[Debian] Debian VPS - Desktop (GNOME) Installation and VNC

Installing GNOME desktop environment and VNC server

This guide will walk you through the steps necessary to install the GNOME desktop as well as the vnc4server package for remote desktop access on your Debian 6 VPS. For this guide we will be using a one user VNC set up, though adding additional users will also be explained.

NOTE: This guide uses Debian version 6.0 so there may be extra steps for different versions. Comments in this article will be preceded by a hash tag (#).

Recommended VPS Specifications: Minimum 1 GB of RAM, 20 GB HDD

To begin, SSH into your VPS using the root username and password.

Installing the GNOME environment

# Using apt-get, first update your system packages to the latest versions before we proceed

apt-get upgrade

# Use apt-get to install GNOME and necessary font packages

apt-get install gnome-core xfonts-100dpi xfonts-100dpi-transcoded xfonts-75dpi xfonts-75dpi-transcoded xfonts-base

# Remove NetworkManager as this will overwrite our local name server settings and cause you to be unable to resolve domains.

apt-get remove network-manager

# Now we must reset our DNS resolvers so that we can perform domain name resolutins

nano /etc/resolv.conf

# Replace the contents of the file with the following:

nameserver 108.59.242.6
nameserver 168.144.1.130

Installing and Configuring vnc4server

# Using apt-get install vnc4server and optionally a command-line text editor, nano, which we will be using later on

apt-get install vnc4server nano

# Now we need to add a user that the desktop will be running under as well as create a password for it. Please choose a strong password of minimum 8 characters in length using uppercase, lowercase, numbers and symbols.

adduser vncuser

# After adding the user, we will need to create and edit the VNC server configuration to specify which user will be able to connect as well as what screen resolution they will use. You can change the screen resolution to any value. Common values are 1024x768 1680x1050 1920x1080. You may want to reduce these values slightly less than your local PC's screen resolution (Example: if using 1920x1080 at home, try setting your VNC resolution to 1900x960).

mkdir -p /etc/vncserver
touch /etc/vncserver/vncservers.conf
nano /etc/vncserver/vncservers.conf

# Add the following lines to the file:

VNCSERVERS="1:vncuser"
VNCSERVERARGS[1]="-geometry 1024x768"

# Since we'll want the VNC server to start on boot, we'll need to create a service for it. In these next steps we'll be creating a service script for this purpose. Simply copy and paste the code below into the file

touch /etc/init.d/vncserver
chmod +x /etc/init.d/vncserver
nano /etc/init.d/vncserver

# Contents of /etc/init.d/vncserver

#!/bin/bash
### BEGIN INIT INFO
# Provides:          vncserver
# Required-Start:    $syslog
# Required-Stop:     $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: vnc server
# Description:
#
### END INIT INFO

unset VNCSERVERARGS
VNCSERVERS=""
[ -f /etc/vncserver/vncservers.conf ] && . /etc/vncserver/vncservers.conf
prog=$"VNC server"

start() {
 . /lib/lsb/init-functions
 REQ_USER=$2
 echo -n $"Starting $prog: "
 ulimit -S -c 0 >/dev/null 2>&1
 RETVAL=0
 for display in ${VNCSERVERS}
 do
 export USER="${display##*:}"
 if test -z "${REQ_USER}" -o "${REQ_USER}" == ${USER} ; then
 echo -n "${display} "
 unset BASH_ENV ENV
 DISP="${display%%:*}"
 export VNCUSERARGS="${VNCSERVERARGS[${DISP}]}"
 su ${USER} -c "cd ~${USER} && [ -f .vnc/passwd ] && vncserver :${DISP} ${VNCUSERARGS}"
 fi
 done
}

stop() {
 . /lib/lsb/init-functions
 REQ_USER=$2
 echo -n $"Shutting down VNCServer: "
 for display in ${VNCSERVERS}
 do
 export USER="${display##*:}"
 if test -z "${REQ_USER}" -o "${REQ_USER}" == ${USER} ; then
 echo -n "${display} "
 unset BASH_ENV ENV
 export USER="${display##*:}"
 su ${USER} -c "vncserver -kill :${display%%:*}" >/dev/null 2>&1
 fi
 done
 echo -e "\n"
 echo "VNCServer Stopped"
}

case "$1" in
start)
start $@
;;
stop)
stop $@
;;
restart|reload)
stop $@
sleep 3
start $@
;;
condrestart)
if [ -f /var/lock/subsys/vncserver ]; then
stop $@
sleep 3
start $@
fi
;;
status)
status Xvnc
;;
*)
echo $"Usage: $0 {start|stop|restart|condrestart|status}"
exit 1
esac

