Remote Viewing-Not Just a Psychic Power


The server command is simply vncserver. When you run this command, a directory named .vnc is created in your home directory if it doesn't exist already. If a password has not been set yet for this instance of the VNC server, it will ask you to enter one. It is saved in the file passwd in encrypted form. If you want to change it, you can use the command vncpasswd. In this directory, you also should find log files for each instance of vncserver that you start, as well as a pid file containing the PID of any currently running instances of vncserver.

The last file of interest is the xstartup file. This is the file that is used when you start vncserver to set up all the required options and also lay out what will be run on the vncserver desktop. The defaults on my Ubuntu system look like this:


xrdb $HOME/.Xresources
xsetroot -solid grey
#x-terminal-emulator -geometry 80x24+10+10 -ls -title 
 ↪"$VNCDESKTOP Desktop" &
#x-window-manager &
# Fix to make GNOME work

So in this case, it sets the background to gray and then tries to run whatever session is defined in the global script Xsession. This is where you can do some editing and make it your own. I prefer Fluxbox as a window manager on smaller screens. So you can simplify this to:

xrdb $HOME/.Xresources

Starting this gives you a nice-looking desktop running Fluxbox. If the client that is going to be connecting to this has to deal with a smaller screen size (like on a Netbook), you can set the desktop size on the command line with the -geometry option. You also can set the color depth of the virtual desktop with the -depth option. So, to set up a server that looks nice when I connect to it from my Netbook, I would use this:

vncserver -geometry 800x600

Now, what about the other end? There are two general classes of vncviewer applications, GUI and command line. The GUI versions, like the most common ones for Mac OS X and Windows, have point-and-click access to all the relevant options. They also have them in different locations, depending on who wrote your particular favorite viewer. Because VNC is a protocol (kind of like FTP or HTTP), there is a great deal of variation in what you get from the various implementers. Let's look at the command-line versions here and see what you can do with those. The GUI versions should have comparable options available. To connect to a vncserver, you would run:

vncviewer hostname:port

where hostname is either the true hostname of the remote machine or its IP address. port is the port number on which the vncserver is listening, starting at 1. This number is added to the default starting port number 5900, so the actual network port number in this case is 5901. This will try to connect to the given server, and it will ask for a password if one had been set during vncserver's startup. Then, you get a nice Fluxbox desktop.

Figure 2. Fluxbox Running under vncserver

There are lots of options for changing various parts of what is being transmitted, such as the encoding algorithm, the compression level and the quality level. Playing with these options can improve your session's responsiveness, potentially at the cost of some image quality. Depending on what work you are trying to do, this may not be a trade-off you are willing to make.

Although you can force some kind of authentication on VNC, that may not be enough in these security-conscious days. You may have to work with a remote machine that sits behind a firewall that allows only SSH traffic. What can you do? VNC allows for tunneling of the protocol over an SSH connection by using the -via gateway option. This gateway machine is the machine that you are SSHing in to for the tunneling. If this is the same machine as your vncserver, the command would look like this:

vncviewer -via localhost:1

This tells vncviewer to ssh to as user "user", then connect to vncserver on the localhost to—in other words, itself. There is no reason that these need to be the same machine. This means you could connect to a vncserver on a machine behind a security gateway machine. In this case, it would look like this:

vncviewer -via

Be aware that VNC still will ask you to authenticate after the SSH session has been established.


Hopefully, this article has provided some options for those times when you just can't live without a nice graphical interface. Even when you are forced to squeeze through an SSH connection, you still can have all of that great GUI goodness. If you know of other ways of getting a graphical interface on a remote machine, I would love to hear about them.


Joey Bernard has a background in both physics and computer science. This serves him well in his day job as a computational research consultant at the University of New Brunswick. He also teaches computational physics and parallel programming.


Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

NoMachine tops them all

Anonymous's picture

I've been using NX since about 2005 and there's no other alternative for me. I've also started using their latest preview version for access to Mac. Amazing!!!

X11 and VNC

Radio Online Batak's picture

why are X11 and X11 over SSH notoriously slow? what diffrent VNC?

try Ulteo

Anonymous's picture

It's a very nice application delivery solution.

cannot open display

Anthony Lamus's picture


Somehow I can't make this work with xauth... The only way around it I found so far is to "ssh -X" instead..!

anthony@XXXX:~$ echo $DISPLAY
anthony@XXXX:~$ xauth extract - $DISPLAY | ssh tony@localhost xauth merge -
tony@localhost's password:
anthony@XXXX:~$ ssh tony@localhost
tony@localhost's password:
Linux XXXX 2.6.35-30-generic #61-Ubuntu SMP Tue Oct 11 15:29:15 UTC 2011 i686 GNU/Linux
Ubuntu 10.10
tony@XXXX:~$ ls -l .Xauthority
-rw------- 1 tony tony 109 2012-03-16 10:22 .Xauthority
tony@XXXX:~$ touch mytest
tony@XXXX:~$ ls mytest
tony@XXXX:~$ gedit
(gedit:29325): Gtk-WARNING **: cannot open display:
tony@XXXX:~$ gedit -display :0.0
(gedit:29327): Gtk-WARNING **: cannot open display:
anthony@XXXX:~$ su - tony
tony@XXXX:~$ gedit -display :0.0
No protocol specified
(gedit:29431): Gtk-WARNING **: cannot open display: :0.0

Any clue as to why?

