VNC access to the server console, display :0

This document (000020784) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Desktop 15
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Desktop 12

Situation

Need to use a VNC client to access the server graphic desktop at the console.

This is typically used for support of a user logged into the system so the administrator can view and control what the user is seeing.

It can also be used for general access to the server.  However, since the console can also be viewed and controlled directly, it is not considered a secure method for access, unless the physical machine, or virtual machine console, is protected from other users.  See "Remote Administration (VNC)" in yast2 for standard VNC access.

Resolution

There are two methods for remote console access:

The Xorg vnc module.  Loaded via the Xorg configuration.

The x0vncserver application.

The preferred method is to use x0vncserver (see the Additional Information).  Both methods are described here for reference.

For either method, install the vnc packages, if not already installed.  Be sure to accept the installation any required dependencies.

For SLE 15:
# zypper in xorg-x11-Xvnc xorg-x11-Xvnc-module
For SLE 12:
# zypper in xorg-x11-Xvnc

*** Note ***
The following instructions assume there is no /etc/X11/xorg.conf file being used.  With SLE 12 and up, this file is normally no longer used, or at least discouraged.  All Xorg configuration should reside under the directory "/etc/X11/xorg.conf.d/".


VNC to console via the Xorg vnc module on SLE 15

1.  Edit the Xorg conf file to load the vnc module.

# vi /etc/X11/xorg.conf.d/10-libvnc.conf
Uncomment the appropriate lines and change the PasswordFile to "/var/lib/gdm/.vnc/passwd".  It should look similar to this:
====================
Section "Module"
    Load "vnc"
EndSection

Section "Screen"
    Identifier "Screen0"
    Option "SecurityTypes" "VncAuth"
    Option "PasswordFile" "/var/lib/gdm/.vnc/passwd"
EndSection

====================

2.  As root generate the passwd file and copy to gdm's home directory.

# vncpasswd
Enter the password, and skip the read-only password unless desired.

Copy root's .vnc file to the gdm home directory:

# cp -R /root/.vnc/ /var/lib/gdm/

3.  Modify the gdm display manager configuration.

When the gdm login screen is displayed, it is on display :0, however, when gdm launches Gnome, the display changes to :1.  This causes the VNC client to get a black screen.  The following file must be modified to correct the problem.

The entire file is displayed below.  Add only the two lines under ### NOTE...

# vi /usr/lib/X11/displaymanagers/gdm
====================
gdm_vars() {
    case "${DISPLAYMANAGER##*/}" in
        gdm|GDM|Gnome|GNOME)
            RELOADSIGNAL="-USR1"
            DISPLAYMANAGER=/usr/sbin/gdm
            PIDFILE=/run/gdm/gdm.pid

            # let gdm run the Xserver as root if access to /dev/fb*
            # is required (bsc#1075805)
            # The GDM_DISABLE_USER_DISPLAY_SERVER variable is added by patch
            # gdm-add-runtime-option-to-disable-starting-X-server-as-u.patch
            if [ ! -c /dev/dri/card0 -a \
                 ! -c /dev/nvidiactl ]; then
                export GDM_DISABLE_USER_DISPLAY_SERVER=1
            fi
### NOTE Only the following 2 lines need to be added (everything else is standard) ###
            # Setting for VNC access via Xorg
                export GDM_DISABLE_USER_DISPLAY_SERVER=1

            return 0 ;;
       *) return 1 ;;
    esac

    return 1
}

====================

4.  Reboot the server or restart the display manager (systemctl restart display-manager).

5.  Access from the VNC client to display :0 or port 5900.


VNC to console via the Xorg vnc module on SLE 12

1.  Edit the Xorg conf file to load the vnc module.

# vi /etc/X11/xorg.conf.d/10-libvnc.conf
Uncomment the appropriate lines.  It should look similar to this:
====================
Section "Module"
    Load "vnc"
EndSection

Section "Screen"
    Identifier "Screen0
    Option "SecurityTypes" "VncAuth"
    Option "PasswordFile" "/root/.vnc/passwd"
EndSection

====================

2.  As root generate the passwd file.

# vncpasswd
Enter the password, and skip the read-only password unless desired.

3.  Reboot the server or restart the display manager (systemctl restart display-manager).

4.  Access from the VNC client to display :0 or port 5900.



VNC to console via x0vncserver on SLE 15 and SLE 12

1.  Generate the vnc passwd file for  the user.

While logged in as the target user run:

vncpasswd
Enter the password for access and skip the read-only password, unless desired.

2.  Create a .desktop file to launch x0vncserver.

*** Note***
Replace /home/user-name/ path in the following examples with the correct home directory location for the user.  If this file is created by root, be sure to change the ownership to the user it is being created for.  The user must have read and execute access to this file.

*** Note ***
The following is for SLE 15.  SLE 12 requires a change to the end of the Exec line.  Change "-display" to :0

vi /home/user-name/.config/autostart/x0vncserver.desktop
Add the following content to the file:

[Desktop Entry]
Name=x0vncserver
Comment=Remote access for display :0
Exec=x0vncserver -passwordfile /home/user-name/.vnc/passwd -display :1
Terminal=false
Type=Application
StartupNotify=true


3.  Add the executable permission to the new file:

chmod +x /home/user-name/.config/autostart/x0vncserver.desktop

4.  Logout and back in as the user for the autostart file to be executed.

5.  Access from the VNC client to display :0 or port 5900.
 

Additional Information

Either method described above can be used, but with the release of SLE 15 SP4 the Xorg conf file for loading the vnc module is no longer being provided.  Running the module within Xorg causes a significant performance hit for both the console and for VNC access.  It is also prone to other various issues. This is why the preferred method is to use x0vncserver.

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:000020784
  • Creation Date: 02-Dec-2022
  • Modified Date:02-Dec-2022
    • SUSE Linux Enterprise Desktop
    • SUSE Linux Enterprise Server

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.


SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center