The Wayland protocol is the latest graphical server software for Linux computers, and it has replaced the X11 system in most major distributions. Old tricks like X Forwarding over SSH and logging in through xhost
are on the way out, and remote access is now provided by the remote frame buffer protocol and Virtual Network Computing (VNC).
Now that VNC is the primary means of remote graphical login for Linux, new VNC applications are being written to integrate it with the rest of the desktop. This also means that Linux users and admins need to learn about new configuration options so that their computers can connect with one another.
There's not much to it, so this article demonstrates how to configure your system for screen sharing and troubleshoot when things go wrong.
A connection in two parts
There are two components to connecting over VNC, and you can use one or both components.
The remote host is the computer you're connecting to. You must configure it to allow connection requests. These configurations include screen-sharing permissions, internal firewall rules, and possibly external firewall rules and port forwarding.
The local host is the computer you're using when you want to reach out and connect to a remote screen. It must have an application to make and manage the VNC request. The GNOME desktop provides the Connections application to help you connect to remote machines from your local host.
[ Learn how to manage your Linux environment for success. ]
Configure GNOME
You must enable screen sharing on the remote machine before it even considers a VNC connection request. To allow screen sharing, open the Settings application from the Activities menu of the computer's GNOME desktop. If you've never had access to the remote computer, you'll have to talk the user through these steps or send them my Opensource.com article Share screens on Linux with GNOME Connections.
In GNOME Settings, click Sharing in the list in the left column. In Sharing, click on Screen Sharing. In the Screen Sharing window that appears, choose whether you want to require the user to accept a connection request by clicking an onscreen button or whether you prefer to create a password for entry.
Configure the firewall
VNC uses port 5900 by default, and the local firewall usually blocks that. You can open that port using firewall-cmd:
$ sudo firewall-cmd --add-service vnc-server
Alternately, you can use the Firewall application. The firewalld application is relatively simple. Find the service you want to add (vnc-server) and then click to enable it. After adding vnc-server
, open the Options menu and select Runtime to permanent if you want the rule to persist after a reboot.
You have now configured the remote host to accept VNC requests.
[ Get the guide to installing applications on Linux. ]
GNOME Connections
On your local computer, install the GNOME Connections application from GNOME Software or use your package manager:
$ sudo dnf install gnome-connections
Only the local computer connected to another computer requires this application. The remote computer sharing its screen does not need Connections; it only needs to have been configured to accept VNC requests.
In GNOME Connections, click the plus (+) icon in the top left to add a destination host. Select the VNC protocol, enter the user name and host or IP address you want to connect to, and then click the Connect button.
If you've configured the remote host to require a password for VNC, then you're prompted for the password before the connection is made. Otherwise, the user on the remote machine receives an alert asking whether they want to allow you to share their screen. As long as they accept, the connection is made, and you can view and even control the mouse and keyboard of the remote host.
Troubleshoot VNC connections
When a VNC connection fails, there are a few likely reasons. Here's a checklist in the order you should diagnose each problem:
Screen sharing
Problem: The remote host isn't configured to permit screen sharing.
Solution: Enable screen sharing in the Sharing section of GNOME Settings.
Access not granted
Problem: The remote host is configured to permit screen sharing but requires a user to let you in, and there's no user currently at the computer, or the user isn't accepting your connection request.
Solution: Ensure that a user is at the remote host and that they're able to find the notification for the connection request. If the notification vanishes before the user can accept it, it can usually be found logged in the notification center. Access the notification center by clicking the GNOME clock in the center of the top of the screen.
Password
Problem: The remote host is configured to require a password, and you're entering the incorrect password.
Solution: Verify or reset the password on the remote computer.
Local firewall
Problem: The remote host's internal firewall is blocking port 5900. For firewall-cmd
, rules made without the --permanent
flag don't persist across reboots. It's not uncommon for VNC to work one day and then fail the next because port 5900 wasn't added as a permanent exception.
