(checkout vnc section of this article)

if one gets problem connecting with error message: “x11vnc error: socket: Address family not supported by protocol (97)”

then probably ipv6 needs to be disabled on client (and even if it is not used, seems like the server “requires” it)

vim /etc/default/grub
# find
GRUB_CMDLINE_LINUX="ipv6.disable=1"
# and comment it out or remove this
# GRUB_CMDLINE_LINUX="ipv6.disable=1"
# then run (tested with: debian8/ubuntu)
update-grub
# RedHat/Fedora/CentOS7 update grub config and menu
grub2-mkconfig
grub2-mkconfig -o /boot/grub2/grub.cfg
# and restart and you should be able to connect
reboot

it is wise to, monitor all logs while one is trying to get vnc server working… it can reveal a lot what is going on and wrong.
forget about Xvnc and tigervnc…

x11vnc is probably what the user want: https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-vnc-remote-access-for-the-gnome-desktop-on-centos-7

it cost me some time and concentration to figure this out…

what user probably wants is “screen sharing” – e.g. SEE THE SAME SCREEN as if user were sitting at the monitor of the actual machine.

tightvnc client accessing screen shared by centos7 x11vnc – same desktop vnc also accessible from windows ssh tunneled via putty 0.65:

requirements: make sure user can ssh into user’s machine with a standard non-root user.

hostnamectl; # tested with
  Operating System: CentOS Linux 7 (Core)
       CPE OS Name: cpe:/o:centos:centos:7
            Kernel: Linux 3.10.0-693.11.1.el7.x86_64
      Architecture: x86-64
# on the client (the pc running vnc client connecting to another pc (vncserver))
su - root
apt update
apt install vncviewer; # older debian
apt install tigervnc-viewer; # newer debian (12)
yum install vncviewer; # centos
 
# setup vnc server (x11vnc) on the "server" (the machine that one want's to see the desktop of)
ssh -v user@192.168.0.101
su - root
apt udpate
apt install x11vnc
Ctrl+D # log off root
x11vnc -storepasswd; # generate a per user password file
Enter VNC password: (give it a simple password less than 8 simple chars)
Verify password: 
Write password to /home/user/.vnc/passwd? [y]/n y
Password written to: /home/user/.vnc/passwd

# start x11vnc server script
# the user can find out the display number-adress
# by opening a non-root-terminal on the desktop and type
echo $DISPLAY

vim /scripts/vnc_server.sh
#!/bin/bash
# define resolution server-side
export DISPLAY=':0.0'
xrandr --fb 1600x900
x11vnc -display :0 -auth .Xauthority -rfbauth /home/user/.vnc/passwd -forever

# if one is using MATE Gnome2, one can place the line above into autostart applications
# -forever = do not quit on vnc client disconnect = keep running

