How to access an ubuntu machine via VNC from the login screen?

Your best bet is to install xrdp Install xrdp. After installation, you can use an RDP client to connect to the machine - you will then be prompted for your credentials as you would be on the login screen.


Overall, I'd recommend x11vnc.

TL;DR

apt-get -y install x11vnc
x11vnc -storepasswd

Enter your password, it's saved by default in ~/.vnc/passwd in INSECURE encrypted form. It can be decrypted because the key is known... protect it with filesystem permissions)

chmod 600 ~/.vnc/passwd

Save my helper script locally:

mkdir ~/bin/
curl https://gist.githubusercontent.com/trinitronx/76d2bf98489e5e3e84fa/raw/53885d87f91320b574ca4f7d609e4bb268274f68/start_x11vnc.sh  > ~/bin/start_x11vnc.sh && chmod +x ~/bin/start_x11vnc.sh

From your VNC Client host:

ssh -f  -L 5900:127.0.0.1:5900 -p 22 [email protected] '~/bin/start_x11vnc.sh && sleep 10'

Or, from your VNC Server host, run :

~/bin/start_x11vnc.sh

via a terminal (or start it as a daemon with -forever as an init.d service, upstart service, systemd unit, or however you wish)

Now run your VNC Client of choice from your Client Host, point it at: 127.0.0.1:5900, login with password saved above.

Use the X11 "Magic Cookie"

Most X display managers (like GDM, XDM, KDM) start an initial X11 server and authenticate to it with an MIT Magic Cookie. Depending on your display manager, the magic cookie will be found in one of various locations.

I've had good luck getting a VNC session open on the Ubuntu GDM login screen *NOTE1 by finding the magic cookie with this script:

#!/bin/bash
DEFAULT_DISPLAY=:0
X11VNC_DISPLAY="$DEFAULT_DISPLAY"

if [ -x /usr/bin/x11vnc ]; then
     [ "$1" == '-nocache' ] && CACHE_FLAG='-noncache' || CACHE_FLAG='-noncache'
     [ "$2" == '-guess' ] && GUESS_FLAG='-auth guess' || GUESS_FLAG=''
         [ -f /root/.vnc/passwd ] && PASSWORD="/root/.vnc/passwd"
         [ -f $HOME/.vnc/passwd ] && PASSWORD="$HOME/.vnc/passwd"
         [ ! -z "$PASSWORD" ] && x11vnc -display $X11VNC_DISPLAY -xkb -rfbauth $PASSWORD -rfbport 5900 -shared -forever -nowf -norc -notruecolor -bg $GUESS_FLAG $CACHE_FLAG -noxdamage
    EXIT_CODE=$?
     if [ $EXIT_CODE -ne 0 ]; then

        echo "\n*********************************************************************"
        echo "*** Could not start x11vnc!  Trying again with gdm MAGIC_COOKIE! ***"
        echo "*********************************************************************\n"

        # Old GDM location for Ubuntu <= 17.10
        MAGIC_COOKIE_FILE=`sudo find /var/run/gdm/ -iname database | grep for-gdm`

        # New GDM location for Ubuntu >= 17.10
        [ -z "$MAGIC_COOKIE_FILE" ] && NUM_MAGIC_COOKIE_FILE_SESSIONS=`sudo find /run/user/ -iwholename '*/gdm/*' -iname '*Xauthority' 2>/dev/null | wc -l`
        if [ -z "$MAGIC_COOKIE_FILE" -a "$NUM_MAGIC_COOKIE_FILE_SESSIONS" -gt 1 ]; then
            # Find the current user's session
            MAGIC_COOKIE_FILE=`sudo find /run/user/$(id -u) -iwholename '*/gdm/*' -iname '*Xauthority'`
            X11VNC_DISPLAY=":1"
        else
            # Find the GDM user's session (or whichever shows up first in ps list)
            # This should pick up the original gdm session which grabs :0
            # If you login after gdm login screen, your Xorg server may end up on another display!
            # Workaround for now is to restart x11vnc on that display number
            [ -z "$MAGIC_COOKIE_FILE" ] && MAGIC_COOKIE_FILE=`sudo find /run/user/ -iwholename '*/gdm/*' -iname '*Xauthority' | head -n1`
        fi
        # Old lightdm location for Ubuntu <= 17.10
        [ -z "$MAGIC_COOKIE_FILE" ] && MAGIC_COOKIE_FILE=`sudo find /var/lib -name '.Xauthority' -o -wholename '/var/run/lightdm/root/:0' | head -n1`
        #sudo bash -c "[ -z \"$MAGIC_COOKIE_FILE\" -a -e /var/run/lightdm/root/:0 ]" && MAGIC_COOKIE_FILE='/var/run/lightdm/root/:0'
        [ -n "$MAGIC_COOKIE_FILE" -a -z "$GUESS_FLAG" ] && AUTH_COOKIE_FLAG="-auth $MAGIC_COOKIE_FILE"
        [ ! -z "$PASSWORD" ] && sudo x11vnc -display $X11VNC_DISPLAY -xkb -rfbauth $PASSWORD -rfbport 5900 -shared -forever -nowf -norc -notruecolor -bg $GUESS_FLAG $CACHE_FLAG -noxdamage ${AUTH_COOKIE_FLAG}
    fi
fi

I can start this script (I called it start_x11vnc.sh) anytime via SSH... even before login via the gdm login screen. It launches an x11vnc server which I can then connect to over SSH tunnel. (Use ssh -L 5900:127.0.0.1:5900 or add LocalForward 5900 127.0.0.1:5900 to your host's entry in ~/.ssh/config).

NOTE1: In some new distro releases such as Ubuntu >= 17.10, the GDM login X session display is completely separate from the logged in user's X session display. Therefore, it is necessary to first connect to the GDM X session, login... and finally disconnect and re-connect to the newly started X session. Why they now do it this way is a mystery, but it broke the old version of this script.


To enable GDM login over a VNC ssh remote connection try with X11vnc. See also this answer.