ANY vnc server in kde with sddm

I have been trying for a few weeks to get a vnc server running on my desktop but whatever I do, there is something not working.

I tried with tigervnc first. TigerVNC - ArchWiki
IIRC I ONLY ran this (arch wiki) first and actually got it to work (I connected and got to the sddm login screen, sharing the screen with my actual monitor), but I cant remember HOW, because after I did that I followed this Install VNC on Manjaro for Remote Access and that screwed everything up. Sure, I can log in with a vlc client, but when I try to physically log in to my computer, the loading screen freezes and I have to disable the vncserver service and reboot my computer.

I’m trying to understand what screen means? Screen 0 is referenced multiple times but why??? Isn’t the monitor I use screen 1?

I then gave up and tried to get x11vnc to work. X11vnc - ArchWiki
I works if I’m already logged in to my physical computer, otherwise it refuses to start with either x11vnc -display :0 -auth $(find /var/run/sddm/ -type f) or changing /usr/share/sddm/scripts/Xsetup as mentioned in the wiki.
Heck, I even ran the actual find command and then used the generated directory to try to get it to work, but it refuses.

I have seen people reference “realvnc” but isn’t that an arm based program?

What I want to accomplish is, when I’m from home, connect to my openvpn server, use wake on lan and then use a vnc viewer to access my computer. I know I have to figure out some bridging or something with my vpnserver, so this far, I’m just trying to get ANY vncserver working and connect to it over local network, but I seem to have walked into a wall.

I really like the idea of starting x11vnc in ssh and THEN connecting, but as I said, if I’m not already physically logged in to my computer, x11vnc refuses to run. -auth guess also doesn’t work.

Please help, ANY vlc server will do.

A working recipe can be found here [root tip] [How To] TigerVNC over SSH

No - it works for x86 as well - but it is proprietary while tigervnc is not.

There is a lot of implementation of the Virtual Network Computing protocol.

As you probably missed, this is the link I referenced to in my post that “screwed everything up” so no, that tutorial does NOT help me.

Edit, no its, not the link I’m referencing, but I have tried that too (IIRC its referenced within the link I used). changing the user to use screen 2, it still freezes my physical login screen on my computer. :frowning:

If you did link to it - I would have noticed - but you have not.

display or screen refers to the virtual screen or display.

When you use screen 0 or screen 1 with KDE you will get problems

yeah, my bad, but I have tried that too, I edited my above answer but its prob better to reply here. I tried changing the :1=USERNAME to :2=USERNAME but if I do that, the computer freezes when I try to log in physically.

If you want logs I can do that, but tbh I have probably rebooted my computer 50 times already with the same result.

But PRIMARELY I would prefer x11vnc if anybody know how to get that to work without logging in physically first with sddm/plasma

If you login over ssh you are already authenticated and you need not reference sddm.

Then you use port mapping to map a local port to remote port.

The display or screen number corresponds to the vnc port number e.g. 5903 which is screen/display 3.

Why do you have a preference for x11vnc?

Is it because is sounds nice to have the physical display in realtime?

I think this is why you are having issues.

Better use tigervnc which creates a headless session - also because it is easier to get running.

Initially I played around with x11vnc but it was a pain getting it to play ball - much easier with tigervnc.

I’ll do a complete sweep of all installed program connected to vnc, reinstall and try ONLY following your link once more. :smiley:

The reason I like x11vlc is because I will VERY rarely use it (probably once a year maximum), and having a service running in the background just seems very unnecessary…? And having a constant vnc server running, even though its probably secure, is yet another security hole?
Doing one step extra (starting an ssh session) is not a problem for me.

That depends - the one yearly connection - is that a remote connection?

If yes - you can simply enable the service before leaving - and yes it is secure if you use the ssh approach with keyfile access.