###############################################################
#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@#
#@                                                           @#
#@  **  WARNING  **  WARNING  **  WARNING  **  WARNING  **   @#
#@                                                           @#
#@        USER IS RUNNING X11VNC WITHOUT A PASSWORD!!        @#
#@                                                           @#
#@  This means anyone with network access to this computer   @#
#@  may be able to view and control user's desktop.          @#
#@                                                           @#
#@ >> If user did not mean to do this Press CTRL-C now!! <<< @#
#@                                                           @#
#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@#
#@                                                           @#
#@  User can create an x11vnc password file by running:      @#
#@                                                           @#
#@       x11vnc -storepasswd password /path/to/passfile      @#
#@  or   x11vnc -storepasswd /path/to/passfile               @#
#@  or   x11vnc -storepasswd                                 @#
#@                                                           @#
#@  (the last one will use ~/.vnc/passwd)                    @#
#@                                                           @#
#@  and then starting x11vnc via:                            @#
#@                                                           @#
#@      x11vnc -rfbauth /path/to/passfile                    @#
#@                                                           @#
#@  an existing ~/.vnc/passwd file from another VNC          @#
#@  application will work fine too.                          @#
#@                                                           @#
#@  User can also use the -passwdfile or -passwd options.    @#
#@  (note -passwd is unsafe if local users are not trusted)  @#
#@                                                           @#
#@  Make sure any -rfbauth and -passwdfile password files    @#
#@  cannot be read by untrusted users.                       @#
#@                                                           @#
#@  Use x11vnc -usepw to automatically use user's            @#
#@  ~/.vnc/passwd or ~/.vnc/passwdfile password files.       @#
#@  (and prompt user to create ~/.vnc/passwd if neither       @#
#@  file exists.)  Under -usepw, x11vnc will exit if it      @#
#@  cannot find a password to use.                           @#
#@                                                           @#
#@                                                           @#
#@  Even with a password, the subsequent VNC traffic is      @#
#@  sent in the clear.  Consider tunnelling via ssh(1):      @#
#@                                                           @#
#@    http://www.karlrunge.com/x11vnc/#tunnelling            @#
#@                                                           @#
#@  Or using the x11vnc SSL options: -ssl and -stunnel       @#
#@                                                           @#
#@  Please Read the documention for more info about          @#
#@  passwords, security, and encryption.                     @#
#@                                                           @#
#@    http://www.karlrunge.com/x11vnc/faq.html#faq-passwd    @#
#@                                                           @#
#@  To disable this warning use the -nopw option, or put     @#
#@  'nopw' on a line in your ~/.x11vncrc file.               @#
#@                                                           @#
#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@#
###############################################################
19/02/2018 18:19:44 x11vnc version: 0.9.13 lastmod: 2011-08-10  pid: 2416
19/02/2018 18:19:44 Using X display :0
19/02/2018 18:19:44 rootwin: 0x281 reswin: 0x2a00001 dpy: 0xf69b80
19/02/2018 18:19:44 
19/02/2018 18:19:44 ------------------ USEFUL INFORMATION ------------------
19/02/2018 18:19:45 X DAMAGE available on display, using it for polling hints.
19/02/2018 18:19:45   To disable this behavior use: '-noxdamage'
19/02/2018 18:19:45 
19/02/2018 18:19:45   Most compositing window managers like 'compiz' or 'beryl'
