VNC server on OpenBSD

Here are quick notes on how to setup a VNC server on OpenBSD. This allows a remote connexion to a X11 session running on an OpenBSD server or workstation.

First of all, you’ll have to start the X Display Manager (xdm):

# vi /etc/rc.conf.local
# /usr/X11R6/bin/xdm

Then, you’ll have to install a VNC server tool and enable it:

# pkg_add
# x11vnc -storepasswd vncpass /etc/x11vnc.passwd
stored passwd in file: /etc/x11vnc.passwd
# vi /etc/rc.conf.local
x11vnc_flags=”x11vnc_flags=”-listen -rfbauth /etc/x11vnc.passwd -logfile /var/log/x11vnc -ncache 0 -display :0 -forever -loop100 -auth /etc/X11/xdm/authdir/authfiles/A:0-*”
# /etc/rc.d/x11vnc start

You can now connect to the remote VNC server and have your X11 session kept when you disconnect from the VNC session. Note that it is quite unsecured not to encrypt this kind of connexion. You may choose to run the VNC server on localhost and use a SSH tunnel to connect to it. Or you may use a (self-signed) SSL connexion:

# x11vnc -ssl SAVE -listen -rfbauth /etc/x11vnc.passwd -logfile /var/log/x11vnc -ncache 0 -display :0 -forever -loop100 -auth /etc/X11/xdm/authdir/authfiles/A:0-*
— x11vnc loop: 1 —
— x11vnc loop: waiting for: 25000
Version: 3 (0x2)
Serial Number:
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=AU, L=OpenBSD,, O=x11vnc, CN=x11vnc-SELF-SIGNED-CERT-25000/emailAddress=x11vnc@server.nowhere
Key PEM file:
Protect key with a passphrase? y/n n

# vi /etc/rc.conf.local
x11vnc_flags=”-ssl SAVE -listen -rfbauth /etc/x11vnc.passwd -logfile /var/log/x11vnc -ncache 0 -display :0 -forever -loop100 -auth /etc/X11/xdm/authdir/authfiles/A:0-*”
# /etc/rc.d/x11vnc start

You must enable SSL on the client side too! FYI, on my Mac, JollysFastVNC provides this feature.

That’s All Folks!

Author: Joel Carnat

@work Technical Architect and SysAdmin ; @home OpenBSD and FOSS, Karate, Kobudō, Jōdō, Bodyweight workout, Photography & Music

One thought on “VNC server on OpenBSD”

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.