I covered VNC this afternoon in my Linux system administration course and the question came up on how to secure VNC. You may or may not be aware than VNC is not encrypted by default, which could be a security concern.
If you use VNC regularly to connect to other Linux machines you may want to consider adding a level of encryption with SSH. Here is a quick run-down on how that is done:
If you look at the man page for vncviewer (
man vncviewer) you’ll notice there is a small section for -via. The -via option, as outlined in the man page will do:
Makes the connection go through SSH to a gateway host. The gateway should be the target host for best connection secrecy.
Basically this is saying that you can tunnel VNC over SSH within your connection command. Let’s give it a try.
vncviewer -via [email protected] localhost:0
This, of course, will require that you have both ssh and vnc access to a remote machine.
This is a much simpler method than many other tutorials I’ve found which generally suggest creating a tunnel with ssh -L and then using that tunnel.