# Register the service

update-rc.d vncserver defaults 99

# Now we must create a VNC connection password for our user. First we will use the su command to login to the user's shell and use the vncpasswd to set the password.

su vncuser
vncpasswd

# We need to start then stop the server to generate a configuration file

vncserver :1; vncserver -kill :1

# After we've generated the configuration file, we must edit it so that GNOME is loaded when we connect

nano ~/.vnc/xstartup

# Edit the file or replace its contents so that they look like the code below and save

#!/bin/sh

# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
# exec /etc/X11/xinit/xinitrc
gnome-session &

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
x-terminal-emulator -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
# x-window-manager &

# Drop back to root shell

exit

# Start the VNC service

service vncserver start

Connecting to your VNC server from your local PC

To connect to your newly operational server, you will need a VNC client. For a client I would recommend the TightVNC client. Alternatively you can use a more basic client like TigerVNC. To obtain these visit these links:

TightVNC Client for Windows: http://www.tightvnc.com/download.php

TigerVNC Client for Windows: http://sourceforge.net/projects/tigervnc/files/latest/download

When connecting using this software, you will need to specify the port for connecting. If using the configuration above this port will be 5901. In the server field of the client you can enter the port like this <ServerIP>:5901

Adding Additional VNC Users

Adding a new VNC user that is able to connect to the server follows much the same process as above. First we would add a new user and set a password then edit our server configuration, set a VNC user password and restart the server.

# Add new user/change password

adduser vncuser2

# Open VNC server configuration in nano

nano /etc/vncserver/vncservers.conf

# Edit the VNCSERVERS line to look like this:

VNCSERVERS="1:vncuser 2:vncuser2" 

# Add the following line to the end of the config file. Notice here that we've changed the username as well as the 1 to a 2 specifying a new sever to listen on. Our first server will run on port 5901 while the one we're now adding will listen on port 5902.

VNCSERVERARGS[2]="-geometry 1024x768"

# After you've saved those changes, we'll need to generate a VNC connection password for this new user

su vncuser2
vncpasswd

# Start and stop the VNC server for the desktop number 2

vncserver :2; vncserver -kill :2

# After we've generated the configuration file, we must edit it to that GNOME is loaded when we connect

nano ~/.vnc/xstartup

# Edit the file or replace its contents so that they look like the code below and save

#!/bin/sh

# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
# exec /etc/X11/xinit/xinitrc
gnome-session &

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
x-terminal-emulator -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
# x-window-manager &

# Drop back to root shell

exit

# Restart the server and you're done!

service vncserver restart

Further Securing your VNC Server

Since the VNC protocol transmits everything using plain-text, anyone who is potentially monitoring the connection between you and your server could see everything you are doing on your remote desktop. Luckily there is an easy way to secure your server by tunneling all your VNC traffic over an SSH session. To view this tutorial, click on this link.

Troubleshooting Tips

If you're server started correctly yet you're still having trouble connecting to it, check that your Firewall has proper exceptions to allow traffic on the VNC ports. Each VNC Server runs on a different port which is 590 + the number right after VNCSERVERARGS in your config. Our first server runs on 5901, second on 5902 and so forth.

To check your firewall configuration, login to your account at https://manage.myhosting.com and use the VPS Management tab to locate the Login to VZPP link. Here you can edit your firewall and use the Firewall Setup button to set the firewall mode to Advance firewall. If you set to default policy accept all traffic will be let through. If you select default policy Drop you will need to add Accept  rules for those ports using the TCP protocol.

 

Was this article helpful?
0 out of 0 found this helpful