Never Ending Security

It starts all here

Tag Archives: VNC

How To VNC Through SSH Tunnel on Linux


VNC, or “Virtual Network Computing”, is a connection system that allows you to use your keyboard and mouse to interact with a graphical desktop environment on a remote server. VNC makes managing files, software, and settings on a remote server easier for users who are not yet comfortable with working with the command line.

In this guide, we will be setting up VNC on an Ubuntu server and connecting to it securely through an SSH tunnel. The VNC server we will be using is TightVNC, a fast and lightweight remote control package. This choice will ensure that our VNC connection will be smooth and stable even on slower Internet connections.

How to VNC Through SSH Tunnel: Prerequisites

Before you begin with this guide, there are a few steps that need to be completed first.

You will need an Ubuntu server installed and configured with a non-root user that has sudo privileges.

Once you have your non-root user, you can use it to SSH into your Ubuntu server and continue with the installation of your VNC server.

Install Desktop Environment and VNC Server

By default, most Linux server installations will not come with a graphical desktop environment. If this is the case, we’ll need to begin by installing one that we can work with. In this example, we will install XFCE4, which is very lightweight while still being familiar to most users.

We can get the XFCE packages, along with the package for TightVNC, directly from Ubuntu’s software repositories using apt:

sudo apt-get update
sudo apt-get install xfce4 xfce4-goodies tightvncserver

To complete the VNC server’s initial configuration, use the vncserver command to set up a secure password:


(After you set up your access password, you will be asked if you would like to enter a view-only password. Users who log in with the view-only password will not be able to control the VNC instance with their mouse or keyboard. This is a helpful option if you want to demonstrate something to other people using your VNC server.)

vncserver completes the installation of VNC by creating default configuration files and connection information for our server to use. With these packages installed, you are ready to configure your VNC server and graphical desktop.

Configure VNC Server

First, we need to tell our VNC server what commands to perform when it starts up. These commands are located in a configuration file called xstartup. Our VNC server has an xstartup file preloaded already, but we need to use some different commands for our XFCE desktop.

When VNC is first set up, it launches a default server instance on port 5901. This port is called a display port, and is referred to by VNC as :1. VNC can launch multiple instances on other display ports, like:2, :3, etc. When working with VNC servers, remember that :X is a display port that refers to5900+X.

Since we are going to be changing how our VNC servers are configured, we’ll need to first stop the VNC server instance that is running on port 5901:

vncserver -kill :1

Before we begin configuring our new xstartup file, let’s back up the original in case we need it later:

mv ~/.vnc/xstartup ~/.vnc/xstartup.bak

Now we can open a new xstartup file with nano:

nano ~/.vnc/xstartup

Insert these commands into the file so that they are performed automatically whenever you start or restart your VNC server:

xrdb $HOME/.Xresources
startxfce4 &

The first command in the file, xrdb $HOME/.Xresources, tells VNC’s GUI framework to read the server user’s.Xresources file. .Xresources is where a user can make changes to certain settings of the graphical desktop, like terminal colors, cursor themes, and font rendering.

The second command simply tells the server to launch XFCE, which is where you will find all of the graphical software that you need to comfortably manage your server.

To ensure that the VNC server will be able to use this new startup file properly, we’ll need to grant executable privileges to it:

sudo chmod +x ~/.vnc/xstartup

Create a VNC Service File

To easily control our new VNC server, we should set it up as an Ubuntu service. This will allow us to start, stop, and restart our VNC server as needed.

First, open a new service file in /etc/init.d with nano:

sudo nano /etc/init.d/vncserver

The first block of data will be where we declare some common settings that VNC will be referring to a lot, like our username and the display resolution.

export USER="user"
OPTIONS="-depth ${DEPTH} -geometry ${GEOMETRY} :${DISPLAY} -localhost"
. /lib/lsb/init-functions

Be sure to replace user with the non-root user that you have set up, and change 1024x768 if you want to use another screen resolution for your virtual display.

Next, we can start inserting the command instructions that will allow us to manage the new service. The following block binds the command needed to start a VNC server, and feedback that it is being started, to the command keyword start.

case "$1" in
log_action_begin_msg "Starting vncserver for user '${USER}' on localhost:${DISPLAY}"
su ${USER} -c "/usr/bin/vncserver ${OPTIONS}"

The next block creates the command keyword stop, which will immediately kill an existing VNC server instance.

log_action_begin_msg "Stopping vncserver for user '${USER}' on localhost:${DISPLAY}"
su ${USER} -c "/usr/bin/vncserver -kill :${DISPLAY}"

The final block is for the command keyword restart, which is simply the two previous commands (stop andstart) combined into one command.

$0 stop
$0 start
exit 0

Once all of those blocks are in your service script, you can save and close that file. Make this service script executable, so that you can use the commands that you just set up:

sudo chmod +x /etc/init.d/vncserver

Now try using the service and command to start a new VNC server instance:

sudo service vncserver start

Connect to Your VNC Desktop

To test your VNC server, you’ll need to use a client that supports VNC connections over SSH tunnels. If you are using Windows, you could use TightVNC, RealVNC, or UltraVNC. Mac OS X users can use the built-in Screen Sharing, or can use a cross-platform app like RealVNC.

First, we need to create an SSH connection on your local computer that securely forwards to thelocalhostconnection for VNC. You can do this via the terminal on Linux or OS X via the following command:

(Remember to replace user and server_ip_address with the username and IP you used to connect to your server via SSH.)

ssh -L 5901: -N -f -l user server_ip_address

If you are using a graphical SSH client, like PuTTY, use server_ip_address as the connection IP, and setlocalhost:5901 as a new forwarded port in the program’s SSH tunnel settings.

Next, you can use your VNC viewer to connect to the VNC server at localhost:5901. Make sure you don’t forget that :5901 at the end, as that is the only port that the VNC instance is accessible from.

Once you are connected, you should see the default XFCE desktop ready for configuration and use! It should look something like this:


Once you have verified that the VNC connection is working, add your VNC service to the default services, so that it will automatically start whenever you boot your server:

sudo update-rc.d vncserver defaults

Take secret screenshots of the web-browser and/or virtualbox guest os directly from the command line in Linux

There are many instances when you want to take the screenshot of a webpage from within a php script or the command line. On ubuntu there are several ways to do it and most of them produce a webkit , gecko or khtml rendered screenshot image.

Some of the methods require X session to open a window and take screenshots. So VNC can be used to run in on servers for example.

1. wkhtmltopdf

wkhtmltopdf is a command line utility that converts html to pdf using webkit rendering engine.

Url :

Install :

sudo apt-get install wkhtmltopdf

Usage :

The usage is very simple. Just run the command providing the url and name of the pdf file.

$ wkhtmltopdf google.pdf
Loading page (1/2)
Printing pages (2/2)

This will create the google.pdf file in the home directory.

2. wkhtmltoimage

The wkhtmltoimage utility shall take the screenshot of a given url, and save it as a png image. It uses the webkit rendering engine.

Url :

Docs :

Download :
Extract the archive.

Usage :

To use the wkthmltoimage utility simple run the command from terminal, giving the url and the name for the image file.

$ ./wkhtmltoimage-amd64 google.png

It will create google.png in home directory with the screenshot of

Other options :

wkhtmltoimage provides many options to customise the screenshot. Some examples are as follows :

Quality – Controls the quality/compression of the generation image. Default is 94

$ ./wkhtmltoimage-amd64 --quality 50 google.png

Disable images

$ ./wkhtmltoimage-amd64 --no-images google.png

Disable javascript

$ ./wkhtmltoimage-amd64 --disable-javascript google.png

Crop the screenshot

$ ./wkhtmltoimage-amd64 --crop-h 300 --crop-w 300 --crop-x 0 --crop-y 0 google.png

Advantages :
1. Can automatically determine the height of the page to take full page screenshots unlike most other utilities.

Disadvantages :
1. Fails many times due to unknown reasons with an error saying “Painter not active”.
2. Cannot render cufon fonts and flash animations. Sometimes it even fails in jquery animations which take long time to load.

3. cutycapt

Cutycapt is a utility to take the screenshot of a url, using the webkit rendering engine and save it to an image file.



sudo apt-get install subversion libqt4-webkit libqt4-dev g++ cutycapt

To use cutycapt, simply run the command from the terminal, providing the url and the name for the output file.

$ cutycapt --url= --out=google.png

It will create google.png file in home directory which would have the screenshot of

4. khtml2png

khtml2png uses the konqueror rendering engine to create screenshots of web pages.



To install khtml2png, the program has to be compiled and build on the system.

1. sudo apt-get install kdelibs4-dev zlib1g-dev g++ cmake
2. Extract the khtml2png archive.
3. ./configure
4. make
5. sudo checkinstall (this will create a deb file and install it , so that it can easily uninstalled later).

To use khtml2png run the program from commandline providing the url and other options.

$ khtml2png2 --width 800 --height 600 google.png
kbuildsycoca running...
DCOP Cleaning up dead connections.

This would create a google.png in home directory with the screenshot of

This method requires a running X session. To run it from VNC use as :
Start vnc server :

$ vncserver :12
New 'enlightened-desktop:12 (enlightened)' desktop is enlightened-desktop:12
Starting applications specified in /home/enlightened/.vnc/xstartup
Log file is /home/enlightened/.vnc/enlightened-desktop:12.log

Run the program in the vnc server :

$ DISPLAY=:12 khtml2png2 --width 1024 --height 768 google.png
Xlib:  extension "XInputExtension" missing on display ":12".
Failed to get list of devices
Xlib:  extension "XInputExtension" missing on display ":12".
Failed to get list of devices
kbuildsycoca running...

Use with xvfb :

$ xvfb-run --server-args="-screen 0, 1024x768x24" khtml2png2 --width 800 --height 600 google.png

5. PyWebShot


Pywebshot uses python bindings embedded mozilla ( )


1. sudo apt-get install python-gtkmozembed

2. Download pywebshot from

Usage :

$ python -t 1024x768&lt;br /&gt;<br />Loading saved as

It should create a in the directory which has the screenshot of size 1024 x 768.

This method requires a running X session , since it opens a window to load the url and then save its screenshot.

So VNC can be used like this :

start vnc server :

$ vncserver :12
New 'enlightened-desktop:12 (enlightened)' desktop is enlightened-desktop:12
Starting applications specified in /home/enlightened/.vnc/xstartup
Log file is /home/enlightened/.vnc/enlightened-desktop:12.log

Run pywebshot :

$ DISPLAY=:12 python -t 1024x768
Loading saved as


1. Can succesfully render cufon fonts, complex/long loading jquery animations.


1. Cannot automatically determine page height to take full page screenshot.

Workaround: If dimensions are available then the dimensions can be specified as the screensize and using such parameters with a virtual monitor can give full page screenshots.

2. Opens up an annoying browers every time on the desktop.
Workaround: Use xvfb.

6. python-webkit2png

Url :



Install :

1. sudo apt-get install python-qt4 libqt4-webkit

2. Download package from github and extract the archive.

Usage :

$ python -o google.png

It should create a google.png file in the directory with the screenshot of

Use with xvfb :

On a webserver since Xorg is not running , xvfb can bed used to take the screenshot.

$ xvfb-run --server-args="-screen 0, 1024x768x24" python -o google.png


1. Can succesfully render cufon fonts, complex/long loading jquery animations.


1. Fails at CSS3 fonts.

2. Cannot automatically determine page height to take full page screenshot.
Workaround: If dimensions are available then the dimensions can be specified as the screensize and using such parameters with a virtual monitor can give full page screenshots

3. Opens up an annoying browers every time on the desktop
Workaround: Use xvfb,vnc.

The above tools and techniques can be used on a webserver with a language like PHP.

Take screenshot of virtualbox guest os


If you are a blogger, doing experiments with various oses on virtualbox and writing tutorials and posts, then you will need to take screenshots of the guest os things inside virtualbox.

For normal screenshot tasks a tool like shutter works very well. But with virtualbox you get the screenshot of the entire virtualbox window which has to be edited later and consumes time.

There is a quicker way to take a snapshot of the guest os inside virtualbox directly. However this has to be done from the commandline and is not available in the virtualbox gui.

The VBoxManage command is used to do this.

List the running vms

First list out the running virtual machines. You would be taking screenshot from one of the running machines.

$ VBoxManage list runningvms
"Centos 64bit" {5186c620-0656-4f03-8d01-6114d8fd12bb}

Now we get the uuid of the running vm. Here its centos.

Take screenshot as a png

Now lets take the screenshot of the running vm in png format. The format of the command is

$ VBoxManage controlvm vm_uuid screenshotpng /path/to/image

So use it like this

$ VBoxManage controlvm 5186c620-0656-4f03-8d01-6114d8fd12bb screenshotpng ~/centos_htop64.png

Simple! The screenshot is now saved in the home directory with the given name.
Now upload the image in your blog post and publish away.

How to setup and tunnel VNC over SSH trough the internet