Default configuration of /etc/ssh/ssh-config

Jesse Pollard's picture

Then entry ForwardX11 needs to be yes. Comments in the file indicate you may need ForwardX11Trusted set to yes instead.

NX wasn't exactly snappy

Otomobil Haberleri's picture

NX wasn't exactly snappy under those conditions, but it was completely usable. I turned off encryption, since I was using VPN already.

X works just fine.

Jesse Pollard's picture

Even over long distance (I have used X over ssh from a Washington DC site to San Diego California. What counts is the infrastructure.

Ssh also compresses the X protocol. What can slow it down is the multiplexing of streams across a connection. Most X applications have multiple streams (dialog/menu/workspace,...) and depending on how it is written, each independant window gets a separate stream.

The problem with replacements is what they DON'T support. Most don't allow "cut&paste" from a window from one system, to a window on another system.

The other bottleneck is solvable - nearly all toolkits open multiple 3d windows (even scrollbars are composed of a minimum of 4 windows) and each handles the border/background/scrolling independantly. And this multiplies the I/O overhead.

The solution is (of course) more software on the server - I think it should have a "toolkit plugin" that handles most of the overhead, with only the final operation passed back to the application. The common functions (dialog, scrolling, icons,menus) should be handled by the plugin - eliminating the need to pass draw/redraw events/requests over the net. This would also simplify the various toolkits, and allow a more common display presentation.

Right now, the only thing used this way are the "window manager hints" which are handled locally (to the X server).

X Window Service (X, X2, X3, X4, X5, ..., X11)

Anonymous's picture

The X Window system as been around long before 1987. The number after the X is the protcol level. I remember getting color in X back in 1985. Also back in the late 80s there was "shared X" which allowed a user to create a window (the shared X application) and then could put other application windows into the shared X window and other users could view (and interact with their keyboards and mice (which might have 3 to 14 buttons) with the stuff in the "shared X". By the way X came about because of an attempt to adapt "W" (a windowing environment running on an OS called V) which is when it got its networking capability). There are lots of X related standard options (which GUI applications were supposed to handle) which the developers of Gnome and KDE do not honor and (they modified a few of the standard X options such as the geometry).

I am surprised that xrdp has

SDC's picture

I am surprised that xrdp has not been mentioned.

It is fast and works well in environments with a variety of Linux and windows machines as it is compatible with the stock windows remote desktop client and the Linux rdesktop client. Works great for those cases where you need to log into some conference room windows machine with limited privileges and pull a desktop from your Linux box (without installing any client software).

Ease of setup may vary. I never figured it out on gentoo, but it works pretty much out of the box on Debian.

No Machine NX Client with freenx-server

Malcolm Logan's picture

Been using this combo for several years now, No Machine clients for Mac/Win and Linux... as already said MUCH faster than VNC/X-ssh on a LAN and fantastic on big screens...


Greg Holmberg's picture

I've tried VNC and tinyVNC from a machine at home connected to one at work using VPN over cable-modem, and it was really painful. I also tried SSH -C to Cygwin/X, and it was even worse. Really unusable.

NX wasn't exactly snappy under those conditions, but it was completely usable. I turned off encryption, since I was using VPN already.

Over a LAN, it's quite good. Not quite the same as local, but very good. You won't want to watch YouTube over it, or play games, but for most tasks, it's fast enough to use all day, even at very high resolutions. I'm using two 1920x1080 monitors, no problem. I develop software running Eclipse on the remote machine over NX (scrolling through text and so on), and there's no problem.

Another vote for NX.


One more for NX. I've been

Jay Yaneza's picture

One more for NX. I've been using the X11 combo to access my SunOS boxes (via XDMCP), don't know really why those boxes had a UI, some years ago. Shifted over to VNC for some time. Finally settled with NX, and have been using it since.

1 more vote for nomachine

Anonymous's picture

NoMachine(nx) blows away any other remote desktop option for linux. X is klunky over slow connections, as is vnc. NX is fast fast fast and runs using ssh encryption by default. X has served its purpose but it's time to move on. Ubuntu will be abandoning X for wayland soon and most distros will most likely be soon to follow.

+1 on NXServer/Client. Works

Anonymous's picture

+1 on NXServer/Client. Works similar to VNC but is faster and is now easily installed from most repos. I know for sure it is in EPEL and can be a quick yum install of nx and GNOME/KDE/Flux.

No Machine NX - compresses

Anonymous's picture

No Machine NX - compresses the X protocol.

Re: No Machine NX - compresses

jhansonxi's picture

X2Go is better. Uses SSH also.


Rafael Varela's picture

Well, it depends on what you mean by "better".

The fact is that X2go seems to use the same Libraries as NXv3, so I would not expect better performance than NX.

Taken from X2go FAQ:

Is x2go compatible with nomachines NX or freeNX?

No even though X2go uses the same libraries, X2go aims for an even greater integration into the Linux environment. It’s not possible to use NX client to log on to a X2go server and vice versa.

It's much easier to get

jhansonxi's picture

It's much easier to get working. Since it uses SSH it can share the same key I use for other remote access and tunneling.

Re: It's much easier to get

Rafael Varela's picture

It's a nice feature. Yes, in that sense it is better than NX.

No doubt their objective is a better integration into the Linux environment.

One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix