Tigervnc

TigerVNC is a powerful tool to manage remote machines through a graphical interface using the standard VNC protocol.

Installation

If you only intend to connect using the TigerVNC client, just emerging the packet should be sufficient:

root # emerge net-misc/tigervnc

However if you intend to run TigerVNC on a server, the server use flag should be set. Adding it to package.use is a good idea:

net-misc/tigervnc server

After setting the server use flag, and emerge the package:

root # emerge net-misc/tigervnc

By default, tigervnc listens on any IP address and uses simple password-based authentication. A common and safe approach to address the safety concerns is to use a ssh tunnel and allow TigerVNC only to connect to client requests that originate from the server itself. To listen only on localhost add the -localhost option to the start function of the init script :

fi

            su ${shell} ${user%%:*} -c "source /etc/profile && cd ~${user%%:*} && vncserver :${user##*:} $vnc_opts -localhost" &>/dev/null
      done
      eend $?
}

Client Configuration

Probably the safest way to connect to a remote VNC server with the tigervnc client is to create an appropriate ssh tunnel:

root # ssh -L 5901:127.0.0.1:5901 -N -f -l user www.example.com

SSH will listen on port 5901 of your local machine and forward/receive any data from the remote server as if it was originating from your machine. The same is true for the server: it thinks that the VNC client connecting to it is running on the server and listening on port 5901, while the connection is really coming from a remote host. The commands are exactly the same as a setup that runs a VNC client and server on a local machine.

Check that ssh is running and listening on the right port:

root # netstat -tlpn

You should find a line that looks something like the one below:

tcp        0      0 127.0.0.1:5901          0.0.0.0:*               LISTEN      13309/ssh
tcp6       0      0 ::1:5902                :::*                    LISTEN      13309/ssh

Now, run TigerVNC and type in the address and port you're listening to. In this case, we're listening on our local machine (127.0.0.1) and port :5901, so the line entered in the TigerVNC dialog should be:

127.0.0.1:5901

When you click on Connect, you should be prompted for a password. Enter the password you set on the server side and you should be good to go.

Alternatively, you can launch TigerVNC through the command line:

user $  vncviewer 127.0.0.1:5901

Server Configuration

We'll assume you're running TigerVNC locally and connecting through an SSH tunnel. This is a safer way to run VNC comparable to other options, and also the easiest to setup.

After the initial install, you will need to configure for which users VNC should be available. This is done by editing /etc/conf.d/tigervnc:

DISPLAYS="funtoo:1"

This will tell TigerVNC to start a VNC session for user "funtoo" on the first display, and on port 5900 + displaynumber (in this case, 5900 + 1).

Then, as "funtoo", you need to create the VNC password that will be used to access a VNC session:

user $  vncpasswd

This will create a password file in ~/.vnc/passwd. You also have to create a xstartup file to tell VNC which desktop environment to run. Make sure that you installed the Desktop Environment in question before running VNC. A minimal configuration is displayed below, though more elaborate ones are more common:

#!/bin/sh
/usr/bin/gnome-session & #start a GNOME3 VNC session
#/usr/bin/lxsession -s LXDE & 
#exec /usr/bin/plasmashell & #start a kde-plasma-5 VNC session

Make sure that xstartup is executable:

root # chmod +x ~/.vnc/xstartup

now, start the tigervnc server:

root # service tigervnc start

If you're encountering errors, check ~/.vnc/user-main:1.log for errors. Test that you can connect to the VNC server and if you're successful add tigervnc to the default runlevel:

root # rc-update add tigervnc default

Conclusion

This should be enough to get you started with TigerVNC. Happy hacking!