19/02/2018 18:19:45   cause X DAMAGE to fail, and so you may not see any screen
19/02/2018 18:19:45   updates via VNC.  Either disable 'compiz' (recommended) or
19/02/2018 18:19:45   supply the x11vnc '-noxdamage' command line option.
19/02/2018 18:19:45 
19/02/2018 18:19:45 Wireframing: -wireframe mode is in effect for window moves.
19/02/2018 18:19:45   If this yields undesired behavior (poor response, painting
19/02/2018 18:19:45   errors, etc) it may be disabled:
19/02/2018 18:19:45    - use '-nowf' to disable wireframing completely.
19/02/2018 18:19:45    - use '-nowcr' to disable the Copy Rectangle after the
19/02/2018 18:19:45      moved window is released in the new position.
19/02/2018 18:19:45   Also see the -help entry for tuning parameters.
19/02/2018 18:19:45   You can press 3 Alt_L's (Left "Alt" key) in a row to 
19/02/2018 18:19:45   repaint the screen, also see the -fixscreen option for
19/02/2018 18:19:45   periodic repaints.
19/02/2018 18:19:45 
19/02/2018 18:19:45 XFIXES available on display, resetting cursor mode
19/02/2018 18:19:45   to: '-cursor most'.
19/02/2018 18:19:45   to disable this behavior use: '-cursor arrow'
19/02/2018 18:19:45   or '-noxfixes'.
19/02/2018 18:19:45 using XFIXES for cursor drawing.
19/02/2018 18:19:45 GrabServer control via XTEST.
19/02/2018 18:19:45 
19/02/2018 18:19:45 Scroll Detection: -scrollcopyrect mode is in effect to
19/02/2018 18:19:45   use RECORD extension to try to detect scrolling windows
19/02/2018 18:19:45   (induced by either user keystroke or mouse input).
19/02/2018 18:19:45   If this yields undesired behavior (poor response, painting
19/02/2018 18:19:45   errors, etc) it may be disabled via: '-noscr'
19/02/2018 18:19:45   Also see the -help entry for tuning parameters.
19/02/2018 18:19:45   You can press 3 Alt_L's (Left "Alt" key) in a row to 
19/02/2018 18:19:45   repaint the screen, also see the -fixscreen option for
19/02/2018 18:19:45   periodic repaints.
19/02/2018 18:19:45 
19/02/2018 18:19:45 XKEYBOARD:
19/02/2018 18:19:45 Switching to -xkb mode to recover these keysyms:
19/02/2018 18:19:45    xkb  noxkb   Keysym  ("X" means present)
19/02/2018 18:19:45    ---  -----   -----------------------------
19/02/2018 18:19:45     X           0x40  at
19/02/2018 18:19:45     X           0x5b  bracketleft
19/02/2018 18:19:45     X           0x5d  bracketright
19/02/2018 18:19:45     X           0x7b  braceleft
19/02/2018 18:19:45     X           0x7d  braceright
19/02/2018 18:19:45     X           0x7c  bar
19/02/2018 18:19:45     X           0x5c  backslash
19/02/2018 18:19:45 
19/02/2018 18:19:45   If this makes the key mapping worse you can
19/02/2018 18:19:45   disable it with the "-noxkb" option.
19/02/2018 18:19:45 
19/02/2018 18:19:45 
19/02/2018 18:19:45 X FBPM extension not supported.
19/02/2018 18:19:45 X display is capable of DPMS.
19/02/2018 18:19:45 --------------------------------------------------------
19/02/2018 18:19:45 
19/02/2018 18:19:45 Default visual ID: 0x21
19/02/2018 18:19:45 Read initial data from X display into framebuffer.
19/02/2018 18:19:45 initialize_screen: fb_depth/fb_bpp/fb_Bpl 24/32/4416
19/02/2018 18:19:45 
19/02/2018 18:19:45 X display :0 is 32bpp depth=24 true color
19/02/2018 18:19:45 
19/02/2018 18:19:45 Autoprobing TCP port 
19/02/2018 18:19:45 Autoprobing selected TCP port 5900
19/02/2018 18:19:45 Autoprobing TCP6 port 
19/02/2018 18:19:45 Autoprobing selected TCP6 port 5900
19/02/2018 18:19:45 listen6: bind: Address already in use
19/02/2018 18:19:45 Not listening on IPv6 interface.
19/02/2018 18:19:45 
19/02/2018 18:19:45 Xinerama is present and active (e.g. multi-head).
19/02/2018 18:19:45 Xinerama: number of sub-screens: 1
19/02/2018 18:19:45 Xinerama: no blackouts needed (only one sub-screen)
19/02/2018 18:19:45 
19/02/2018 18:19:45 fb read rate: 500 MB/sec
19/02/2018 18:19:45 fast read: reset -wait  ms to: 10
19/02/2018 18:19:45 fast read: reset -defer ms to: 10
19/02/2018 18:19:45 The X server says there are 13 mouse buttons.
19/02/2018 18:19:45 screen setup finished.
19/02/2018 18:19:45 
19/02/2018 18:19:45 WARNING: You are running x11vnc WITHOUT a password.  See
19/02/2018 18:19:45 WARNING: the warning message printed above for more info.
19/02/2018 18:19:45 

