x11vnc

Launch a VNC server that allows multiple clients to connect

$ x11vnc -shared

$ x11vnc -forever -viewonly

$ x11vnc -display :[display].[screen]

$ x11vnc -display :[2]

$ x11vnc -display :[0].[1]

x11vnc [OPTIONS...]

-display <DISPLAY>
    Specifies the X display to connect to (e.g., :0 for the primary console or :1 for a secondary display).

-rfbauth <file>
    Path to a VNC password file (e.g., ~/.vnc/passwd) for authentication. This is the recommended and most secure way to set a password.

-passwd <password>
    Sets the VNC password directly on the command line. Caution: Less secure than -rfbauth as the password may be visible in process listings.

-forever
    Prevents x11vnc from exiting after the first client disconnects, allowing multiple consecutive connections.

-many
    Allows multiple VNC clients to connect simultaneously to the server.

-viewonly
    Connects clients in view-only mode, preventing them from controlling the desktop (mouse and keyboard input are ignored).

-allow <host>
    Permits connections only from the specified hostname or IP address (e.g., localhost, 192.168.1.0/24). Can be used multiple times.

-rfbport <port>
    Specifies the TCP port number for the VNC server to listen on. Default is 5900 + display number (e.g., 5900 for :0, 5901 for :1).

-connect <host:port>
    Initiates a reverse connection to a VNC client listening at the specified host and port. Useful for traversing firewalls.

-ssl [mode]
    Enables SSL encryption for VNC connections. mode can be on (default), off, or only (to enforce SSL).

-shared
    Allows multiple connected clients to share control of the desktop. Without this, only the first client can control.

-o <logfile>
    Redirects all standard output and error messages from x11vnc to the specified log file.

-clip <geometry>
    Limits the VNC desktop to a sub-region of the X display (e.g., 640x480+100+50).

-help
    Displays a detailed summary of command-line options and exits.

x11vnc is a VNC server that allows you to view and control a real X display remotely. Unlike typical VNC servers like vncserver or tightvncserver which create new virtual X displays, x11vnc directly accesses and shares an existing X server (e.g., the one running your desktop session on :0). This makes it an ideal tool for remote administration, technical support, or simply sharing your current graphical session without launching a separate virtual desktop.

It supports various X servers including Xorg, XFree86, and Xvnc, and offers features like password authentication, SSL encryption, reverse connections, and desktop sharing for multiple clients. x11vnc is highly configurable, providing options for performance tuning, access control, and specific handling of screen updates and cursor display.

x11vnc requires a running X server to share. It needs appropriate permissions to access the X display, often requiring it to be run by the user logged into the X session, or with root privileges if accessing another user's display (which is generally discouraged). Performance can vary depending on network speed and X server configuration. Security is paramount: always use strong passwords via -rfbauth and consider -ssl for production environments.

For secure deployments, always use a password file generated with vncpasswd via the -rfbauth option instead of directly providing passwords with -passwd. Enable SSL encryption with the -ssl or -sslonly options to protect data in transit. To minimize attack surface, restrict access using -allow to specific IP addresses or subnets and consider running x11vnc with the minimum necessary privileges.

To improve performance over slower networks, consider options like -deferupdate (to batch screen updates, e.g., -deferupdate 100 for 100ms delay) and ensure your VNC client supports efficient encodings (like Tight or Hextile). While x11vnc supports many encodings, the actual performance depends on the negotiated encoding between server and client and the capabilities of your X server.

Developed by Karl Runge, x11vnc emerged to address the specific need of sharing an existing X display via VNC, a capability not natively offered by many conventional VNC server implementations. Its development has focused on providing a robust, flexible, and secure solution for remote access to physical or console X sessions, differentiating itself from VNC servers that launch new virtual desktops. It has become a staple tool for remote support and administration in Linux/Unix environments, continuously evolving to support modern X server features and security standards.

vncserver(1), tightvncserver(1), vncviewer(1), xrandr(1), xdm(1)