Status: Deprecated

This article is deprecated and no longer maintained.


Ubuntu 12.04 reached end of life (EOL) on April 28, 2017 and no longer receives security patches or updates.

See Instead

This article may still be useful as a reference, but may not follow best practices or work on this or other Ubuntu releases. We strongly recommend using a recent article written for the version of Ubuntu you are using.

How to Install and Configure VNC on Ubuntu 16.04
How to Install and Configure VNC on Ubuntu 14.04

If you are currently operating a server running Ubuntu 12.04, we highly recommend upgrading or migrating to a supported version of Ubuntu:

How to upgrade from Ubuntu 12.04 to Ubuntu 14.04.
How to upgrade from Ubuntu 14.04 to Ubuntu 16.04
How to migrate server data to a supported version


VNC stands for Virtual Network Computing, which allows you to connect to your server remotely, and be able to use your keyboard, mouse, and monitor to interface with that server.

Step 1 – Install VNC server and XFCE 4 desktop.

To get started, we will install a VNC server on Ubuntu 12.10 x64 Server droplet. Login as root and install packages:

apt-get -y install ubuntu-desktop tightvncserver xfce4 xfce4-goodies

Step 2 – Add a VNC user and set its password.

adduser vncpasswd vncIf you would like to get root as user vnc you would have to add it to sudoers file. Make sure you are logged in as root:echo "vnc ALL=(ALL) ALL" >> /etc/sudoersSet user vnc’s VNC Server password:su - vncvncpasswdexitThis step sets the VNC password for user ‘vnc’. It will be used later when you connect to your VNC server with a VNC client:

Now you can login as user ‘vnc’ and obtain root by running ‘sudo su -‘ and entering your password:

Step 3 – Install VNC As A Service

Login as root and edit /etc/init.d/vncserver and add the following lines:

export USER="vnc"
OPTIONS="-depth ${DEPTH} -geometry ${GEOMETRY} :${DISPLAY}"
. /lib/lsb/init-functions

case "$1" in
log_action_begin_msg "Starting vncserver for user '${USER}' on localhost:${DISPLAY}"
su ${USER} -c "/usr/bin/vncserver ${OPTIONS}"

log_action_begin_msg "Stoping vncserver for user '${USER}' on localhost:${DISPLAY}"
su ${USER} -c "/usr/bin/vncserver -kill :${DISPLAY}"

$0 stop
$0 start
exit 0

Edit /home/vnc/.vnc/xstartup and replace with:

xrdb $HOME/.Xresources
xsetroot -solid grey
startxfce4 &

Update file permissions and allow any user to start X Server:

chown -R vnc. /home/vnc/.vnc && chmod +x /home/vnc/.vnc/xstartup
sed -i 's/allowed_users.*/allowed_users=anybody/g' /etc/X11/Xwrapper.config

Make /etc/init.d/vncserver executable and start VNC server:

chmod +x /etc/init.d/vncserver && service vncserver start

Add your VNC server to automatically start on reboot:

update-rc.d vncserver defaults

Step 4 – Connect to your droplet with TightVNC

TightVNC is a great VNC client that allows SSH tunnel. It can be downloaded from
Make sure to use IP::port as your remote host, where IP is your droplet’s IP and port is 5901:

You will be asked for VNC password that you specified in step 2 with vncpasswd:

And now you are connected:

Step 5 – Secure your VNC server session with encryption

A basic VNC server setup has no encryption, which makes it vulnerable to snooping.
We will create an SSH tunnel with Putty and connect to VNC via this tunnel.
First, we need to make sure VNC server only listens on localhost.
Edit /etc/init.d/vncserver and add -localhost to OPTIONS:

OPTIONS="-depth ${DEPTH} -geometry ${GEOMETRY} :${DISPLAY} -localhost"

Restart VNC server:

/etc/init.d/vncserver restart

Make sure VNC server is only listening on localhost IP:

netstat -alpn | grep :5901

Download Putty from
For Windows:
Start Putty and enter your droplet IP under Session:

Don’t connect just yet.
Scroll down to Connection -> SSH -> Tunnels and Add New Forwarded Port and click Add:

Now you can connect by clicking Open. You can login as user vmc:

Make sure you don’t close this SSH session, as it creates a tunnel between your PC (localhost) and your droplet, mapping ports 5901 on both ends.
Connect with TightVNC to localhost::5901

Enter your VNC password from Step 3 above:

And you are now connected via a secure connection:

And you are all done!