Installing GNOME desktop environment and VNC server
This guide will walk you through all the steps necessary to install the GNOME desktop as well as the TigerVNC server for remote desktop access on your CentOS 6 VPS. For this guide we will be using a one user VNC set up, though adding additional users will also be explained.
NOTE: This guide uses CentOS version 6.3 so there may be extra steps when using CentOS version 5. Comments in this article will be preceded by a hash tag (#).
Recommended VPS Specifications: Minimum 1 GB of RAM, 20 GB HDD
To begin, SSH into your VPS using the root username and password.
Installing the GNOME Environment
# Using yum, first update your system
yum update
# Using the yum package manager, install GNOME using groupinstall. This installs all packages needed for a minimal desktop installation.
yum groupinstall Desktop
# Remove NetworkManager as this will overwrite our local name server settings and cause you to be unable to resolve domains.
yum -y remove NetworkManager
# Now we must reset our DNS resolvers so that we can perform domain name resolutins
nano /etc/resolv.conf
# Replace the contents of the file with the following:
nameserver 108.59.242.6
nameserver 168.144.1.130
Installing and Configuring TigerVNC
# Using yum install TigerVNC and optionally a command-line text editor, nano, which we will be using later on.
yum install tigervnc-server nano
# Now we need to add a user that the desktop will be running under as well as create a password for it. Please choose a strong password of minimum 8 characters in length using uppercase, lowercase, numbers and symbols.
useradd vncuser
passwd vncuser
# After adding the user, we will need to edit the VNC server configuration to specify which user will be able to connect as well as what screen resolution they will use. You can change the screen resolution to any value. Common values are 1024x768 1680x1050 1920x1080. You may want to reduce these values slightly less than your local PC's screen resolution (Example: if using 1920x1080 at home, try setting your VNC resolution to 1900x960).
# Open up the config file with nano
nano /etc/sysconfig/vncservers
# Add the following lines to the end of the file:
VNCSERVERS="1:vncuser"
VNCSERVERARGS[1]="-geometry 1024x768"
# Save your changes in nano by using the Ctrl+X shortcut and hitting Y to accept the changes and write to the file.
# Now we must switch to the user we have just added and generate a VNC connection password. Using the vncpasswd command you will be prompted to generate a password that is only used for connecting to the VNC server.
su - vncuser
vncpasswd
# Drop back to the root shell
exit
# Let's test the VNC server. We'll start it once just to generate some configuration files, stop it and if all is okay set it to start on boot
service vncserver start
service vncserver stop
/sbin/chkconfig vncserver on
# We're almost done! Just need to start the service one last time
service vncserver start
Connecting to your VNC server from your local PC
To connect to your newly operational server, you will need a VNC client. TigerVNC is compatible with most VNC clients and also provide their own basic client. For a more advanced client, you can alternatively use the TightVNC client. To obtain these visit these links:
TigerVNC Client for Windows: http://sourceforge.net/projects/tigervnc/files/latest/download
TightVNC Client for Windows: http://www.tightvnc.com/download.php
When connecting using this software, you will need to specify the port for connecting. If using the configuration above this port will be 5901. In the server field of the client you can enter the port like this <ServerIP>:5901
Adding Additional VNC Users
Adding a new VNC user that is able to connect to the server follows much the same process as above. First we would add a new user and set a password then edit our server configuration, set a VNC user password and restart the server.
# Add new user/change password
useradd vncuser2
passwd vncuser2
# Open VNC server configuration in nano
nano /etc/sysconfig/vncservers
# Edit the VNCSERVERS line to look like this:
VNCSERVERS="1:vncuser 2:vncuser2"
# Add the following line to the end of the config file. Notice here that we've changed the username as well as the 1 to a 2 specifying a new sever to listen on. Our first server will run on port 5901 while the one we're now adding will listen on port 5902.
VNCSERVERARGS[2]="-geometry 1024x768"
# After you've saved those changes, we'll need to generate a VNC connection password for this new user
su - vncuser2
vncpasswd
exit
# Restart the server and you're done!
service vncserver restart
Further Securing your VNC Server
Since the VNC protocol transmits everything using plain-text, anyone who is potentially monitoring the connection between you and your server could see everything you are doing on your remote desktop. Luckily there is an easy way to secure your server by tunneling all your VNC traffic over an SSH session. To view this tutorial, click on this link.
Troubleshooting Tips
If you're server started correctly yet you're still having trouble connecting to it, check that your Firewall has proper exceptions to allow traffic on the VNC ports. Each VNC Server runs on a different port which is 590 + the number right after VNCSERVERARGS in your config. Our first server runs on 5901, second on 5902 and so forth.
To check your firewall configuration, login to your account at https://manage.myhosting.com and use the VPS Management tab to locate the Login to VZPP link. Here you can edit your firewall and use the Firewall Setup button to set the firewall mode to Advance firewall. If you set to default policy accept all traffic will be let through. If you select default policy Drop you will need to add Accept rules for those ports using the TCP protocol.