centos8.3安装vncserver服务提供访问

admin

Installing VNC Server
) X; v0 v$ W' N4 N* I$ T( C0 p8 r安装vncserver
TigerVNC is an actively maintained high-performance open-source VNC server. It is available in the default CentOS repositories. To install it, type:
/ Y8 Z+ U" N7 @6 i% U8 Q0 P: D# X2 g
, X% j3 O5 Y  P$ Z#dnf install tigervnc-server   -y

( }/ S" |9 @3 t; d. Q2 P配置vncServer
Configuring VNC Server
In CentOS 8, TigerVNC is configured using the systemd daemon.
3 v3 t* I. V5 l  p( e& Q

In this example, we’ll show you how to configure TigerVNC for one or more VNC users.

Use the vncpasswd command to set up the password. Run the command as the user that will access the VNC server, do not use sudo:
4 p6 J( p3 n, p这里配置vnc的密码：   （root）
; g: d' T" a' `  O6 t2 Svncpasswd


You will be prompted to enter and confirm the password and whether to set it as a view-only password. If you choose to set up a view-only password, the user will not be able to interact with the VNC instance with the mouse and the keyboard.
0 a8 M+ V/ o: Y$ J  ^3 c$ j8 ~
The first time the vncpasswd command is run, it will create and store the password file in the user’s ~/.vnc directory.

5 R& ~! Q  f7 `  U$ P. wPassword:
1 p7 K+ M2 C( C; x% n- EVerify:
$ b  w, q2 k$ O# s% IWould you like to enter a view-only password (y/n)? n
A view-only password is not used
6 r. g5 K- x2 z( |; X6 B
# i  t' D2 ?0 y) h- `
* o& K1 o6 x; F- k% a( T* w! ~- XIf you’re adding a second user, switch to it and set the password with vncpasswd.
3 N& H$ ^, d0 X2 n" ]- J- S+ u
The next step is to configure TigerVNC to use Gnome. VNC reads the user configuration settings from the ~/.vnc/config file. Open the file and add the following:

4 R  H* b# O& v$ H7 A2 _0 X#vim ~/.vnc/config
session=gnome
geometry=1920x1200    (or 1280x720)
/ F4 b& v9 ?) Y9 F( u8 `localhost          (这个地方不配置，表示所有的都能访问)
alwaysshared
& s" P3 D! D2 G8 C+ Q4 A' Y
0 @# x+ ~! {5 T7 v$ ~例如：
* e& N/ P; ~0 Q! F1 W7 j- A/ g5 S
$ cat ~/.vnc/config
session=gnome
geometry=1280x720
) }# [5 u5 C( |  Q7 Galwaysshared
$ I' P0 b* h" r1 s6 q, n


8 P9 X4 O; t. D4 t1 b7 SThe session option specifies the session you want to start, and the geometry option specifies the size of the VNC desktop.
! y( |% p0 F( e  g+ N: v: R( V
$ }( D- j6 l5 mSave and close the file . If you’re adding multiple users, repeat the same step.

  H( U& ^5 y6 }; U7 dTigerVNC ships with a file that allows you to map a user to a particular port. The mapping is configured in the /etc/tigervnc/vncserver.users file:

/ r/ H( _+ T  N  u$ C配置vnc的用户：

6 W) n* q. h1 S" l#sudo vim /etc/tigervnc/vncserver.users

The file uses <display_port>=<username> syntax. In the example below, we are mapping display port :1 to user linuxize. Use the same format to add more users.
  k  Q# n* w5 h/ d  y9 M: ~0 D
# @) Q& ~0 Y3 i4 b. ~# TigerVNC User assignment
#
! a9 N7 J8 J% k# This file assigns users to specific VNC display numbers.
  U: q5 w5 H4 X2 O, b# The syntax is <display>=<username>. E.g.:
3 r+ H) m/ ~  W6 X#
# :2=andrew
+ i, A' Q. Z1 A: e- L* b' E# :3=lisa
:1=root
* b1 T: |+ J" P! W& ]; w5 A


& V; W$ U: v3 {9 e+ l' |:1 is the display port number on which the VNC server will run. In our case, the server is running on TCP port 5901 (5900+1). If you map another user, for example, to display port :2, the server will also listen on port 5902 (5900+2).

# H9 X( B) R+ |* e- ^What is important to understand is that when working with VNC servers, :X is a display port that refers to 5900+X.

6 F) c% @" M& q" w% J- w* z8 ?) z! |启动vncserver
9 G8 ?9 z/ ]) U3 p. l- ]0 n8 pStarting the Tigervnc Server
Once you’re done with the configuration, the last step is to start the VNC server.

To start and enable the VNC service for the user mapped to the display port :1, enter:
0 E. i# t! E+ d! A% [9 E- u6 p
3 [) ?6 s* Y" o* g& R. {' i
复制配置文件：

cp /lib/systemd/system/vncserver@.service /lib/systemd/system/vncserver@:1.service
, p4 C3 M! U4 i; y
6 F: t# D9 v) [' V# ^: n1 U启动并加入开机启动：
7 Z: `% f* I; k# S9 I% J! s; c0 Msudo systemctl enable vncserver@:1 --now
; I. w. E- O( }" m9 P+ G0 q# w
! s* o! ]5 m: p2 UThe VNC server will listen on port 5901, as we discussed in the previous section.
1 A$ ^. _. Q3 c
8 X8 ]/ S4 C  P! jYou can verify that the service is successfully started with:


sudo systemctl status vncserver@:1
; _; D4 Z4 M$ e3 ?1 m& ^+ [7 `# B
  I+ E, n. U" b. r● vncserver@:1.service - Remote desktop service (VNC)
   Loaded: loaded (/usr/lib/systemd/system/vncserver@.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2020-12-17 21:49:41 UTC; 8s ago
  ...
9 J9 ~4 X+ v3 R( A
  A$ B7 X$ b1 {1 \To enable VNC for other users, simply replace 1 with the display port mapped to the user.
9 P% B; z  d. J0 N! d* b
# b3 ?4 i# J' O! y* q& E# t7 OConnecting to VNC server
. O' y- M; J$ E8 t# X1 K% nVNC is not an encrypted protocol and can be subject to packet sniffing. The recommended approach is to create an SSH tunnel to securely forward traffic from your local machine on port 5901 to the remote server on the same port.


) U' Y6 @4 [, o' v: SSet Up SSH Tunneling on Linux and macOS
If you run Linux, macOS, or any other Unix-based operating system on your machine, you can easily create a tunnel using the following ssh command:

: ?0 g1 j* c( u# \! J" W0 ]: R1 S4 @ssh -L 5901:10.16.68.5:5901 -N -f -l username remote_server_ip
Copy
You will be prompted to enter the user password.

1 s% @7 G! b% g) q# J, \8 qDo not forget to replace username and server_ip_address with your username and the IP address of your server.
7 i8 S" C# o4 o4 d0 P

admin

然后就可以通港vnc客户端进行访问
" c. }& q! g) c, h+ R或者通过外网telnet ip 5901 这个地址，即可