hello… thanks I got the server working. But… yes a but.. the server creates another session.. but i want to connect or manage my current session. Cuz this is where I got my amarok playing, and I just want to be able to change music via the vnc. thanks.

  7. I followed your instructions exactly but when I connect to the VNC server all I get is a grey screen with three check boxes in the top left that seem to be options for the VNC server and no title bar:

    Accept clipboard from viewers
    Send cliboard to viewers
    Send primary selection to viewers

      • yes how did you fix this? Also, it does not start when i reboot, but when I run the command it connects, but I get the grey screen with 3 boxes.

  8. Very nice and much appreciated but
    sudo apt-get install gnome-core gnome-session-fallback
    fails for me with “E: Unable to locate package gnome-session-fallback”

    It must be working for everyone else. How come?

  9. I’m struggling with this as well… I’m getting a grey screen with an “x” for a mouse cursor but nothing else.

    I double checked my script… (it’s also on other websites exactly the same as here)

      • Please re-read the article. I’ve attached a screen grab of what I typed into WordPress. It’s rendering “–” (double-dash) as a single long dash “-”.
        All the problems with a cross mouse cursor + grey background are caused by this problem.

      • Did you get any errors, along the way?
        Can you post up the response for “cat ~/.vnc/xstartup”.
        Just to confirm, you run vncserver manually, and you get the grey screen?

      • I have my desktop available now… but no “system tray”, no dashboard, no App launcher :(
        how can I have them back?
        thanks again

  10. Thanks for your help… there was a “permission denied” in the log file when I was trying to run my xstartup script… Somehow the xstartup file had been changed to root:root. A quick chown fixed it and it’s now working again!

    Thanks very much for your time!

  11. If you are getting the grey screen with three check boxes this can be cured by adding one new line to the .vnc/xstartup file.
    Just add “unset DBUS_SESSION_BUS_ADDRESS” to a new line after the “unset SESSION_MANAGER” line. This should resolve the problem.

  12. I am having the same problem as moreje described: No launcher, no panel bar. Just a blank desktop!

    The fix is add a line after “gnome-session –-session=gnome-classic &” :
    “gnome-panel &”

    Now I am having another problem: On the upper-left corner of the remote desktop, there is always a grey box with 3 checkbox. How can I get rid of it?

    • I have the same problem, but with two checkboxes. There is an error in my log “(gnome-session:16468): WARNING **: Unknown option -–session=gnome-classic”, which I can’t get rid of, which could be the cause of this problem. In any event, it works well enough for my needs, for the moment, so I’m using it as is.

      • Finally, to get the thing working properly, I had to fix the “Unknown option” problem, which I did by replacing the default gnome session with the gnome-classic session, in /usr/share/gnome-session/sessions:

        $ sudo cp -p /usr/share/gnome-session/sessions/gnome.session /usr/share/gnome-session/sessions/gnome.session.BAK
        $ sudo cp -p /usr/share/gnome-session/sessions/gnome-classic.session /usr/share/gnome-session/sessions/gnome.session

        Then, in the xstartup script, I changed “gnome-classic” to “gnome”, i.e:
        gnome-session –session=gnome To get the startup to work from /etc/rc.local, I added:
        su myuserid -c “/usr/bin/vncserver -geometry 1024×800″

        This will run in my home directory where the .vnc directory is, when executed during startup.

        The only remaining problem that I detected, is that you can’t logout using the gnome desktop icon, it leaves the desktop partially running for some reason.

  13. K, followed all the steps- setup and config went fine, but I get a gray screen with three options check boxes on it and no way to continue. I am on the correct port. Please help.

  14. Pingback: Installing VNC server/client in Ubuntu 12.04 | MoVn - Linux Ubuntu Center

  15. I’m having a problem where the colors are just completely messed up. Everything else works fine. Any ideas what causes that?

  16. I got the the gray screen problem and fixed it by adding ““unset DBUS_SESSION_BUS_ADDRESS”” like Wezzer said, but this is a whole new desktop,
    How do I get to the same desktop, via vnc, as when I log in to Ubuntu, the one with unity and all the stuff I’ve put in it?

    • If I run vncserver :0, it says “is taken because of /tmp/.X0-lock
      Remove this file if there is no X server my-machine-name:0
      A VNC server is already running as :0″
      If I vnc from outside into my-machine-name:0 it says connection refused.
      What I’m I missing here?

  17. It works for me thank you.
    The only question I have is can we make the VNC server start *before* the login screen. So I can have another user VNC in, then log in as themself?
    TIA

    • I’m afraid I don’t understand the question. You should be able to log in, even if the screen is on the login screen. I’m not sure what you mean by ‘before’. Can you go into more detail.