The VNC desktop is:      debian.domain.box:0
PORT=5900

******************************************************************************
Have you tried the x11vnc '-ncache' VNC client-side pixel caching feature yet?

The scheme stores pixel data offscreen on the VNC viewer side for faster
retrieval.  It should work with any VNC viewer.  Try it by running:

    x11vnc -ncache 10 ...

One can also add -ncache_cr for smooth 'copyrect' window motion.
More info: http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching

# leave the program running
# open a new terminal on the client
# it should now be possible to connect to "full desktop" like this
# on the client
ssh user@192.168.0.101 -L 5900:localhost:5900
# open another terminal
vncviewer localhost:5900

# it should connect :D
# securit is provided by ssh auth and encryption, not by vnc :D

# it might be usefull to disable the graphical login prompt on the server
# and put the this line
x11vnc -display :0 -auth .Xauthority -rfbauth /home/user/.vnc/passwd -forever
# somewhere in the autostart process (STILL USING rc.local :D)
vim /etc/lightdm/lightdm.conf;
# comment out those two lines
autologin-user=username
autologin-user-timeout=0

time to connect

on the same machine that your ssh-terminal is running fire up a vnc client

centos7:

yum install vnc
# installs
tigervnc.x86_64 1.8.0-2.el7_4 @updates

installs tigervnc viewer, for windows user realvnc

possible errors

if you get:

channel 3: open failed: administratively prohibited: open failed

you will have to enable:

AllowTcpForwarding yes

in:

vim /etc/ssh/sshd_config
# save quit and restart
systemctl restart sshd

now RECONNECT and it should work again.

perfectly!

exactly what i wanted.

# start again x11vnc server with pixel caching and pass auth
x11vnc -display :0 -auth .Xauthority -ncache 10 -rfbauth /home/user/.vnc/passwd

but it seems a lot of vnc viewer clients DO NOT SUPPORT this feature and display funny stuff…

“x11vnc noncache – this is the pixel buffer cache region – your vnc viewer is not hiding it from you – pay no attention to the man behind the curtain” X-D

define resolution and other settings

all options:  x11vnc all options.manpage.txt

what i do is save the “vnc startup command” in

vim /scripts/start_vnc.sh

currently it reads like:

x11vnc -display :0 -geometry 1366x768 -auth .Xauthority -rfbauth /home/user/.vnc/passwd

 

ssh tunnel from windows<-ssh->linux via putty

putty is really a neat beast… it can do ssh port forwarding from windows to linux. GOOD JOB!

open port in firewall?

INSECURE! if you use the ssh port-forwarding-tunnel you DO NOT NEED to even open a port – because you are connecting to localhost. on the client and server 😉

firewall-cmd --zone=public --add-port=5900/tcp --permanent; # open port 5900
firewall-cmd --reload; # make changes active

remove tigervnc:

if you already have installed it and tried to config it in vane, get rid of it and reboot…

yum remove tigervnc-server.x86_64
yum remove tigervnc-server-minimal.x86_64
yum remove tigervnc-license.noarc

misc debug stuff:

# monitor all logs
find /var/log/ -type f \( -name "*" \) ! -path '*.gz*' -exec tail -n0 -f "$file" {} +

what display session is active?

your desktop gnome2 mate or other uses a session, vncserver needs to know what session you would like to screen-share:

loginctl list-sessions
   SESSION        UID USER             SEAT            
         1       1000 user             seat0 

loginctl show-session -p Display -p Active 1
Display=:0
Active=yes

lsof -i -P -n|grep vnc; # check if vncserver is running and listening 
x11vnc 1888 user 10u IPv4 25838 0t0 TCP *:5900 (LISTEN)
x11vnc 1888 user 11u IPv6 25839 0t0 TCP *:5900 (LISTEN)
x11vnc 1888 user 12u IPv6 23301 0t0 TCP [::1]:5900->[::1]:53956 (ESTABLISHED)

Links:

http://www.karlrunge.com/x11vnc/

http://www.karlrunge.com/x11vnc/ssvnc.html

liked this article?

  • only together we can create a truly free world
  • plz support dwaves to keep it up & running!
  • (yes the info on the internet is (mostly) free but beer is still not free (still have to work on that))
  • really really hate advertisement
  • contribute: whenever a solution was found, blog about it for others to find!
  • talk about, recommend & link to this blog and articles
  • thanks to all who contribute!
admin