VNC over SSH (from Windows system to Linux system)

On Linux system (far_away_computer you want to connect to):

Programs needed:


OpenSSH package: (openssh-5.3p1.tar.gz) contains:

ssh (replaces rlogin and telnet)
scp (replaces rcp)
sftp (replaces ftp)
sshd (the SSH server side of the package)


The TightVNC package (tightvnc-1.3.10_unixsrc.tar.gz or tightvnc-1.3.10_unixsrc.tar.bz2) contains five programs:


Each program found in the distribution of TightVNC for Unix has a corresponding manual page.


I won't go into detail about OpenSSH or TightVNC setup. You probably already have OpenSSH installed and running and there might be a pre-compiled TightVNC package for your distro.
Anyway, the program suites are available as tarballs.

OpenSSH download


TightVNC download


How to use the programs:


Make sure sshd is running by executing the command:

lsof -i

check for sshd processes, should be two of them. Otherwise, start sshd:


To stop sshd:

killall sshd

sshd config file: ssh_config


vncpassword - set VNC password. (Run this to set a VNC password for your Linux server user account. You only have to run this once per account.)

vncserver - Starts Xvnc. (The TightVNC server.)

On Windows system (local_computer you're connecting from):

Program needed:

TightVNC for Windows


Download and install TightVNC for Windows. Skip configuration of the TightVNC server and shut it down. TightVNC is by default installed as a service and the TightVNC server is by the installer set to start automatically when Windows starts. To disable the service and stop the TightVNC server from starting automatically, run msconfig and use System Configuration utility. In Services tab, deselect the TightVNC service and in Startup tab, deselect tvnserver. Click Apply and OK. The TightVNC server service and server won't start automatically after you've rebooted your computer.

Download putty.exe from: www.putty.nl - PuTTY Download Page

Start PuTTY by running putty.exe (no installation required).

Configure PuTTY:

In the left pane, Category, click Session.

Host Name (or IP address): IP address to Linux server (far_away_computer)
In this tutorial the Linux server (far_away_computer) IP address is
Port: 22
Connection type: SSH

Name the session and click the Save button.

In the left pane, Category, expand The Connection > SSH category (click the plus sign in front of the SSH category).
Then click on Tunnels.

Source port: 5901
Destination: localhost:5901

Click the Add button.

In the SSH category, click on X11

X display location: localhost:1

In the left pane, Category, click Session.
In the Load, save or delete a stored session section, click the Save button.

Click Open button to start a SSH session. Type in your Linux server user account username and password to log in and to establish a SSH tunnel.

Start TightVNC viewer.
In the Remote Host: input field, type localhost::5901 and click the Connect button.

In the authentication window that opens, type in the TightVNC server password.

Do your stuff.

When done, close the TightVNC window and execute the command:


in the SSH session window to exit the session and to close the window.

If you're running the Xvnc server behind some kind of hardware firewall or some other strict filtering device or application, you might need to open up port 22 for inbound network traffic. This is not recommended though, unless you know what you're doing. If you feel insecure, the preferred method is to run the Xvnc server on a computer outside of the LAN you want to keep secure.