      • Thank you for the reply.
        OK, what I mean is this, if the server computer is restarted, or if I log out of my account on that server, then it will be sitting on a login screen. My VNC Server doesn’t appear to be running at this time, so neither I nor another user can VNC in and log in. In other words, someone has to physically log into that server, and then the VNC server process starts running.
        I am hoping to have the VNC server running while the login screen is displayed, so that we can remotely log in in case of a restart.
        Thanks!

      • That is strange. The vnc server should start with the system. To troubleshoot the problem, maybe ask on the ubuntu forums. It may be that the init.d entry is wrong.

  18. Great tutorial! However I’m still stuck with gray background and 3 checkboxes. Already checked the double dashes. What I get from the log file is:

    Fri Nov 9 19:24:12 2012
    vncext: VNC extension running!
    vncext: Listening for VNC connections on port 5901
    vncext: created VNC server for screen 0
    error opening security policy file /etc/X11/xserver/SecurityPolicy
    Could not init font path element /usr/X11R6/lib/X11/fonts/Type1/, removing from list!
    Could not init font path element /usr/X11R6/lib/X11/fonts/Speedo/, removing from list!
    Could not init font path element /usr/X11R6/lib/X11/fonts/misc/, removing from list!
    Could not init font path element /usr/X11R6/lib/X11/fonts/75dpi/, removing from list!
    Could not init font path element /usr/X11R6/lib/X11/fonts/100dpi/, removing from list!
    Could not init font path element /usr/share/fonts/X11/Type1/, removing from list!
    Could not init font path element /usr/share/fonts/X11/75dpi/, removing from list!
    Could not init font path element /usr/share/fonts/X11/100dpi/, removing from list!

    Fri Nov 9 19:24:14 2012
    Connections: accepted: 0.0.0.0::58813
    SConnection: Client needs protocol version 3.889
    SConnection: Client uses unofficial protocol version 3.889
    SConnection: Assuming compatibility with version 3.8
    SConnection: Client requests security type VncAuth(2)
    VNCSConnST: Server default pixel format depth 8 (8bpp) colour-map

    Fri Nov 9 19:24:15 2012
    VNCSConnST: Client pixel format depth 32 (32bpp) little-endian rgb max
    255,255,255 shift 16,8,0

    ** (gnome-session:5469): WARNING **: Unknown option -–session=gnome-classic

    Any suggestions?

    Thanks in advance

    Marco

  19. I was also getting the Grey cross on black screen.

    In my case I had accidentally uncommented out the the line:
    # exec /etc/X11/xinit/xinitrc

    This should stay commented out.

    In terms of getting tunneling working on windows with putty, i followed this guide
    http://crl.ucsd.edu/handbook/vnc/index.php

    This was tested on Ubuntu server 12.10 (Quantal Quetzal)

  20. When I am trying to install the gnome-classic and gnome-session-fallback, I am getting a box requesting which Display Manager I want, gdm or lightdm, I’m guessing one is Gnome?

    • Are you running 12.10 or 12.04? I haven’t had this under 12.04. I’d guess GDM as that’s probably what you are running now. You can use apt to reconfigure if the other option is the right one.

      • Running 12.10…so I’ve re-installed from a fresh image, back to the base install, no vnc, no gnome-core. Seems like gnome is failing spectacularly when I try to run VNC Server, and nothing happens when I try to log in remotely.

      • Hmm, I’m afraid I haven’t tried this with 12.10. What errors are spitting out? This headless server does have a graphics card, right?

  21. I can´t really get this to work, i just get the connection refused (10061) error. Even when i had shut down the server, i guess some other vnc server is running

      • disable the firewall on the server or on the remote. I always start the vnc server from command line

      • The server. If you start vnc manually, ie by invoking it using it’s name, not init.d or service, then you’ll get z “cannot bind port” error when you start it.

      • I´m prety new to this kind of stuff, where is the vnc4server application located and how do i disable the firewall?

  22. “I prefer to use vnc4server.”

    What are your reasons for preferring vnc4server to tightvncserver which is optimized for bandwidth efficiency with zlib compression when available?

  23. If anyone is still faced with the grey screen and black x, try the following as a last resort:

    chmod +x .vnc/xstartup

    .vnc/xstartup must be executable as I found while trying to make this entire installation into a script (and it appears to have been successful). Will post a link to the script when I am happy with it.

    Mark.

  24. This post is awesome! I kept trying to get vnc working but with other solutions off google nothing worked. But the changes you described for .vnc/xstartup just fixed it all up. So, thank you!

  25. Hello,

    like many other people googling for “ubuntu vnc”, I found your post useful, but gosh! WordPress auto corrections! Please spend couple of minutes and replace all code blocks with links to somewhere like pastebin.com – because it’s a pain to copy-paste the code from your site and then try to uinderstand what went wrong.