Solution: Use the --permanent
flag with firewall-cmd
. In the graphical firewalld application, you must go to the Options menu and select Runtime to permanent after you add vnc-server
.
[ Cheat sheet: Get a list of Linux utilities and commands for managing servers and networks. ]
Network firewall
Problem: If you're on a separate network than the remote host, the network firewall may be blocking you from connecting through port 5900.
Solution: A network admin (that might be you) must modify the gateway's firewall rules to permit port 5900.
Port forwarding
Problem: To get to a specific host on a separate network using network address translation (NAT), you probably need port forwarding enabled so that the gateway to the network knows where to direct your incoming traffic.
Solution: Preferably, your target network has a virtual private network (VPN) for you to join so that internal addresses are resolved.
Failing that, a network admin (if that's you, consider setting up a VPN with Wireguard) must configure the network's router to forward incoming traffic for a specific port to be routed to the host you're trying to reach. Unless VNC is used only for that particular host, this probably means that the port you use for VNC needs to change. For instance, instead of port 5900, you might use 59001 so that all incoming traffic to example.com:59001
gets routed to remotehost:5900
.
Should this be necessary, you must adapt the Uniform Resource Identifier (URI) in GNOME Connections from, for instance, tux@10.0.1.23
to tux@example.com:59001
. In other words, you no longer target the individual host from your computer; you target a special port on the host's gateway router. The router targets the remote host you want to connect with.
Use the power of VNC
GNOME Connections isn't the only VNC application, but it's a great example of a simple dashboard for remote management. After you connect to a host, the connection details are stored in Connections so that you can quickly and easily connect again later. VNC is an excellent, open source way to connect to hosts on any operating system, and GNOME Connections makes it simple.
Über den Autor
Seth Kenlon is a Linux geek, open source enthusiast, free culture advocate, and tabletop gamer. Between gigs in the film industry and the tech industry (not necessarily exclusive of one another), he likes to design games and hack on code (also not necessarily exclusive of one another).
Nach Thema durchsuchen
Automatisierung
Das Neueste zum Thema IT-Automatisierung für Technologien, Teams und Umgebungen
Künstliche Intelligenz
Erfahren Sie das Neueste von den Plattformen, die es Kunden ermöglichen, KI-Workloads beliebig auszuführen
Open Hybrid Cloud
Erfahren Sie, wie wir eine flexiblere Zukunft mit Hybrid Clouds schaffen.
Sicherheit
Erfahren Sie, wie wir Risiken in verschiedenen Umgebungen und Technologien reduzieren
Edge Computing
Erfahren Sie das Neueste von den Plattformen, die die Operations am Edge vereinfachen
Infrastruktur
Erfahren Sie das Neueste von der weltweit führenden Linux-Plattform für Unternehmen
Anwendungen
Entdecken Sie unsere Lösungen für komplexe Herausforderungen bei Anwendungen
Original Shows
Interessantes von den Experten, die die Technologien in Unternehmen mitgestalten
Produkte
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Cloud-Services
- Alle Produkte anzeigen
Tools
- Training & Zertifizierung
- Eigenes Konto
- Kundensupport
- Für Entwickler
- Partner finden
- Red Hat Ecosystem Catalog
- Mehrwert von Red Hat berechnen
- Dokumentation
Testen, kaufen und verkaufen
Kommunizieren
Über Red Hat
Als weltweit größter Anbieter von Open-Source-Software-Lösungen für Unternehmen stellen wir Linux-, Cloud-, Container- und Kubernetes-Technologien bereit. Wir bieten robuste Lösungen, die es Unternehmen erleichtern, plattform- und umgebungsübergreifend zu arbeiten – vom Rechenzentrum bis zum Netzwerkrand.
Wählen Sie eine Sprache
Red Hat legal and privacy links
- Über Red Hat
- Jobs bei Red Hat
- Veranstaltungen
- Standorte
- Red Hat kontaktieren
- Red Hat Blog
- Diversität, Gleichberechtigung und Inklusion
- Cool Stuff Store
- Red Hat Summit