Using SSH Tunnel for VNC

You can excute a vnc session on a remote system providing only
ssh access by means of an ssh tunnel.

Example 1:

On a remote machine start a vncserver on port 3. If the port
ws not specified vnc would tell you what port was used. You could
also look in the directory .vnc to find the log file name and learn
which port was used.

vncserver :3

Create an ssh tunnel on your local system. For this example we
will assume the remote system as an IP address of

ssh -X -l fred -L 5908:localhost:5903

In this example we specify a login with the user name "fred".
We connect the local port 8 (5900 +8) with the remote port 3 (5900 + 3).

Now start a vnc viewer on the local system specifying port 8.

vncviewer -shared localhost:8

In this example the "-shared" option was added to allow other users
to connect to the session without having the session terminated. This
depends on the vnc software used.

Example 2:

In this example assume that we have a remote system acting as a firewall
and another system connected to that running the vncserver. We will assume
that the remote firewall has an IP address of and connected
to that is a machine with address running the vncserver on port 1.
No user name is specified in this example making the assumption that same
user name is in use on all machines.

ssh -X -L 5906:

Now start a vnc viewer connecting to port 6 as was used in the command above:

vncviewer localhost:6

There are several options available when starting the vncserver. This will depend
 on the vnc software used. Here is an example to give the vnc window a name
(-l testsys), create a window that is 1280 wide and 1024 high (-geometry 1280x1024)
and limit the color depth in order to increase peformance (-depth 16). No port is
specified  so the system will pick a port to be used:

vncserver -name testsys -geometry 1280x1024 -depth 16