This document is from my notepad and a real-world implementation of the document(s) found at Archlinux Wiki - TigerVNC.
VNC is a protocol where you use your keyboard/mouse/screen to monitor or control a remote system.
VNC is per definition insecure
Opening a VNC service onto insecure networks like the internet, public libraries, internet cafès etc. may lead to information leaking and/or attempts to take control of your system.
This topic will only expose VNC to the localhost and use a secure connection using SSH.
For guidance with SSH - see [root tip] [How To] Set up your own SSH service.
The added benefit of using SSH is that you can easily adapt this example to target any remote server without sacrificing security.
Multiple X sessions for a single user are not supported
– TigerVNC - ArchWiki
This effectively means - if you are logged onto the physical display
:0 then you cannot connect a vnc session. If you try to do so, using the same username, a black screen or system lockup will be the likely result.
In that regard it works like Microsoft RDP which logout the physical session when you initiate a remote connection and vice-versa.
On the system to be controlled install package
Create a password for your login
Replace the phrase
$USERNAME with the username of the actual user you want to configure.
List the available sessions
Create the file
/home/$USERNAME/.vnc/config with content (replace $SESSION according to your installation e.g. openbox or lxqt).
session=$SESSION geometry=1280x720 localhost dpi=96
Allow user on specific display
/etc/tigervnc/vncserver.users and append e.g.
:4 - which in turn will correspond to port 5904 - replace $USERNAME with the user you just created the password for.
Start a vncserver at the selected display
systemctl enable vncserver@:4
Logout or restart the device
Install the package
Connect to target system
SSH provides a secure channel and using key based authentication is the recommended method.
Open a ssh connection using port mapping
ssh $USERNAME@ip.x.y.z -L 9904:localhost:5904
Then launch the VNC viewer and input the following connection details and click connect
Input the password created earlier (ignore the warning as we are using an encrypted connection) and you will see the remote system - which could just be a Raspberry Pi sitting next to you on the desk.