DISCLAIMER: Something’s broke with the latest version of Ubuntu (11.10) and adjusting these settings as shown below don’t seem to work like they’re supposed to, and I’ve not yet found a work around. So this guide may not work at all for you. I will update it as news emerges about this.
VNC is the default remote-desktop protocol for Ubuntu Linux and it can be used by anyone to access their home PC while they are away from home. Anyone who has used VNC and also has a router are likely familiar with setting up a port-forward rule in their router so that all inbound traffic destined for port number 5900 is sent to the correct/desired PC. But what if you wanted to be able to do this with multiple PCs on a home network and not have to relay through one PC in order to access another one?
You can do this by setting Ubuntu’s default VNC server (vino) to listen on an alternative port number. Up until recently, changing this port number was as easy as clicking on an Advanced tab in your Remote Desktop preferences window. For some reason, this new panel was removed after a more recent update so changing this port number became a bit of a mystery.
I’ve not done any hard digging to find out why this panel was removed, but my guess is they actually rolled the version of vino back to something older to temporarily avoid a known bug encountered with vino on servers that had Compiz enabled. I’m sure they’ll get it fixed eventually.
In the mean time, this setting is still easy to change if you know where to go. Here’s what you need to do:
- Open your Gnome Configuration Editor. You can do this quickly by pressing Alt-F2, then typing gconf-editor into the box and pressing Enter.
- In the editor, click Desktop>Gnome>Remote Access.
Once you get to this point, you’ll notice several VNC related settings on the right half of the Gnome Configuration Editor window. Edit the mentioned values as follows:
alternative_port: In the line that says “Alternative Port” near the top double-click the 5900 to edit and change it to the desired port number you’d like to use. After you’ve changed this, right-click on this value again to make a pop-out menu appear and then click “Set As Default”.
authentication_methods: This value should say (or mention) “[vnc]“. It might say [none] and that’s okay, but you still need to add “vnc”, so double-click on the value to bring up an edit window and click the Add button. It will ask you to supply a name/value, so just type in “vnc” (no quotes) and press enter. You’ll end up with a value of [none,vnc]. I don’t know if it matters or not, but at this point I edited the values further so that vnc was listed above none, so it ended up looking like [vnc,none] in the end. My thinking behind this has to do with the way some blacklists (TCP/IP for example) delimit their endings. That’s a whole other blog post…
enabled: There is a solitary check box by this parameter. Make sure its box has a check-mark inside of it.
use_alternative_port: Also make sure this parameter has a check mark in it’s box as well. Also, right-click on this value and then click “Set as Default” for it as well.
Now close Gnome Configuration Editor.
That’s it! Restart the computer to get the settings to take effect.
You should also do one or more of the following:
- Use Firestarter to add a rule allowing inbound traffic on the new port number you specified above so that your host firewall doesn’t block it. (Click Applications>Add/Remove and search for Firestarter to install it if you don’t have it already).
- Set a new port-forwarding filter up in your router to direct inbound traffic on that new port towards the PC you just modified (duh!)
To connect to a VNC server on an alternative port, you just add a colon and the new port number to the end of the host address. Lets pretend the new number if 5901 instead of 5900. You would type the host address like this:
- I’ve also used a 1 instead of 5901 and it works. For 5902 you could probably use just the number 2 by itself, and so on.
And that’s all there is to it!