Run vncserver for the first time as the user who will be connecting. This sets up the VNC password and initial configuration files.
vncserver
You will be prompted to create a password (at least six characters, eight recommended). You can also set a view-only password if desired.
This command will also start a VNC session on the first available display number (e.g., :1, corresponding to port 5901). Stop this initial instance for further configuration:
vncserver -kill :1
If you see an error like "No VNC server running on :1", it might have already stopped or failed to start fully; you can proceed.
Configure VNC to Use XFCE
Edit the VNC startup script to launch XFCE when a VNC connection is established. The file is ~/.vnc/xstartup.
nano ~/.vnc/xstartup
Make the content of the file look exactly like this, replacing any existing content:
#!/bin/sh
unset SESSION_MANAGER
unset DBUS_SESSION_BUS_ADDRESS
exec /usr/bin/startxfce4
Make the xstartup file executable:
chmod +x ~/.vnc/xstartup
Start VNC Server
You can now start the VNC server. Specify a geometry (screen resolution) if desired. For display :1 (port 5901):
vncserver :1 -geometry 1920x1080 -depth 24 -localhost no
-geometry: Sets the resolution of the VNC desktop. -depth: Sets the color depth (24 is common). -localhost no: Allows connections from remote machines. Without it, VNC will only listen on localhost.
Configure Firewall (UFW)
If you are using UFW (Uncomplicated Firewall), you need to allow traffic to the VNC port (5900 + display number). For display :1, the port is 5901.
sudo ufw allow 5901/tcp
sudo ufw reload
sudo ufw status (to verify)
Connecting to VNC Server
Use any VNC client software on your local machine to connect to your_server_ip:5901 or your_server_ip:1. You will be prompted for the VNC password you set earlier.
Optional: Create a Systemd Service for VNC
To have VNC server start automatically on boot and manage it as a service, create a systemd service file. Replace <USER> with your actual username.
Create the file /etc/systemd/system/vncserver@.service:
sudo nano /etc/systemd/system/vncserver@.service
Add the following content. Remember to replace <USER> with your Linux username in two places:
[Unit]
Description=Start TigerVNC server at startup for %i
ExecStart=/usr/bin/vncserver :%i -geometry 1920x1080 -depth 24 -localhost no -SecurityTypes VncAuth
ExecStop=/usr/bin/vncserver -kill :%i
[Install]
WantedBy=*
Reload systemd, enable and start the service for display :1:
sudo systemctl daemon-reload
sudo systemctl enable vncserver@*
sudo systemctl start vncserver@*
To check the status:
sudo systemctl status vncserver@*
To start VNC on a different display (e.g., :2), you would enable and start vncserver@*. Each user needing a VNC session should have their VNC password set up and can use a different display number if run under their own user context in the service file (or by manually starting vncserver).
