0

I had a Linux (Debian 9) VM running inside the GCP, I can ssh to it via PuTTY. Now I want to use VNC to connect it and failed.

The following steps are what I did so far.

  1. I tried to follow the article (https://linuxize.com/post/how-to-install-and-configure-vnc-on-debian-9/) to set up a vnc server and it looks good.

       clin4@chen-k8s-master:~$ sudo systemctl status vncserver@1.service

   vncserver@1.service - Remote desktop service (VNC)
   Loaded: loaded (/etc/systemd/system/vncserver@.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2020-04-03 00:41:24 UTC; 17h ago
  Process: 734 ExecStartPre=/bin/sh -c /usr/bin/vncserver -kill :1 > /dev/null 2>&1 || : (code=exited, status=0/SUCCESS)
 Main PID: 956 (vncserver)
    Tasks: 0 (limit: 4915)
   CGroup: /system.slice/system-vncserver.slice/vncserver@1.service
           ‣ 956 /usr/bin/perl /usr/bin/vncserver :1 -geometry 1440x900 -alwaysshared -fg
Apr 03 00:41:23 chen-k8s-master systemd[1]: Starting Remote desktop service (VNC)...
Apr 03 00:41:23 chen-k8s-master systemd[734]: pam_unix(login:session): session opened for user clin4 by (uid=0)
Apr 03 00:41:24 chen-k8s-master systemd[1]: Started Remote desktop service (VNC).
Apr 03 00:41:25 chen-k8s-master systemd[956]: pam_unix(login:session): session opened for user clin4 by (uid=0)

  2. I open the port 5901 (5901-5910) via firewalld

    clin4@chen-k8s-master:~$ sudo firewall-cmd --list-all
public
  target: default
  icmp-block-inversion: no
  interfaces: 
  sources: 
  services: ssh dhcpv6-client
  ports: 443/tcp 6443/tcp 2379-2380/tcp 10250/tcp 10251/tcp 10252/tcp 10255/tcp 6783/tcp 30000-32767/tcp 5901-5910/tcp
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules:

  3. Use netstat to check

    clin4@chen-k8s-master:~$ sudo netstat -tulpn | grep LISTEN
tcp        0      0 127.0.0.1:5901          0.0.0.0:*               LISTEN      1003/Xtigervnc
tcp6       0      0 ::1:5901                :::*                    LISTEN      1003/Xtigervnc

  4. Create a firewall rule in the GCP, tags mapping on tcp:5901, and the VM has this tag.

    remote-access Ingress remote-access IP ranges: 0.0.0.0/0 tcp:6443,3389,5900-5910 Allow 1000

  5. Try to use Chrome VNC viewer to connect to the VM public IP with port 5901 and got the error message "Cannot establish connection. Are you sure you have entered the correct network address, and port number if necessary?"

What did I miss?

mkrieger1
  • 19,194
  • 5
  • 54
  • 65
chen lin
  • 125
  • 7
  • What desktop did you configure? – John Hanley Apr 03 '20 at 18:27
  • @JohnHanley, I followed the article I mentioned, Xfce is installed as the desktop. – chen lin Apr 03 '20 at 18:33
  • Questions need to be self-contained. Link break, etc. Put everything in your question. Your configuration looks correct. Try disabling the Debian firewall and retest. – John Hanley Apr 03 '20 at 18:35
  • 2
    I think your Xtigervnc is only listening to localhost 127.0.0.1, not public IP. – Hitobat Apr 03 '20 at 19:44
  • Thanks help from both of you. Yes I just notice the Xtigervnc only listen to the localhost, not public ip by default. After I add the $localhost = "no" in the vnc config and restart, it works now. @Hitobat – chen lin Apr 03 '20 at 21:28

0 Answers0