KVM Virtualization: Start VNC Remote Access For Guest Operating Systems

by on October 4, 2010 · 5 comments· LAST UPDATED February 1, 2011


I'm running a KVM virtual machine (FreeBSD 7 and Fedora Linux 13 desktop) under Redhat Enterprise Linux 5.5. However, I'm not getting the remote access via VNC (Virtual Network Computing) to access my Fedora Linux graphical desktop or FreeBSD console. How do I turn on VNC support without reinstalling both operating systems?

You need to attach your vncserver with the guest operating system console. This can be done using any one of the following method:

Method # 1: Command Line Option

Normally, QEMU (/usr/libexec/qemu-kvm) uses SDL to display the VGA output. With the -vnc option option, you can have QEMU listen on VNC display display and redirect the VGA display over the VNC session. When using the VNC display, you must use the -k parameter to set the keyboard layout if you are not using en-us. Valid syntax for the display is as follows:

-vnc :0
-vnc -k en-us
####  Require that password based authentication is used for client connections ####
-vnc,password -k en-us

In the following example start centos1 guest vm using vnc

 /usr/libexec/qemu-kvm -S -M rhel5.4.0 -m 1024 -smp 1 -vnc -k en-us -name centos1 -monitor pty -boot c -drive file=/var/lib/libvirt/images/centos1.img

Method # 2: qemu-kvm VM Config File (Recommended)

You need to edit your VM config file which is in XML format. The config file is located at /etc/libvirt/qemu directory. In this example, edit centos1.xml as follows:
# vi /etc/libvirt/qemu/centos1.xml
Append the following line before final </devices>:

 <graphics type='vnc' port='-1' autoport='yes' keymap='en-us'/>

Here is my sample config file:

<domain type='kvm'>
    <type arch='x86_64' machine='rhel5.4.0'>hvm</type>
    <boot dev='hd'/>
  <clock offset='utc'/>
    <disk type='file' device='disk'>
      <driver name='qemu' cache='none'/>
      <source file='/emc/vms/images/host302.f02.dc05.corplan.nixcraft.net.in/c/centos1.img'/>
      <target dev='vda' bus='virtio'/>
    <interface type='bridge'>
      <mac address='xx:yy:zz:ee:f4:63'/>
      <source bridge='br0'/>
      <model type='virtio'/>
    <interface type='bridge'>
      <mac address='54:52:xx:yy:zz:ee'/>
      <source bridge='br1'/>
      <model type='virtio'/>
    <serial type='pty'>
      <target port='0'/>
    <console type='pty'>
      <target port='0'/>
    <graphics type='vnc' port='-1' autoport='yes' keymap='en-us'/>

Finally, restart your libvirtd:
# /etc/init.d/libvirtd restart
# virsh shutdown centos1
# virsh start centos1

How Do I Use VNC Client?

Type your VNC (KVM) server ip and port:

Fig.01: Connecting to KVM Guest Using VNC Client

Fig.01: Connecting to KVM Guest Using VNC Client

Once connected you can view your desktop:
Fig.02: RHEL 6 Guest Beta Desktop Over VNC Session Running Under KVM

Fig.02: RHEL 6 Guest Beta Desktop Over VNC Session Running Under KVM

Make sure you browse the desktop using ssh tunnel or over some sort of VPN session.

How Do I Find Out Current VNC Setting For Any Given Domain / VM?

Type the following command:
# virsh vncdisplay domainName
# virsh vncdisplay 3
# virsh vncdisplay centos1

Sample outputs:


How Do I Password Protect My VNC Session?

The passwd attribute provides a VNC password in clear text (so make sure your xml config file is only readable by root user). Edit centos1.xml file as follows:

 <graphics type='vnc' port='-1' autoport='yes' passwd='YOUR-PASSWORD-HERE' keymap='en-us'/>


 <graphics type='vnc' port='-1' autoport='yes' listen='' passwd='YOUR-PASSWORD-HERE' keymap='en-us'/>


  • type='vnc': The graphics element has a mandatory type attribute which takes the value "sdl", "vnc", "rdp" or "desktop". In this case it is set to VNC for remote access.
  • autoport='yes': The autoport attribute is the new preferred syntax for indicating autoallocation of the TCP port to use.
  • passwd='YOUR-PASSWORD-HERE': The passwd attribute provides a VNC password in clear text.
  • keymap='en-us': The keymap attribute specifies the keymap to use.
  • listen='': The listen attribute is an IP address for the server to listen on.

Save and close the file. Restart services as follows:
# /etc/init.d/libvirtd restart
# virsh start centos1

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 5 comments… read them below or add one }

1 Kristian Kirilov October 10, 2011 at 10:02 am

Hey, thanks for a great tutorial.


2 Ray October 31, 2011 at 6:14 pm

Would love to see someone tackle using PCI passthrough with a KVM instance. I’m having a really difficult time getting it to work and would love to know if I’m doing something wrong or trying to get a card that just doesn’t want to work with KVM going.


3 xuhoudao May 18, 2012 at 8:42 am

it’s a great tutorial.
tks a lot.


4 Dr.Awesome August 21, 2013 at 5:11 pm

Awesome Stuff! Now I can dive head first into KVM =}


5 Yashpal August 29, 2013 at 5:30 pm

Thanks…It helped


Leave a Comment

Tagged as: , , , , , , , , , , , , , , , , , , , , , , ,

Previous Faq:

Next Faq: