How can I connect to a Google Compute Engine virtual server with a GUI?

These instructions are for setting up Ubuntu 16.04 LTS with LXDE (I use SSH port forwarding instead of opening port 5901 in the VM instance firewall)

1. Build a new Ubuntu VM instance using the GCP Console

2. connect to your instance using google cloud shell

gcloud compute --project "project_name" ssh --zone "project_zone" "instance_name"

3. install the necessary packages

sudo apt update && sudo apt upgrade
sudo apt-get install xorg lxde vnc4server

4. setup vncserver (you will be asked to provide a password for the vncserver)

vncserver
sudo echo "lxpanel & /usr/bin/lxsession -s LXDE &" >>  ~/.vnc/xstartup

6. Reboot your instance (this returns you to the Google cloud shell prompt)

sudo reboot

7. Use the google cloud shell download file facility to download the auto-generated private key stored at $HOME/.ssh/google_compute_engine and save it in your local machine*****

cloudshell download-files $HOME/.ssh/google_compute_engine

8. From your local machine SSH to your VM instance (forwarding port 5901) using your private key (downloaded at step 7)

ssh -L 5901:localhost:5901 -i "google_compute_engine" username@instance_external_ip -v -4

9. Run the vncserver in your VM instance

vncserver -geometry 1280x800  

10. In your local machine's Remote Desktop Client (e.g. Remmina) set Server to localhost:5901 and Protocol to VNC


Note 1: to check if the vncserver is working ok use:

netstat -na | grep '[:.]5901'
tail -f /home/user_id/.vnc/instance-1:1.log

Note 2: to restart the vncserver use:

sudo vncserver -kill :1 && vncserver

***** When first connected via the Google cloud shell the public and private keys are auto-generated and stored in the cloud shell instance at $HOME/.ssh/

ls $HOME/.ssh/
google_compute_engine  google_compute_engine.pub  google_compute_known_hosts

The public key should be added to the home/*user_id*/.ssh/authorized_keys in the VM instance (this is done automatically when you first SHH to the VM instance from the google cloud shell, i.e. in step 2) you can confirm this in the instance metadata


Much better solution from Google themselves:

https://medium.com/google-cloud/linux-gui-on-the-google-cloud-platform-800719ab27c5


Chrome Remote Desktop allows you to remotely access applications with a graphical user interface from a local computer or mobile device. For this approach, you don't need to open firewall ports, and you use your Google Account for authentication and authorization.

Check out this google tutorial to use it with Compute Engine : https://cloud.google.com/solutions/chrome-desktop-remote-on-compute-engine


You need to forward the X11 session from the VM to your local machine. This has been covered in the Unix and Linux stack site before:

https://unix.stackexchange.com/questions/12755/how-to-forward-x-over-ssh-from-ubuntu-machine

Since you are connecting to a server that is expected to run compute tasks there may well be no X11 server installed on it. You may need to install X11 and similar. You can do that by following the instructions here:

https://help.ubuntu.com/community/ServerGUI

Since I have needed to do this recently, I am going to briefly write up the required changes here:

Configure the Server

$ sudo vim /etc/ssh/sshd_config

Ensure that X11Forwarding yes is present. Restart the ssh daemon if you change the settings:

$ sudo /etc/init.d/sshd restart

Configure the Client

$ vim ~/.ssh/config

Ensure that ForwardX11 yes is present for the host. For example:

Host example.com
    ForwardX11 yes

Forwarding X11

$ ssh -X -C example.com
...
$ gedit example.txt

Trusted X11 Forwarding

http://dailypackage.fedorabook.com/index.php?/archives/48-Wednesday-Why-Trusted-and-Untrusted-X11-Forwarding-with-SSH.html

You may wish to enable trusted forwarding if applications have trouble with untrusted forwarding.

You can enable this permanently by using ForwardX11Trusted yes in the ~/.ssh/config file.

You can enable this for a single connection by using the -Y argument in place of the -X argument.