How to set up Ubuntu Desktop VM on Amazon EC2

Amazon Web Services (AWS) EC2 is the most widely used pay-as-you-go type of elastic compute cloud. You can launch a VM instance in a matter of minutes by using one of those Amazon Machine Images (AMIs) offered by EC2.

If your use case of EC2 involves Ubuntu Desktop, you need to understand that it is less straightforward to launch a Ubuntu Desktop VM instance on EC2, due to its desktop environment which needs a screen attached to it.

In this guide, I will describe how to run Ubuntu Desktop on Amazon EC2.

In a nutshell, the approach is to launch a Ubuntu Server instance first. Then install desktop environment on it, and access the headless server instance via VNC remote desktop.

Install Ubuntu Desktop on AWS EC2

I assume that you already set up a VM on EC2 by choosing Ubuntu Server AMI.

First, install Ubuntu Desktop on the server instance by running the following command.

$ sudo apt-get install ubuntu-desktop

Reboot the VM instance.

Next, install VNC server on the VM.

$ sudo apt-get install tightvncserver

After installation, launch VNC server (as a non-root user):

$ vncserver :1

The first time you run VNC server, it will ask you for VNC password. The VNC password should be at least 6 characters and up to 8 characters long. If the typed password is longer than that, only the first 8 characters will be used.

Once VNC server is launched successfully, it will create ~/.vnc directory and configuration files in it. A log file for VNC server will be located at ~/.vnc/*.log

Modify ~/.vnc/xstartup as follows in order to launch GNOME session automatically upon VNC connection.

$ vi ~/.vnc/xstartup
xrdb $HOME/.Xresources
xsetroot -solid grey
gnome-session --session=ubuntu-2d

After modifying xstartup file, restart VNC server:

$ vncserver -kill :1
$ vncserver :1

Last but not least, you must modify the "security group" associated with your EC2 instance, to allow inbound VNC traffic on the EC2 instance. Since VNC uses TCP/5901 port number, add a new inbound TCP rule for port 5901. Make sure to "apply" the rule change, which will then be activated right away. No need to reboot the VM instance.

This is the end of the procedure for setting up Ubuntu Desktop VM on EC2.

Connect to Ubuntu Desktop VM

On the local host side where you will be running VNC client, follow the rest of the steps below.

First, set up an SSH tunnel to the remote EC2 instance by running the command below. Using an SSH tunnel for VNC session is strongly required since your VNC session goes over the public Internet, and anyone can easily snoop on your VNC traffic.

$ ssh ubuntu@remote_ec2_host -L 5901/

If the remote EC2 instance is configured to require key authentication, you need to specify your private key with "-i" option in the above ssh command, as described here.

Once the SSH tunnel is successfully established, install and launch VNC client (gtkvncviewer in this example).

$ sudo apt-get install gtkvncviewer
$ gtkvncviewer

Type in the following VNC server info as follows, and connect. Note that VNC server end point should be, not the remote VNC server, since your VNC traffic goes through an SSH tunnel.

  • Server:
  • Password: your_vnc_password

Once your VNC session is established, you will see the familiar looking Ubuntu Desktop running on EC2.

Subscribe to Xmodulo

Do you want to receive Linux FAQs, detailed tutorials and tips published at Xmodulo? Enter your email address below, and we will deliver our Linux posts straight to your email box, for free. Delivery powered by Google Feedburner.

Support Xmodulo

Did you find this tutorial helpful? Then please be generous and support Xmodulo!

The following two tabs change content below.
Dan Nanni is the founder and also a regular contributor of He is a Linux/FOSS enthusiast who loves to get his hands dirty with his Linux box. He likes to procrastinate when he is supposed to be busy and productive. When he is otherwise free, he likes to watch movies and shop for the coolest gadgets.

29 thoughts on “How to set up Ubuntu Desktop VM on Amazon EC2

  1. Any idea what's going on if my VNC Client is showing me a gray screen with an X cursor? It obviously logged in via ssh, asked me for the password I set for the vnc server, and everything connected and worked. It looks like a raw X session with no window managers or anything running.

    • There are third party players that offer EC2-based desktop virtualization (e.g., Citrix XenDesktop), and believe it or not, it's becoming popular among enterprises. If you don't want to rely on any third party provider, you can set up your own cloud desktop on EC2.

  2. I tried switching to a cloud desktop in 2011, I really like the idea I can have my own exact system, with all my apps and setup just the way I want, from anywhere but latency was still a killer back then. Have things improved?

  3. I am experiencing a different thing. I was able to log in properly on tightvnc. However I only see the background picture. I can move my mouse around, but that's just it. The menu and icons didn't appear. Any thoughts?

  4. This worked for me up to the point of displaying the Ubuntu Desktop. But after several interactions with the desktop (selecting icons or selecting settings) the connection was refused.