    Alright, we figured about double “-” incorrectly “corrected” by your WordPress installation.
    But there is another catch! Look, here is the line of code copied from your post’s content:

    http://pastebin.com/95qkQTk8

    Do you see the difference? WordPress was so smart it replaced “x” with “×”! (Facepalm)

  26. I’m a complete Linux/Unbuntu novice. Just upgraded from 10.x to 12.04. Yours is the third example I’ve tried, since the first two didn’t work, everything up to modifying the xstartup file went smoothly until:
    nano .vnc/xstartup
    There was no file to edit so I typed in the script you provided but nano (2.2.6) wouldn’t save it:
    [Error writing .vnc/startup: no such file or directory ]
    Any suggestions?

    • Okay, so the .vnc folder (which is invisible because of the . at the start of the name) doesn’t exist. It might be that you aren’t trying to access it from your home directory (where it should live), because you are working in another directory.

      Try this instead.
      nano ~/.vnc/xstartup

      The ~/ tells nano to look in your home directory for the .vnc directory and open the xstartup folder inside.
      The xstartup file in the .vnc folder are created (or should be created) by default when you install the software with apt-get.

  27. Started over from the beginning and was able to change and save xstartup, there is a space and the 2 dashes before session but I’m getting the grey screen with the 3 check boxes. The log file lists several errors/warnings:
    error opening security policy file /etc/X11/xserver/SecurityPolicy
    Could not init font path element /usr/X11R6/Lib/X11/fonts/Type1, Speedo, misc, 75dpi, 100 dpi/, removing from list! ( 5 different lines)
    gnome-session[2251]: WARNING: Failed to acquire org.gnome.SessionManager

    • These errors sometimes indicate that your xstartup file has the wrong permissions.
      please post the result of:

      ls ~/.vnc/xstartup

      Try:

      chmod 755 ~/.vnc/xstartup

      and restart your computer. Let me know how it goes.

  28. “1s ~/.vnc/xstartup” returned
    1s: command not found
    chmod 755 … and restart gave me the same results with the addition of a window with:
    Could not acquire name on session bus

  29. The contents of the log file:
    Wed Jul 24 08:52:28 2013
    SConnection: Client needs protocol version 3.8
    SConnection: Client requests security type VncAuth(2)

    Wed Jul 24 08:52:35 2013
    VNCSConnST: Server default pixel format depth 16 (16bpp) little-endian rgb565
    VNCSConnST: Client pixel format depth 8 (8bpp) colour-map
    VNCSConnST: Client pixel format depth 16 (16bpp) little-endian rgb565

    Wed Jul 24 08:53:01 2013
    Connections: closed: 0.0.0.0::64122 (Clean disconnection)
    SMsgWriter: framebuffer updates 10
    SMsgWriter: raw rects 1, bytes 16396
    SMsgWriter: hextile rects 8, bytes 29964
    SMsgWriter: ZRLE rects 2, bytes 2510
    SMsgWriter: raw bytes equivalent 2491922, compression ratio 50.990833

  30. Pingback: Start server4vnc with Unity | WyldePlayground.netWyldePlayground.net -

  31. Pingback: Start server4vnc with Unity | Ubuntu InfoUbuntu Info

  32. Ok, I’ve done everything on this, but after I run vncserver -geometry 1024×768 -depth 8 it doesn’t spit out any error messages, however when I try to connect to the server it just says timed out.

    I looked at the log file and this is what I’m getting.

    22/08/13 00:07:27 Xvnc version TightVNC-1.3.9
    22/08/13 00:07:27 Copyright (C) 2000-2007 TightVNC Group
    22/08/13 00:07:27 Copyright (C) 1999 AT&T Laboratories Cambridge
    22/08/13 00:07:27 All Rights Reserved.
    22/08/13 00:07:27 See http://www.tightvnc.com/ for information on TightVNC
    22/08/13 00:07:27 Desktop name ‘X’ (Gradius:1)
    22/08/13 00:07:27 Protocol versions supported: 3.3, 3.7, 3.8, 3.7t, 3.8t
    22/08/13 00:07:27 Listening for VNC connections on TCP port 5901
    Font directory ‘/usr/share/fonts/X11/75dpi/’ not found – ignoring
    Font directory ‘/usr/share/fonts/X11/100dpi/’ not found – ignoring
    gnome-session[2359]: WARNING: Failed to acquire org.gnome.SessionManager
    No VNC extension on display :1
    gnome-session[2359]: Gdk-WARNING: gnome-session: Fatal IO error 11 (Resource temporarily unavailable) on X server :1.

    Help please! I’m running 12.04

  33. Hi, I have done all the instructions correctly as I assume, but I was just getting a grey screen with a terminal but nothing else. How can I overcome this……….

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s