VNC and SSH Port Fowarding

To run graphical applications on ARSC systems remotely, the Virtual Network Computing (VNC) application is available and provides some advantages beyond using X Windows over SSH, such as a detachable session. This article provides basic set up information required for this approach.

***Important Note: Please follow all of these steps with each new VNC session.***

Step 1: Install VNC on your local system

There are many different VNC viewer programs available with unique interfaces and features. The application installed on ARSC systems is TigerVNC

After installing the software, make sure ports 5900 and 5901 are open to allow VNC traffic through your local firewall.

Step 2: Connect to the ARSC system and start the VNC server

Log onto the ARSC system over SSH and specify the appropriate ports for VNC client (your local system) and server (remote ARSC system) communication.  

Launch a VNC server instance on the remote ARSC system.  The initial vncserver instance will prompt you for a password to protect your session.

localsystem $ ssh -L 5901:localhost:5901

pacman13 % vncserver -localhost

You will require a password to access your desktops.


New 'pacman13:1 (username)' desktop is pacman13:1

Creating default startup script /u1/uaf/username/.vnc/xstartup
Starting applications specified in /u1/uaf/username/.vnc/xstartup
Log file is /u1/uaf/username/.vnc/pacman13:1.log

Step 3: Open VNC on your local system

Launch your VNC viewer program and connect to host "localhost" and port 5901.  The example below shows how to launch the client using TigerVNC.

localsystem $ vncviewer localhost:5901 

If you are using the TigerVNC GUI, enter "localhost:5901" into the "VNC server:" box then click the "Connect" button.  You will then be prompted for the password created in Step 2.  If your local VNC client connects successfully, you will then see your desktop on the remote pacman login node.

Your circumstances might require the use of different ports due to firewall issues or if you are running more than one VNC server session on the remote system. (Other people on the system might be running their own sessions as well and occupying the ports.) If this is the case, you may need to specify port 5902 or 5903.

To determine whether the VNC viewer has successfully connected, check the log file noted when the vncserver was started on the remote system.

After starting the server, the options exists to log out and back in again using different port forwarding parameters.

Note that some VNC viewer programs can automatically set up the SSH port forwarding through a command-line flag such as "-via" or some option in a graphical configuration menu.

Step 4: When finished, close the VNC session

To close your VNC session, view the open sessions then close the appropriate open session on the remote ARSC system.

pacman13 % vncserver -list

TigerVNC server sessions:

:1                    252550

pacman13 % vncserver -kill :1


Orphaned Session

If a previous VNC session remains open on the remote ARSC system, that old session will need to be closed prior to establishing a new connection using the same port.  To identify and kill the old session first obtain the processID of the "Xnvc" process, then issue the kill command.

pacman13 % ps -elf | grep username | grep Xvnc

0 S username    236193      1  0  80   0 - 24842 poll_s Nov09 ?        
        00:00:10 /usr/bin/Xvnc :1 -desktop pacman13:1 (username) 
        -auth /u1/uaf/username/.Xauthority -geometry 1024x768 
        -rfbwait 30000 -rfbauth /u1/uaf/username/.vnc/passwd 
        -rfbport 5901 -fp catalogue:/etc/X11/fontpath.d -pn -localhost

pacman13 % kill 236193

Reset Server Password

To change the password for vnc server, run the 'vncpasswd' command on the system hosting the vnc server.  The manual page for this command is available online at

More Information

Run "vncserver --help" and "man vncserver" for more information on how to use the application.

Back to Top