Using Amazon EC2’s free usage tier to host your own cloud desktop is a very economical way to to have a desktop at hand anytime you can not be near one. Since I quite often use Chromebooks these days when on the road this is a particular handy way should I need a full desktop for certain tasks.

Since Ubuntu 14.05 is my default desktop on my normal hardware I obviously want to have my cloud desktop running the same underlying OS. However I don’t think running Unity as the desktop interface would be appropriate via a low-bandwidth remote desktop connection. For this reason I chose LXQT. If you need total stability you probably should go for the more mature LXDE instead, but I have already tried LXQT on an old EEE PC and was very impressed by the speed and low resource usage.

NOTE (Edit: 2014-11-03): Please find an updated (and easier) version of this blog here. I was experiencing some issues with LXQT (which is understandable as it clearly states that it is not a release version)

Provision Ubuntu 14.04 LTS EC2 Instance

EC2 Choose Image

Instance details

  1. Connect to AWS Console and go to EC2 Service
  2. Choose OS Image: “Ubuntu Server 14.04 LTS” (see screenshot)
  3. Choose a “Micro Instance” if you want to use Amazon’s Free Usage Tier
  4. Choose Instance details – the defaults will generally be fine
  5. Add Storage (I generally add a separate Volume for /home but default should do)
  6. Tag instance (just give it a name to that makes sense to you in the console if you have more than one)
  7. Configure Security Group – I only set SSH which is the default (see Firewall config below). Add any other ports needed
  8. Review & Launch the instance. You need to choose your RSA Access Keys in this step. If you haven’t got any and download. DO NOT LOOSE the private keys or you will not be able to connect.

Setup Desktop & VNC

Connect via SSH to the EC2 Instance you just created (using the IP in the control panel and your RSA Key)

sudo apt-get install software-properties-common
sudo add-apt-repository ppa:lubuntu-dev/lubuntu-daily
sudo add-apt-repository ppa:gilir/q-project
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install lxqt-metapackage lxqt-panel vnc4server

Start VNC server under the desired user account. This will create the desired configuration files. Kill after the startup process is finished.

#after successful start
vncserver -kill :1

Edit xstartup files

vim ~/.vnc/xstartup
Paste the following:
# Uncomment the following two lines for normal desktop:
#exec /etc/X11/xinit/xinitrc
exec openbox-session &
startlxqt &
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
#x-terminal-emulator -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
#x-window-manager &

Create startup script

sudo vim /etc/init.d/vncserver
Paste the following:
# Provides: vncserver
# Required-Start: $syslog
# Required-Stop: $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: VNC Server Startup Script
# Description: Author: Leo Gaggl (
[ -f /etc/vncserver/vncservers.conf ] && . /etc/vncserver/vncservers.conf
prog=$"VNC server"
start() {
. /lib/lsb/init-functions
echo -n $"Starting $prog: "
ulimit -S -c 0 >/dev/null 2>&1
for display in ${VNCSERVERS}
export USER="${display##*:}"
if test -z "${REQ_USER}" -o "${REQ_USER}" == ${USER} ; then
echo -n "${display} "
su ${USER} -c "cd ~${USER} && [ -f .vnc/passwd ] && vncserver :${DISP} ${VNCUSERARGS}"
stop() {
. /lib/lsb/init-functions
echo -n $"Shutting down VNCServer: "
for display in ${VNCSERVERS}
export USER="${display##*:}"
if test -z "${REQ_USER}" -o "${REQ_USER}" == ${USER} ; then
echo -n "${display} "
export USER="${display##*:}"
su ${USER} -c "vncserver -kill :${display%%:*}" >/dev/null 2>&1
echo -e "\n"
echo "VNCServer Stopped"
case "$1" in
start $@
stop $@
stop $@
sleep 3
start $@
if [ -f /var/lock/subsys/vncserver ]; then
stop $@
sleep 3
start $@
status Xvnc
echo $"Usage: $0 {start|stop|restart|condrestart|status}"
exit 1

Mark the startup script as executable and create the config file for the startup script.
sudo chmod +x /etc/init.d/vncserver
sudo mkdir /etc/vncserver
sudo vim /etc/vncserver/vncservers.conf

Paste the following:
VNCSERVERARGS[1]="-geometry 1024x768"

update-rc.d vncserver defaults 99

Start the VNC Server

sudo /etc/init.d/vncserver start

Firewall configuration

By default VNC will use port 9501 (and subsequent ports for each session). Since VNC password authentication is generally very weak I personally do not expose this port through the firewall. I use SSH port forwarding to tunnel the VNC port through SSH (encrypted) which means only the SSH port is open and can be properly secured.

ssh -L 5901:localhost:5901 -i /path/to/your/aws/keyfile.pem YOUR.EC2.IP.ADDRESS

You should then be able to access VNC via localhost:

VNC Viewer

Hopefully you should see the LXQT Desktop:

Ubuntu LXQT


If you want to access this from a Chromebook this blog might help.

Leo Gaggl

ict business owner specialising in mobile learning systems. interests: sustainability, internet of things, ict for development, open innovation, agriculture

This Post Has 15 Comments

  1. Ajith

    Very Good…its works..:)

  2. Karu Kaarigar

    This is a very good tutorial. I am new to this so I find this very useful. However, when I try to run the sudo /etc/init.d/vncserver start, I get following error:

    USERNAME No passwd entry for user ‘USERNAME’

    I am new to ubuntu and vnc. Can you please suggest a solution to the abpve issue?

  3. Leo Gaggl

    You need to replace “USERNAME” with your actual user name on your computer.

  4. Chris

    This is awesome but I can’t quite get it to work. When I run the second to the last step using my private IP (provided by AWS) I get the following:

    bind: Address already in use
    channel_setup_fwd_listener: cannot listen to port: 5901
    Could not request local forwarding.

    When I try the command using the public IP provided by AWS the SSH session just hangs up and nothing happens.

    Any thoughts?

  5. Leo Gaggl

    bind: Address already in use

    It seems you have something else already using port 9501 ? Is there some other service running ?

  6. James

    awesome tutorial but you totally dropped the ball at the last paragraph. I followed everything and got the server “running” but I can’t connect to it
    first you give the ssh command to do something with ports, but you don’t even say where that should be run (I was using amazon’s “connect via ssh” java based tool, but I assume that’s not where to put that.
    second, you suddenly say “you can connect through localhost” with zero explanation of what you actually need to conectj or how to set that up. The tutorial started out so pefect and complete, but then it just died right at the end, so so far, all my work and new amazon server have been set up in vain.

    soooo… how can I connect. exactly. I see there’s a vnc chrome extension, will that work? I installed vnc5 free trial, but that seemd to install the whole sserver on my local machine, but alll I need is the viewer. I’m just lost. please give me exact steps to connect (on windows and linux, because I use both)

  7. Leo Gaggl

    @James: you will need to read up on port forwarding (or sometimes called SSH tunnel). It forwards a specific port on your local computer (localhost) to a port on the the remote server over SSH (so you only need to have SSH port open on your firewall). Please note I have created a slightly easier version of this blog here:

    I use Ubuntu:

    If you are on Windows PuttySSH will be your friend:

    To do the same from a Chromebook:

    Chrome VNC viewer:

  8. James

    @Leo Thanks for the references. I’ve got where I’m connected through putty. Now I just have to figure out where to go from here. I actually tried opening the port on the ec2 security group put vnc viewer couldn’t seem to connect. anyway, your links are just in time, so thanks.

  9. Alex

    Hi , i add the right user name but update-rc.d: Permission denied.could u pls help me. i am noob to ubuntu . thanks

  10. Micko

    hi Leo Gaggl, I followed your steps and I’ve got no error in following steps but when I try to connect using my public dns follwed by “:1” I’ve got this VNC error:
    Error in TightVNC Viewer: A connection attempt failed because the connected party did not properly respons after a period of time or established connection failed beacause connected host has failed to respond.

    -I am using Ubuntu Server 14.04 LTS (HVM) aws ec2 intance
    -my server is running properly

  11. Leo Gaggl

    Sorry. Sounds like a connectivity problem. Check logs and check firewalling / tunnel establishment.

  12. Jason

    I have the same error as Micko and my SSH connectivity is fine and ufw (firewall) is inactive

  13. Hastala

    When trying to run update-rc.d vncserver defaults 99

    I get this error:
    update-rc.d: warning: /etc/init.d/vncserver missing LSB information
    update-rc.d: see
    Adding system startup for /etc/init.d/vncserver …
    /etc/rc0.d/K99vncserver -> ../init.d/vncserver
    update-rc.d: symlink: Permission denied

    What did I miss?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.