Remote Desktop using VNC with SSH Tunnel (Windows)

Configure a remote host in PuTTY

Type the full host name into the Host Name field. In this case, it is


This connection will eventually be used for displaying X windows.

In the left pane, expand the SSH tree by clicking the +.

Select X11.

Check Enable X11 Forwarding.


In the left pane, select Session.

Enter a name in the Saved Sessions field, and click Save.

Double-click your new saved setting line or select it and click Load to connect to the remote server.

Log in to get a terminal window.

VNC Server

Run the following command to start the VNC server:

$ vncserver

You may be prompted for a password. This can be anything and is not related to your login password.

The command will display a line similar to the following.

New 'hostname:# (username)' desktop is hostname:#

Take note of the number (#) following the colon (:). This will be the port number you will need in the SSH tunnel setup, and will be the number you will need to use to eventually terminate the server when you are finished using it.

If you were not prompted for a password and have already configured the VNC server to display a remote desktop, continue with the tunnel setup.

If you were prompted to set a password for the vncserver, it most likely means that this is the first time you have run the command. You will now need to terminate the VNC server and configure the desktop setting so you view a remote desktop environment rather than simple xterm windows. To terminate the server, use the number (#) you were given in the above command. Repace the number (#) in the following command to terminate the program.

$ vncserver -kill :#

Configure an SSH tunnel

Be sure you have the number (#) you were given in the above vncserver command.

Assuming you are currently running PuTTY from above, you already have your configuration loaded. If you do not, launch PuTTY and load your previously saved configuration by selecting the session name and clicking Load.


Select Tunnels in the left pane.

Enter these values:

Source port: 5900.

To determine the destination port, use the number (#) you were given in the vncserver command above and add it to 5900. For example, if your server is running on :1, use the following.

Destination: hostname:5901

where hostname is the hostname is the same one from above.


Click the Add button. Your tunnel will now appear in the list, similar to the figure here.


Select Session in the left pane.

Click the session name in the Saved Sessions pane.

Click Save.


At this point, you can click Open to start the SSH terminal. The tunnel will now be active as long as the terminal window stays running.

The next time you run PuTTY, you must open these saved settings by selecting the name in the Saves Sessions pane and clicking Load, then clicking Open, or you can simply double-click the session name to load and run the saved session.

VNC Viewer

If you don't have it, download VNC Viewer (part of the server package) from When you install it, choose only the VNC Viewer. You do not need to install the server.

You must have an open SSH window with an actively running tunnel for the following to function properly.

When VNC Viewer starts up, enter

VNC server: localhost.

Click OK.

If you are not prompted for a password, the SSH tunnel is not working. Make sure your tunnel configuration is properly set up and that you are running your SSH session configured with an SSH tunnel to the correct port.

When you quit the VNC Viewer, the remote VNC server stays running. This means that you can reconnect to the same VNC server at a later time, and it will remain in the state that you left it (assuming the remote computer is not shut down).

It is a bad idea to leave VNC servers running indefinitely, as they do take up system resources. Please terminate your VNC servers when you no longer need the remote connection..

Terminate your VNC Server

Recall the number (#) you were given in your vncserver command. Replace # with that number in the following command to teminate the server.

$ vncserver -kill :#

You cannot terminate other users' VNC servers.

In some cases, the system will not let you terminate your own VNC server. You can use the unix kill command to terminate them.