    On the EC2 side I kept getting this command line message:

    "ubuntu@ip-10-185-173-155:~$ channel 3: open failed: connect failed: Connection refused"

    • This seems like an SSH tunnel problem. Try adding "-v -v -v" option to the ssh command to get more detailed info on why tunneling fails:

      $ ssh ubuntu@remote_ec2_host -L 5901/ -v -v -v
      • I'm having the same problem. I get this for debug:

        Connection to port 5901 forwarding to port 5901 requested.
        debug2: fd 9 setting TCP_NODELAY
        debug2: fd 9 setting O_NONBLOCK
        debug3: fd 9 is O_NONBLOCK
        debug1: channel 3: new [direct-tcpip]
        channel 3: open failed: connect failed: Connection refused
        debug2: channel 3: zombie
        debug2: channel 3: garbage collecting
        debug1: channel 3: free: direct-tcpip: listening port 5901 for port 5901, connect from port 59521, nchannels 4
        debug3: channel 3: status: The following connections are open:
        #2 client-session (t4 r0 i0/0 o0/0 fd 6/7 cc -1)

    • I have similar problem as Mark, that first desktop starts right. But after connection is lost. When I check the list of processes on the ec2 instance, I can see that vncserver instance doesn't run anymore.

  5. Dan, what ubuntu AMI are you using for this? I got through your instructions with no errors, but like Mike the VNC session results in just a grey X windows background with the big X cursor.

    The only thing that could be different is the version of AMI we are using vs yours. The ubuntu forums suggest that it actually does matter...could you edit this to include the AMI you used?

    • hey,
      After following above steps; i also got a gray screen with a X shaped mouse pointer in the vnc client.
      Can someone please suggest what may have went wrong ?

      • oh got it ;
        it was tunneling;
        When i used the the vnc gtkviewer directly via the public ip i got the desktop.
        (i also did not alter the file ~/.vnc/xstartup )

        Thanks a lot for the post :) .

  6. Hello Dan,
    Very handy article! I followed the steps but when I type:

    ssh ubuntu@remote_ec2_host -L 5901/

    I get asked for a password, and if I enter the VNC one, I get:

    Permission denied, please try again.

    Stuck here PLEASE HELP!

  7. this doesn't work. I only get a xserver window like the other folks have also explained. The x11 nonsense is confusing. Just give me the xorg.conf file configs needed to get the gui running on ec2. Isn't it the same x11.conf for all the ubuntu instances?

    • It *is* confusing! My first hurdle was deciding on the right type of x-server to set up. I wanted to do that without pulling in too much x-org dependency-crud that wouldn't be relevant for truly headless boxes on EC2 instances. I went with Xpra[1] because it did set up "xvfb" (X Virtual Frame Buffer[2]) for me, which included an approprate "xorg.conf". From there I verified that Xpra did work with their default NX-based option (am in the process of documenting the process for my own reference[3]). Next I'll try VNC via SSH. I eventually want to be able to access the box via TeamViewer, partly so I can try their nifty iOS an alternate/showing-off access method, of course. No way am I gonna be chicken-peckin' on a little screen for very long!


    • I was having the same problem with the grey ubuntu desktop and the X cursor. After switching to xfce4 using the above recommendations, it started to work. The only problem now is the the cursor is painting squares wherever I drag it over the screen, which is a bit annoying, but things seem to work.

  8. There is actually no need to open the 5901 port on the AWS Instance since you are tunneling through port 22.

  9. Count me in on the "blank desktop" gang.

    This with ubuntu@ip-172-31-21-110:~/.vnc$ cat /proc/version
    Linux version 3.13.0-29-generic (buildd@toyol) (gcc version 4.8.2 (Ubuntu 4.8.2-19ubuntu1) ) #

    The "xfce4" suggestion also ended up in a blank desktop.

    I finally have something working from this post :

    Particularly by pasting this in my xstartup :


    gnome-panel &

    But I'm not seeing an xterm option on my desktop, which is the ONE thing I really want !

    gnome-settings-daemon &
    metacity &
    nautilus &
    gnome-terminal &

  10. Put at the very beginning that you have to run

    "sudo apt-get update"

    before doing anything else! Otherwise Ubuntu desktop installation will fail.

  11. Hi,

    for everyone who is still struggling to run an Ubuntu desktop on Amazon EC2, I started a github project called Dullahan that provides a simple installer to make a base Ubuntu instance (like you get on Amazon EC2 or Softlayer) run the Ubuntu desktop using Xvfb. It should help you getting over the hump of most issues mentioned in the thread and it should deliver you an instance with X11 and the Ubuntu desktop that you can customize further.

    Here is the project:

    I just started this project, so be gentle, happy about any feedback and critic.


Leave a comment

Your email address will not be published. Required fields are marked *