Sunday, April 29, 2007

VNC on Ubuntu Feisty

I recently had the exciting opportunity to give Amazon EC2 a spin and as a first-time Linux-experiment, I opted to use Clint Pells' Ubuntu Feisty image with an aim to set up Ruby on Rails and some other goodies.

The goal

Coming from a Windows background, and having been spoiled with fancy GUI tools, the SSH terminal access felt somewhat intimidating, so I wanted remote-desktop-like connectivity to my EC2 instance. The following instructions outline the exact steps to connect to your EC2 Ubuntu image via VNC from your Windows Machine. At the time of writing, my knowledge of Linux systems is limited to the 5 hours I spent mucking around with my installation, so I am writing this tutorial for fellow developers that need a no-nonsense step-by-step guide.


First, this is what you will need:
  • A running instance of the Ubuntu Feisty AMI (ami-898560e0)
  • Putty SSH client on your Windows machine that is connected to your instance
  • TightVNC Viewer on your Windows machine

Getting Your Hands Dirty

1. Make sure Ubuntu is updated

This is simple; type this in from your terminal:

sudo apt-get update

2. Install the Desktop Environment

The Ubuntu image that we are using does not have a Window manager, so we need to install this first on the server. This may take a while since it needs to be downloaded. In your terminal, type in:

sudo apt-get install x-window-system-core xserver-xorg gnome-desktop-environment

3. Install TightVNC Server

Next, we install the VNC server that we will be using.

sudo apt-get install tightvncserver

At one point, this will show a screen asking you to select screen dimensions, but I was content with the default options and just hit continue.

4. Launch the server

First we run VNCServer to set the password (I know you are probably lazy, but make it a $tR0nG password). In your terminal, type in:


Next, set up a session ... By default, port :0 corresponds to port 5900, :1 to 5901 etc. Remember that no 'firewall configuration' is necessary since we will be using a SSH tunnel for security.

vncserver :1

This returns a message similar to New 'X' desktop is domU-XX-XX-XX-XX-XX-XX:1

5. Configure SSH Tunnel in Putty

Close down your SSH session and open Putty again. Under Category, go to Connection>SSH>Tunnels. In Source port, put 5901; in Destination, put your instance DNS name followed by :5901 i.e.

6. Connect with VNCViewer

Open TightVNCViewer, and type in localhost:1, then hit OK. Then type in the VNC server password that you created in step 4. Once it launches, it may look crummy and ugly. If this is the case, it is because you didn't use the VNCViewer for fast compression. Next, you will notice a command screen but nothing else. DON'T PANIC! - I didn't set you up. Just type:


This will bring up the desktop environment and display a list of errors that you can ignore.

7. IMPORTANT: Shutting down your session

Lastly, you will need to know how to shutdown the VNCServer Session that you created. Simply type in the following from your SSH command prompt:

vncserver -kill :1

You are now Golden

You are now ready to access your EC2 instance securely and easily. Until next time ...

Yours truly,

Christian Toivola


Kuyper Hoffman said...

The AMI is ami-898560e0 not ami-898560a0

Christian Toivola said...

I must have slipped the a in by accident -Thanks for pointing this out!

Paul said...

Worked first time - very well researched and documented.
I was presented only with a shell window but after little googling I discovered you can load the desktop by typing "gnome-panel" in the shell window.

tiagonmas said...

Great tutorial :) Thanks!

Just one comment that might help to clarify the ssh tunnel step for those who might not know. After putting the local and remote port you need to add. After it is added, you need to connect again to SSH.

Tiago Andrade e Silva

Jim L said...

without a glitch - nice job

Charles said...

Hum.. I think I didn't understand the tunneling part... I must not be configuring putty correctly... So let me get this right: you load up your settings to connect to the EC2 machine, hit Category>SSH>Tunnel, then add 5901 to "Source" and put the "Remote host" as and then press "Add", then "open" and login to an ssh session.. hum still TighVNC tels me "couldn't connect to localhost:1

Charles said...

Wait! jiminy crickets! It worked! Don't know what I did the first time that that I didn't do the second time; but it works!

Dani said...

It doesn't works for me, i don't know why but i cannot connect to the vncserver. I'm running Ubuntu 7.10 on my laptop and using just vncviewer as client. Anybody has some ideas?

Charles said...

Dani are you using TightVNC viewer or just any vnc viewer (Real VNC etc..)? TightVNC viewer will do the trick; not sure about others.

SSB said...

I could not get the steps that describes:
"Configure SSH Tunnel in Putty Close down your SSH session and open Putty again. Under Category, go to Connection>SSH>Tunnels. In Source port, put 5901; in Destination, put your instance DNS name followed by :5901".........
and provide localhost:1 in tightvncviewer at my windows box.

Please help me out in this. after providing source and destination details in tunnel section what should I do? how does vncviewer connect to EC2 instance as "localhost:1" ?

Charles said...

