How to run VNC on a linux machine and connect to it securely

VNC is remote control software that works crossplatform that does not require an X server on your remote machine. Unlike other Xwindow linux approaches, VNC also is happy to run as a user process. Basically, you start a personal VNC server on the remote linux machine and connect to it with either a web browser, or a VNC client on the local machine. For full details see the VNC homepage.

The problem with this is the communication between the two hosts is unencrypted. So to solve this, you can use a SSH tunnel. This is what I will describe how to do next.

Linux VNC server setup

Log into your Linux host box.
[bar]$ ssh foo

[foo]$ vncpasswd

Only set this vnc password once. You'll need it to connect from any remote or local client

[foo]$ vncserver -localhost

Do not omit the -localhost argument, this stops VNC from listening on the external interface. IMPORTANT Note the server number returned by vncserver after you launch it. You will need this number to kill the server and to configure the SSH client.

[foo]$ exit

Linux client

From your local linux desktop open an ssh session
[bar]$ ssh -L 5901:localhost:590n foo

Note that n is your server number. Above command connects you to foo with a tunneled port as well.

[foo]$ vncviewer localhost:n

You now should see your X session. When you are done using the session simply close the window. Don't bother logging out. Next time you want to reconnect, repeat the above 2 steps and you'll be right back in the session where you left it. If you really want to close your VNC X server, you must log back into foo
$ ssh foo
then use this command to close the server.

[foo]$ vncserver -kill :n

Windows client

The above process is somewhat different from windows, because you do not have an X server on your windows machine. You need to use the VNC client and an SSH session that opens the tunnel.

Install VNC on your PC. Get it from here. I am assuming you have the SSH client from installed. Get that software here.

In the SSH GUI you need to set up a tunnel. Follow the screenshots for details:

NOTE: Replace 5902 number with 590n where n is your server number.

Now Login to foo using the SSH Gui. Once logged in, run VNC viewer.