On your viewer system - create an ssh-key - give it a convenient name

 $ ssh-keygen -b 2048 -t ed25519 -f ~/.ssh/vnc-ssh.key

Make sure the sshd service is running on the remote system - then copy the key to the system you want to view and control

 $ ssh-copy-id -i ~/.ssh/vnc-ssh.key username@172.30.30.107

Test the key

 $ ssh user@x.y.z.ip -i ~/.ssh/vnc-ssh.key
Last login: Tue Apr 11 11:00:02 2023 from x.y.z.ip

While on the system you want to control - create a vncpassword - you can create a different password than the user pasword - it is only used by VNC

 $ vncpasswd
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
A view-only password is not used

List your available sessions

 $ ls /usr/share/xsessions
plasma.desktop

Edit the users ~/.vnc/config file

 $ micro .vnc/config

In this case the system runs plasma - so session is plasma

session=plasma
geometry=1280x720
localhost
dpi=96

Edit the service user configuration file /etc/tigervnc/vncserver.users

 $ sudo micro /etc/tigervnc/vncserver.users

Since this is plasma and plasma uses systemd - the first two screens will be occupied by the greeter and the session

# TigerVNC User assignment
#
# This file assigns users to specific VNC display numbers.
# The syntax is <display>=<username>. E.g.:
#
# :2=andrew
# :3=lisa

:4=username

Enable the service and restart the system

 $ systemctl enable vncserver@:4
Created symlink /etc/systemd/system/multi-user.target.wants/vncserver@:4.service → /usr/lib/systemd/system/vncserver@.service.

On the system (where you created the ssh-keyfile - your workstation) connect to the system using ssh and supply the identify file to be used - and specify the port mapping between your system and the remote system

ssh username@x.y.z.ip -i ~/.ssh/vnc-ssh.key -L 9904:localhost:5904

Then launch the vnc viewer and input

localhost 9904
Result

1 Like

Well, that assumes I KNOW I will be using/needing it witch is NEVER the case. Witch then leaves ALWAYS having it running, and I would prefer not. I’m not even sure I can just sudo systemctrl start the tigervnc and connect? As I understand it I have to reboot as well for it to work? So, connect vpn > connect ssh > enable service > reboot > reconnect ssh > connect vlc. Yeah, no, that is not the way I want to go. If I have to use tigervnc, it will have to constantly run in the background.

I played around with x11vnc a little more.

If I run x11vnc -create i creates a connection point that I can connect to, but as soon as it connects the connection is dropped again, presumibly by x11vnc im running in the ssh terminal.
Anybody know if there is an easy fix for this? I haven’t dove that deep into the x11vnc(1) - Linux man page
There is probably a security check I’m failing when connecting or something. Maybe I have to disable automatic shutdown of the program or smthn.
Any input on this?

As I said, I’ll look into tigervnc again only following your link, but since I have to reboot every time, and if it doesn’t work I have to sit there with my bad eyesight on my android phone trying to edit files with 6px size fonts, it’s REALLY tedious and tiresome.

Edit. > linux-aarhus

On your viewer system - create an ssh-key - give it a convenient name

I wrote this before seeing your latest post. Thank you so much for taking your time helping me, I really appreciate it and will deep dive into what you are typing. I think I have tried everything except creating a key, I was going to do that further down the line after deciding what to use. But still THANK YOU! <3

Where did you get that idea from? - it is only after installation I recommend reboot - simply because you may have other system update when installing tigervnc?

If you leave the sshd service running - then you can ssh to the system - (specify portmapping) - then start the service and launch the viewer

When you are done you can shutdown the vncserver and close the ssh connection.

Since VNC is not secure - it is recommended to always use an encrypted tunnel like ssh.

Are you saying a daemon-reload and then a restart of the service is enough? Fk my life… xD
I have a lot testing to do with this now.

THIS!!! I think this is the culprit, you also mentioned this earlier, I have only tried 1 and 2, so I will try 3 (or 4 as you suggest) now!

I have been fiddling a bit with this - and it appears that plasma handles things differently from more basic systems like lxqt.

On my test system I cannot have two sessions running - perhaps a matter of system spec Intel Celeron J3455 using 8G ram - I don’t know.

If I don’t login on the target system - I can connect using ssh and create a vnc session using the viewer.

If I login - the whole #! is hung …

So with this system - I cannot have the service to run at boot - as my test system will hang on loading the desktop - it seems like plasma is communicating status to the display manager.

I need to observe

  • not logged in on the target desktop
  • explicitly start the service after connecting using ssh
systemctl start vncserver@:4

Then when done

systemctl stop vncserver@:4
1 Like

Well, it’s the same behavior I get, both by using screen 1 or 4.
The computer is not actually frozen, its the login that fails somehow if I have the vncserver service running so I can disable the service in ssh and then login if I come to that situation.

Since I was open to using x11vnc by running it in an ssh shell I might as well make my own script that starts vnc and then waits for my input, or ctrl-c or smthn and then stop the service.

