HOWTO: Access Your Desktop Remotely In Linux

Posted on Thu 09 March 2006 in Dispatches • 4 min read

Not everyone has use for this kind of feature, but I use it almost every day for a wide variety of uses. For example, I can check on a lengthy compilation process, test a theory using a one of the applications native to my Linux system, or to bypass a corporate internet filter when it has mistakenly blacklisted a site I need to access for code reference.

This kind of functionality is also handy if you want to share your desktop with other remote users. For example, if you are having difficulty and would like to give a friend the ability to take over and help you fix the problem.

Enter: the VNC protocol. VNC is a method of sharing X sessions across a network between a server and client. There are a variety of options available for you on both the server and client side, some servers will even generate a new X session for each user although this defeats the purpose of sharing a single desktop.

KDE users will find themselves tempted to use Krfb, which is KDE’s native desktop sharing server: Don’t.

Krfb is somewhat unpredictable and your mileage with it will vary greatly between distributions. However, in my experience it had a tendency to crash often and lock out further connections, which is frustrating when you are in the middle of something very important. It ran mediocre with about 15 minutes of use before the first crash on Kubuntu, and roughly 10 minutes on SuSE 9.3 and Gentoo. Don’t even bother with it.

The answer is the x11vnc server. Small, fast, easy to use and best of all, it just works. Check if your distro maintains a package for it, if not you can download the source from the above link and compile it yourself. Gentoo users can get it as easy as typing:

emerge -va x11vnc

:-)

The man pages document the server options extremely well, but I’ll run you through what I do to configure the server.

Set a password: A necessity, or else it will just be an open door once you start the server. To set a password and store it for future use pick some filename like foo.pwd and then enter the following command:

x11vnc --storepasswd yourpasswdhere foo.pwd

Your password is now stored encrypted in the file foo.pwd.

Start the server: You have a lot of options here, by default the server shuts down after the first user connects and then closes their session. This is a nice security feature as it will also lock all other users out. However you can use the -forever option to keep the server running until you manually stop it, and you can even use the -share option to allow multiple people to connect at once. I’m not going to cover all of the options, as there are a TON.

Usually what I do is ssh into my environment remotely and start the server when I need it as a one shot execution using the following command:

x11vnc -rfbauth foo.pwd -display :0

Basically this command tells the server to start using its defaults plus the specified options. The two options specified in my command are absolutely essential. -rfbauth instructs the server that the password to use is located the foo.pwd and that the server should use the encoded rfb protocol to verify the password. If you use any other option, passwords will be transmitted in clear text!!!!! Your mother taught you that clear text was bad for that, right? The second option indicates tells the server that the X session is located at display 0. Unless you have some kind of crazy configuration because you felt like dicking around, this will almost always be the case.

You’ll see a whole bunch of output, but don’t worry that means it is working. ;) If you see this line than everything is ready to go:

The VNC desktop is localhost:0
PORT=5900

Obviously your local computer’s name will appear instead of “localhost”. Take note of the port number as this will be needed to connect to the server later.

Connect with a client: I highly recommend the TightVNC client for all your remote desktop needs. It works very well on both Windows and Linux. Windows users can download an installer from the above link, Linux users probably have it in their package manager. Gentoo users:

emerge -va tightvnc

In Windows you will have a handy-dandy popup that will allow you to specify your host and port thusly: yourIPhere::5900 where “yourIPhere” is the IP address of the computer you are connecting to. You can also use the more generic display option (yourIPhere:0) but I prefer to use a port number. You’ll also want to specify encoding options. So, your full command will be:

vncviewer -encodings "copyrect tight zrle hextile" localhost:0

You will be prompted for the VNC password you set, and upon authentication you will have access to your desktop via the TightVNC viewer which I find to be very fast and reliable. Whoo-hoo!!!! :)

When you are done, simply close the TightVNC viewer window and it will disconnect. Unless you have specified the -forever option for your server it will also shut down.

This may seem like a lot on the screen, but you’ll be surprised at how easily and quickly you can get it up in running. I was able to install, run the server and connect to it in roughly five minutes.

Have fun!