Last updated on October 5, 2020 by Dan Nanni
Nowadays teleworking or remote working with flexible hours is increasingly popular in tech industry. One of the enabling technologies behind this trend is remote desktop. Your desktop environment is in the cloud, and you can access the remote desktop anywhere you go, either from home or at your workplace.
This tutorial describes how you can set up CentOS based remote desktop on VPS (Virtual Private Server). Here we are going to demonstrate CentOS 7 based environment.
We assume that you already created a CentOS 7 VPS instance somewhere (e.g., using DigitalOcean or Amazon EC2). Make sure that the VPS instance has at least
1GB memory. Otherwise, CentOS desktop will crash when you try to access remote desktop.
If an available CentOS image is a minimal version of CentOS without desktop, you will need to install desktop (e.g., GNOME) on your CentOS VPS before proceeding. For example, DigitalOcean's CentOS image is such a minimal version, which requires desktop GUI installation as follows.
# yum groupinstall "GNOME Desktop"
Reboot a VPS after finishing installation.
The next step is to install and configure VNC server. We are going to use TigerVNC, an open-source VNC server implementation.
# yum install tigervnc-server
Now create a user account (e.g.,
xmodulo) which will be used to access remote desktop.
# useradd xmodulo # passwd xmodulo
When a user tries to access remote desktop using VNC, a dedicated VNC server daemon will be launched to handle its requests. This means that you will need to create a separate VNC server configuration for each user.
CentOS 7 relies on
systemd to manage and configure system services. So we are going to configure VNC server for
xmodulo user using
Let's first check the status of VNC server by running either command below:
# systemctl status [email protected]:.service # systemctl is-enabled [email protected]
By default, freshly installed VNC service is not active (disabled).
Now create a VNC service configuration for
xmodulo user by copying a generic VNC service unit file as follows.
# cp /lib/systemd/system/[email protected] /etc/systemd/system/[email protected]:1.service
Open the configuration file with a text editor, and replace
<USER> with an actual user name (e.g.,
[Service] section. Also, append
-geometry <resolution> parameter in
ExecStart. In the end, the following two lines with bold font will be modified.
# vi /etc/systemd/system/[email protected]:1.service
[Service] Type=forking # Clean any existing files in /tmp/.X11-unix environment ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' ExecStart=/sbin/runuser -l xmodulo -c "/usr/bin/vncserver %i -geometry 1024x768" PIDFile=/home/xmodulo/.vnc/%H%i.pid ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
Now set up (optional) VNC password for
xmodulo user for security. For this, switch to the user, and run
# su - xmodulo # vncserver
You will be prompted to enter a VNC password for the user. Once the password is set, you will need to use this password to gain access to remote desktop.
Finally, reload services to activate the new VNC configuration:
# systemctl daemon-reload
and enable VNC service to make it start automatically upon boot:
# systemctl enable [email protected]:1.service
Check the port number that a VNC server is listening on by running:
# netstat -tulpn | grep vnc
5901 is the default port number for VNC client to connect to a VNC server.
By design, Remote Frame Buffer (RFB) protocol used by VNC is not a secure protocol. Thus it is not a good idea to directly connect to a remote VNC server running on VPS using a VNC client. Any sensitive information such as password could easily be leaked from VNC traffic. So instead, I strongly recommend that you tunnel VNC traffic over a secure SSH tunnel, as described here.
On a local host where you want to run VNC client, create an SSH tunnel to a remote VPS using the following command. When prompted for SSH password, type the password of the user.
$ ssh [email protected]<VPS-IP-address> -L 5901:127.0.0.1:5901
xmodulo with your own VNC user, and fill in the IP address of your VPS instance.
Once an SSH tunnel is established, remote VNC traffic will be routed over the SSH tunnel, and be sent to
Now go ahead and launch your favorite VNC client (e.g.,
vinagre), and connect to
You will be asked to enter a VNC password. When you type a correct VNC password, you will finally be able to CentOS remote desktop on VPS securely.