Now I just have to figure out how to route the traffic so the vnc becomes available when connecting through my vpn server, but the ssh username@x.y.z.ip -i ~/.ssh/vnc-ssh.key -L 9904:localhost:5904 might be used for that, or porting it through the android ssh app or smthn because bridging in the vpnserver seems to be just as weird as this (another project I got going on for me). I’ll figure it out… in a few years or so. xD

I played some again - I found a method to ensure the display manager doesn’t get in the way

I still don’t know why there is this faf with plasma and vnc - but know it is so - helps in constructing an approach to get is into a usable state.

The steps are

  1. connect using ssh with port redirection -L 9904:localhost:5904
  2. stop the remote display manager - sudo systemctl stop sddm
  3. launch the vnc viewer
  4. when done close then vnc window
  5. start the remote display manager - sudo systemctl start sddm
  6. close the ssh connection

I have an even neater solution if one wants.

  1. install vncserver
  2. run vncpasswd
  3. edit ~/.vnc/config
session=plasma
geometry=1920x1080
#geometry=1280x720
#localhost
#dpi=96
#alwaysshared
  1. edit/create /etc/systemd/system/x0vncserver.service (TigerVNC systemd service using sddm on kde plasma · GitHub)
[Unit]
Description=Remote desktop service (VNC) for :0 display
Requires=display-manager.service
After=network-online.target
After=display-manager.service

[Service]
Type=simple
ExecStartPre=/usr/bin/bash -c "/usr/bin/systemctl set-environment XAUTHORITY=$(find /var/run/sddm/ -type f)"
#Environment=HOME=/root
Environment=HOME=/home/yourusername
#Environment=XAUTHORITY=/var/run/sddm/:0
ExecStart=x0vncserver -display :0 -rfbauth /home/yourusername/.vnc/passwd
Restart=on-failure
RestartSec=500ms

[Install]
WantedBy=multi-user.target
  1. sudo systemctl start x0vncserver.service
  2. sudo systemctl enable x0vncserver.service
  3. sudo systemctl status x0vncserver.service
â—Ź x0vncserver.service - Remote desktop service (VNC) for :0 display
     Loaded: loaded (/etc/systemd/system/x0vncserver.service; enabled; preset: disabled)
     Active: active (running) since Wed 2023-04-12 22:12:00 CEST; 7min ago
    Process: 1160 ExecStartPre=/usr/bin/bash -c /usr/bin/systemctl set-environment XAUTHORITY=$(find /var/run/sddm/ -type f) (code=exited, status=0/SUCCESS)
   Main PID: 1165 (x0vncserver)
      Tasks: 1 (limit: 37455)
     Memory: 3.3M
        CPU: 62ms
     CGroup: /system.slice/x0vncserver.service
             └─1165 x0vncserver -display :0 -rfbauth /home/yourusername/.vnc/passwd

Apr 12 22:22:02 Manjaro systemd[1]: Starting Remote desktop service (VNC) for :0 display...
Apr 12 22:22:02 Manjaro systemd[1]: Started Remote desktop service (VNC) for :0 display.
Apr 12 22:22:02 Manjaro x0vncserver[4647]: Wed Apr 12 22:22:02 2023
Apr 12 22:22:02 Manjaro x0vncserver[4647]:  Geometry:    Desktop geometry is set to 1920x1080+0+0
Apr 12 22:22:02 Manjaro x0vncserver[4647]:  XDesktop:    Using evdev codemap
Apr 12 22:22:02 Manjaro x0vncserver[4647]:  XDesktop:
Apr 12 22:22:02 Manjaro x0vncserver[4647]:  XDesktop:    XTest extension present - version 2.2
Apr 12 22:22:02 Manjaro x0vncserver[4647]:  Main:        Listening for VNC connections on all interface(s), port 5900
  1. Connect with your fav vnc-viewer to your.ip.number.here::5900
  2. Enjoy.

With this, you can boot the computer and access with a vnc-viewer getting the sddm login screen. You will take over the session at your computer so if you are already logged in, your vnc-viewer will log in to exactly that, while you still can control your computer physically ofc, you just see what the vnc session is doing live on the screen.
Naturally you can have it sleeping just like we discussed earlier, connecting with ssh, enabling the service, vnc:ing and then disabling the service again.
But this is the only way I found not interfering with your ability to log in physically to your computer while having vncserver running simultaniously.

2 Likes

That is great - thank your for sharing this

:100:

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.