Of Stack

Centos7 remote desktop vnc and vnc server Settings

  • 2020-05-12 06:39:47
  • OfStack

Centos7 is quite different from Centos6.x.

It took a lot of detours to install a remote desktop on one server. I wrote this blog post purely for the purpose of recording, and if I encounter the same problem in the future, I can trace it back.

1. Assuming you don't have any vnc software installed on your system, install vnc first

yum -y install tigervnc-server tigervnc

2. The system before Centos7 requires configuration if vnc1 is installed 


[root@localhost ~]# cat /etc/sysconfig/vncservers 
# THIS FILE HAS BEEN REPLACED BY /lib/systemd/system/vncserver@.service

However, as mentioned above, Centos7 needs to be configured in the file 


[root@localhost ~]# ll /lib/systemd/system/vncserver@.service
-rw-r--r--. 1 root root 1744 Jun 10 14:15 /lib/systemd/system/vncserver@.service

3. There are the following prompts in the file 


# Quick HowTo:
# 1. Copy this file to /etc/systemd/system/vncserver@:<display>.service
# 2. Edit <USER> and vncserver parameters appropriately
#  ("runuser -l <USER> -c /usr/bin/vncserver %i -arg1 -arg2")
# 3. Run `systemctl daemon-reload`
# 4. Run `systemctl enable vncserver@:<display>.service

4. Copy one file and rename it vncserver@:1.service

[root@localhost ~]# cp /lib/systemd/system/vncserver@.service/lib/systemd/system/vncserver@:1.service

5, will file in < User > Replace %i with 1 with your current user 


[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target
[Service]
Type=forking
# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill :1 > /dev/null 2>&1 || :'
ExecStart=/sbin/runuser -l root -c "/usr/bin/vncserver :1 -geometry 1280x720 -depth 24"
PIDFile=/root/.vnc/%H%i.pid
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill :1 > /dev/null 2>&1 || :'
[Install]
WantedBy=multi-user.target

6. Update systemctl

systemctl daemon-reload

7. Set it to start automatically

systemctl enable vncserver@:1.service

8. Start vnc service

systemctl start vncserver@:1.service

9. Add the corresponding port 5901 to iptables (note that if there are other users, you need to add the port as well. vnc's port defaults to 5900 + n) 


[root@localhost system]# cat /etc/sysconfig/iptables
# sample configuration for iptables service
# you can edit this manually or use system-config-firewall
# please do not ask us to add additional ports/services to this default configuration
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 5901 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

Note:

1. If you do not configure and enable a firewall and you are using VNC Viewer to connect, an error is reported: "connect: Connection timed out(10060)".

2. This paper takes root users as an example. If other users also need to log in, then they need to copy the file as

cp /lib/systemd/system/vncserver@.service/lib/systemd/system/vncserver@:2.service

At the same time, change %i in the file to 2, and set up vncpasswd for the corresponding user.

3. You can access it through UltraVNC, TigerVNC or RealVNC Viewer. I can connect to all the three tools under win7

Thank you for reading, I hope to help you, thank you for your support of this site!

Related articles: