Tunnelling display/GUI through VNC and X11 from Linux to Windows

VNC

This is one thing that always trips me. Say we need to view the desktop of a Linux Server Y from our Windows machine. However there is no direct connection from our Windows machine to Server Y. Also note that we can do X11 forwarding also, but VNC is more compressed and faster

Goal

Windows →Server X → Server Y

Step 1

Install tiger-vnc server or some other VNC server in Server Y

https://www.tecmint.com/install-and-configure-vnc-server-in-centos-7/

Start the VNC Service ( or even if you run the vnc as a process it should be fine)

sudo systemctl start vncserver@:1

Check that VNC port is open. It starts from 5901. Here it was started many times in parallel initially by mistake and it took the 5907 port

$ sudo ss -tulpn| grep vnc
tcp    LISTEN     0      5         *:5907     *:*     users:(("Xvnc",pid=193634,fd=9))
tcp    LISTEN     0      128       *:6007     *:*     users:(("Xvnc",pid=193634,fd=6))
tcp    LISTEN     0      5        :::5907     :::*    users:(("Xvnc",pid=193634,fd=10))
tcp    LISTEN     0      128      :::6007     :::*    users:(("Xvnc",pid=193634,fd=5))

Open any firewalls for these ports.

Step 2

Use putty and create a SSH tunnel from Windows machine to Server X. Here we are using port 8888. (The rest of the connection is not shown)

Step 3

Once you are connected to Server X via Putty

SSH with Local tunnel from Server X to Server Y (say 192.168.11.12) with the VNC port; so this below will map 8888 request to 5907 in ServerT

ssh -L 8888:localhost:5907  192.168.11.12

Step 4

Install VNC viewer on Windows and Connect to localhost:8888

X11 Tunneling

This is similar to above. Only that instead of a VNC viewer you need to install a XServer in Windows and the Linux should have a XClient

If you are doing ssh from Windows to a Linux system — do yourself a favour and use a SSH client like Putty ( regular ssh -X etc does not work).

Step 1: Install a XServer in Windows : Example XMing Server (listens on localhost:0.0)

Step 2: In putty enable X11 forwarding

Step 3: Connect to remote Linux server

Make sure all conditions here are met in Linux server — that is X11Forwarding is yes and xauth is present as explained in the answer https://unix.stackexchange.com/a/12772/121634

Fire up XClock and wait a minute for the display to appear in your Windows machine

Note — If from this Linux server you are connecting to another server and want to forward X11 back to your Windows, you just need to connect to the next in the chain with ssh -X. (like we did above with -L for vnc)

That is

[Windows] Putty (with X11forwarding) → [Server1] (xclock works) → ssh -X [Server 2] (xclock works)

Extra via Docker

X11 Forwarding from Docker — See here

Running Chromium inside Docker - Gtk: cannot open display: :0

Hope this is useful. At least to me it will be as I forget and need to stumble through this again and again