OK; so here is the step of configuring the SSL tunnel in putty: Go to Category: + Connection +SSH >Tunnels.
In here start with no tunnels (remove any you might have created), and enter 5901 in the "Source" and in the "Destination" and then press the "Add" button: all the rest should be left on defaults (no check boxes, and radio selecting "Local", and "Auto")

SSB said...

Thanks Charles for helping me understand tunnel configuration in Putty.

I have done exactly same. I launched putty application, traversed to tunnels section and provided source and destination parameters and clicked on "add".
Then, with out closing Putty application, I have opened tightvnc client and typed localhost:1. It threw message indicating "failed to connect to localhost". Running tightvnc from a windows box.

After adding tunnel details to putty app, do I have to provide keypair file in Auth section?

Also, any idea, how providing tunnel details in Putty helps in connecting to ec2 instance using Tightvnc?

your help in this regard much appreciated.

SSB said...


I think samething happened with me as it happend with you some time back. I am able to connect EC2 instance and I understand the tunneling mechanism now.

Thanks a lot for an excellent documentation, Ubuntu and people around it.

Charles said...

Glad you got connected ssb. Yeah, I don't know why the first time acted weird on me too; I had the same settings, started the putty session but the tunnel did not not worked... then tried a second time, same settingsand it worked like a charm... Fortune favors the obstinate. :-)

Sam said...

this is great, thanks! the only issue I'm noticing is that my keyboard is sending the wrong keys ;-P

Mark Kerzner said...

Thanks, very useful.

Sylvain St-Germain said...

This is a very good walkthrough but I am failing at the SSH login prompt... Same place as SSB is referring to on Jan 7th.

So after having added the forwarding rule I have:

- tried adding my private key file in Putty (Connection/SSH/Auth section) FAILED
- tried Open the connection in Putty, got the login prompt. Tried the TightVNC, FAILED

Any help is much appreciated.

Inner Journey to India said...

Salut Sylvain,
It's easy to miss a step; so try again the SSH set-up on putty. I had to try several times before getting it right/getting it to work. here it is again in detail at the step of configuring the SSL tunnel in putty: Go to Category: + Connection +SSH >Tunnels.
In here start with no tunnels (remove any you might have created), and enter 5901 in the "Source" and in the "Destination" and then press the "Add" button: all the rest should be left on defaults (no check boxes, and radio selecting "Local", and "Auto")
Bonne Chance et dis-moi si ça marche!

Sylvain St-Germain said...

J'ai cette partie correct je crois je copie-colle alors ça devrait être bon! J'ai toutefois réessayer avec les même résultats.

Par-contre c'est la suite des choses qui m'embête... Faut-il:
- Faire le open de la connection dans Putty?
- Comment est-ce que TightVNC à accès à la clé?


Inner Journey to India said...

Oui; moi j'ai d'abord enregistré la configuration (pour pas avoir à refaire la manip à chaque fois) , puis faut ouvrir la connection avec putty...Tu la laisse ouverte... et tu ouvre TightVNC et tu choisis comme serveur "localhost:1" -- C'est ça la magie du tunnel; tant que Putty est ouvert tu as un tunnel entre ton localhost et to serveur sur EC2 au niveau du port 5901... tu as pas d'autre application qui utilise le port 5901, ou 1? il est pas bloqué? (Firewall côté EC2 ou de ton côté... lociciel qui tourne déjà sur le port 5901...)

Sylvain St-Germain said...

Ok. La seule chose alors que je ne compred pas est concernant le password du user root.

En faisant open, j'ai le login prompt mais je n'ai pas de password à fournir...

Merci encore!

Inner Journey to India said...

Oui, c'est exact; ton putty a déjà la clé RSA donc pas besoin de mot de passe. contacte moi sur skype, yahoo ou gtalk mon pseudo c'est cyrano24100.

Rodney said...

Install packages. Code: sudo apt-get install x11vnc vnc-java
Set up a password for clients. Code: x11vnc -storepasswd
Open up ports 5800 and 5900 on your firewall
Run the terminal command: x11vnc -forever -usepw -httpdir /usr/share/vnc-java/ -httpport 5800 and add it for auto-starting in future sessions.


buy wow gold said...

When the Wow Gold wolf finally found the wow gold cheap hole in the chimney he crawled cheap wow gold down and KERSPLASH right into that kettle of water and that was cheapest wow gold the end of his troubles with the big bad wolf.

The next day the Buy Wow Goldlittle pig invited hisbuy gold wow mother over . She said "You see it is just as Cheapest wow goldI told you. The way to get along in the world is to do world of warcraft gold things as well as you can." Fortunately for that little pig, he buy cheap wow gold learned that lesson. And he just wow gold lived happily ever after!.

wgarn said...

I have used the instructions here for an Amazon Ubuntu 11 server.

I had to set the password with: tightvncpasswd

When connecting I got: Failed to load session “Ubuntu”, which was resolved with: "apt-get install ubuntu-desktop" using gdm (Gnome display manager).