ubuntu 22.04 配置VNC远程连接

sudo apt install tigervnc-standalone-server

curtis@curtis-FP650:~$ vncserver -list

TigerVNC server sessions:

X DISPLAY #     RFB PORT #      RFB UNIX PATH   PROCESS ID #    SERVER
1               5901                            29499           Xtigervnc

为什么同一个局域网内通过VNC viewer 连接报错，服务端vnc服务正常运行？

连接报错：The connection was refused by the computer

ufw 和 ufw服务不是一回事？

curtis@curtis-FP650:~$ systemctl status ufw
● ufw.service - Uncomplicated firewall
     Loaded: loaded (/lib/systemd/system/ufw.service; enabled; vendor preset: enabled)
     Active: active (exited) since Sat 2026-01-17 13:30:49 CST; 1h 4min ago
       Docs: man:ufw(8)
    Process: 567 ExecStart=/lib/ufw/ufw-init start quiet (code=exited, status=0/SUCCESS)
   Main PID: 567 (code=exited, status=0/SUCCESS)
        CPU: 1ms

1月 17 13:30:49 curtis-FP650 systemd[1]: Starting Uncomplicated firewall...
1月 17 13:30:49 curtis-FP650 systemd[1]: Finished Uncomplicated firewall.

curtis@curtis-FP650:~$ sudo ufw status verbose
Status: inactive

1、服务端防火墙服务没有被正常启用，VNC 服务端端口不允许有流量通过。

curtis@curtis-FP650:~$ sudo ufw status verbose
Status: inactive

# 启用ufw并查看服务状态
curtis@curtis-FP650:~$ sudo ufw status verbose
Status: inactive
curtis@curtis-FP650:~$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup

curtis@curtis-FP650:~$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)

2、UFW 未放行 5901 端口。

# ufw命令放行vncserver端口
# 开放局域网访问，我的环境局域网网段为 192.168.0.0
sudo ufw allow from 192.168.0.0/24 to any port 5901 proto tcp

# 查看打开的vnc服务端口信息
curtis@curtis-FP650:~$ vncserver -list

TigerVNC server sessions:

X DISPLAY #     RFB PORT #      RFB UNIX PATH   PROCESS ID #    SERVER
1               5901                            29499           Xtigervnc

# 查询放通的端口
curtis@curtis-FP650:~$ sudo ufw status verbose
[sudo] password for curtis:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
5901/tcp                   ALLOW IN    192.168.0.0/24
5902/tcp                   ALLOW IN    192.168.0.0/24

3、VNC服务端只监听 127.0.0.1（localhost），仅允许本机通过VNC客户端连接。

curtis@curtis-FP650:~$ ss -tuln | grep 5901
tcp   LISTEN 0      5                             127.0.0.1:5901       0.0.0.0:*
tcp   LISTEN 0      5                                 [::1]:5901          [::]:*

# 解决办法启动vnc服务时添加参数 `-localhost no`
curtis@curtis-FP650:~$ vncserver :1 -localhost no -geometry 1920x1080 -depth 24

New Xtigervnc server 'curtis-FP650:1 (curtis)' on port 5901 for display :1.
Use xtigervncviewer -SecurityTypes VncAuth,TLSVnc -passwd /home/curtis/.vnc/passwd curtis-FP650:1 to connect to the VNC server.

curtis@curtis-FP650:~$ ss -tuln | grep 5901
tcp   LISTEN 0      5                               0.0.0.0:5901       0.0.0.0:*
tcp   LISTEN 0      5                                  [::]:5901          [::]:*

vncserver常见命令：

# 查看所有vnc连接
curtis@curtis-FP650:~$ vncserver -list

TigerVNC server sessions:

X DISPLAY #     RFB PORT #      RFB UNIX PATH   PROCESS ID #    SERVER
1               5901                            29499           Xtigervnc

# 根据displaay id关闭某个VNC连接
curtis@curtis-FP650:~$ vncserver -kill :1
Killing Xtigervnc process ID 29499... success!

# 指定VNC分辨率
# -geometry 3840x2160：设置虚拟桌面为 4K 分辨率
# -depth 24：颜色深度（24 位真彩色）
# -dpi 96：可选，设置 DPI（避免字体过小）
# -localhost no：允许局域网连接（关键！）
urtis@curtis-FP650:~$ vncserver -kill :1
Killing Xtigervnc process ID 29499... success!

# vncserver :1 -localhost no -geometry 1920x1080 -depth 24
curtis@curtis-FP650:~$ vncserver :1 -localhost no -geometry 3840x2160 -depth 24 -dpi 96

New Xtigervnc server 'curtis-FP650:1 (curtis)' on port 5901 for display :1.
Use xtigervncviewer -SecurityTypes VncAuth,TLSVnc -passwd /home/curtis/.vnc/passwd curtis-FP650:1 to connect to the VNC server.

ufw 常用命令：

# 查看ufw状态已经配置信息
curtis@curtis-FP650:~$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
5901/tcp                   ALLOW IN    192.168.0.0/24
5902/tcp                   ALLOW IN    192.168.0.0/24

# 查看ufw 配置信息
curtis@curtis-FP650:~$ sudo ufw status numbered
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 5901/tcp                   ALLOW IN    192.168.0.0/24
[ 2] 5902/tcp                   ALLOW IN    192.168.0.0/24

# 通过编号删除某条配置的规则
curtis@curtis-FP650:~$ sudo ufw delete 2
Deleting:
 allow from 192.168.0.0/24 to any port 5902 proto tcp
Proceed with operation (y|n)? y

Rule deleted
curtis@curtis-FP650:~$ sudo ufw status numbered
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 5901/tcp                   ALLOW IN    192.168.0.0/24