How to Add User to Sudoers in Debian 12

Installing MySQL on Debian effectively creates a robust and flexible database (DB) infrastructure that accommodates a wide range of applications as well as services. It is renowned for its scalability, dependability, and durability. By setting it, individuals experience the operations in an efficient manner and enhance the overall efficiency of DB infrastructure. Administrators, database analysts, and industries that require a reliable database solution for handling massive amounts of data will particularly benefit from this combination. Additionally, troubleshooting issues and improving operations are made easier by MySQL's extensive guide and supporters. And if you’re looking for a reliable, high-performance, and budget-friendly solution for your workflows, Hostman has you covered with Linux VPS Hosting options, including Debian VPS, Ubuntu VPS, and VPS CentOS. In this guide, we will demonstrate the thorough procedure for installing and configuring MySQL on Debian. Installing MySQL on Debian can be confusing at first How to Install MySQL on Debian The default repositories do not contain the MySQL database server package on Debian. To install it on a  Linux system follow the below instructions. We will download the recent version of the MySQL. Step 1: Download MySQL Package Let us obtain the MySQL repository information package, which is in the .deb format: wget https://dev.mysql.com/get/mysql-apt-config_0.8.30-1_all.deb Downloading the mysql-apt-config package from the official MySQL repository Note: To authenticate the most updated release, go to the MySQL repository webpage. Step 2: MySQL Configuration Package Installation Then, employ the .deb file for initializing the installation via dpkg: sudo dpkg -i mysql-apt-config_0.8.30-1_all.deb Installing the MySQL configuration packag using dpkg. Respond to the prompt. For instance, pick MySQL Server & Cluster and hit Enter for starting configurations: Selecting MySQL Server & Cluster from the configuration options in the MySQL APT repository setup For picking a version such as (mysql-8.4-lts), scroll downward and hit OK for the next step: Choosing the desired MySQL server version (for example, mysql-8.4-lts) during the configuration process Step 3: Refresh the System Now, update the server's package indexes to implement the updated MySQL info: sudo apt update Updating the package lists on Debian before installing MySQL Step 4: MySQL Installation Debian's default manager makes sure to install MySQL in an easier manner. Installing the package with this command: sudo apt install mysql-server -y Installing MySQL Server on Debian using apt You will see the interface for setting the root account. Input a stronger password to secure the database. In the end, hit the Ok button: Setting the root password for the MySQL server during installation Check the version on the server via the --version utility: mysql --version Verifying the installed MySQL version using the mysql --version command Step 5: Managing the Services Now, you can enable the MySQL service to initialize automatically at boot time: sudo systemctl enable mysql Activate the service via the systemctl utility: sudo systemctl start mysql Check if the system service is operational by viewing its status: sudo systemctl status mysql Verifying that the MySQL service is active and running using systemctl status mysql Before you open port 3306 to clients, take a look at Creating an SSH Tunnel for MySQL tutorial—you’ll learn how to tunnel your connections over SSH so you never have to expose MySQL directly to the internet. Step 6: MySQL Secure Installation The root database user on the server is now protected by the key or password that the person created during the initialization process. Other unsafe defaults in MySQL include remote access to test databases and the server's root database user. It is vital to secure the MySQL installation after it has been completed as well as disable all unsafe default settings. There is a security script that can assist us in this procedure. Run the script: sudo mysql_secure_installation Running mysql_secure_installation to configure security options and enable password validation policies To activate the VALIDATE PASSWORD component and guarantee stringent password procedures, type Y and hit Enter. Next, you will need to configure several security settings: Set the Root Password: Select a strong password and make sure that it is correct. Configure the password policy for the DB server. For instance, type 2 to permit only the strong passwords on the server and hit Enter. When required to modify the root password, input N; alternatively, input Y to modify the password. Eliminate Anonymous Users: It is advised to eliminate the accessibility of anonymous users. For this, input Y and Enter when prompted. Prevent Accessibility of Remote Root: It is a better practice to avoid remote root login for multiple security concerns. To prevent the root user from having a remote access, input Y and hit Enter. Delete the Test DB: For enhancing security, the test database, which is utilized for testing, can be deleted. To do so, input Y and hit Enter. Refreshing Privilege Tables: It guarantees that all modifications are implemented instantly. To implement the configuration and edit the privileges table, hit Enter. Removing the default test database and reloading privilege tables for improved security Step 7: Access MySQL Utilizing the mysql client utility, MySQL establishes the connection and provides access to the database server console.  Now, access the shell interface and run general statements on the DB server. Let’s input the root and the password created at the time of the safe installation procedure: sudo mysql -u root -p Logging into the MySQL shell as the root user with sudo mysql -u root -p Step 8: Basic MySQL Operations The creation of a DB and a new user for your applications rather than utilizing the root is a better practice. To accomplish the task, employ the given instructions: Create a Database: First, create a database. For instance, hostmandb is created via the below command: CREATE DATABASE hostmandb; Creating a new database named hostmandb inside MySQL Display All Databases: List all databases to make sure hostmandb is created: SHOW DATABASES; Listing available databases with the SHOW DATABASES; command Create of a New User: Create a user and assign a strong password. In our example, we set Qwer@1234 as a password for the user  minhal. Replace these values with your data. CREATE USER 'minhal'@'localhost' IDENTIFIED BY 'Qwer@1234'; Creating a new MySQL user with a secure password Give Permissions to the User: Give complete access to the hostmandb to the new user: GRANT ALL PRIVILEGES ON hostmandb.* TO 'minhal'@'localhost'; Granting all privileges on the hostmandb database to the new user Flush Privileges: To implement the modifications, refresh the table: FLUSH PRIVILEGES; Applying the changes with the FLUSH PRIVILEGES; command Exit the Shell: For closing the interface, utilize the EXIT statement: EXIT; Exiting the MySQL shell with the EXIT; command Access MySQL Console as the Particular User For the purpose of testing hostmandb access, log in to MySQL as the new user, in our case minhal. sudo mysql -u minhal -p It accesses the console after entering the minhal user password when prompted: Logging into MySQL with the newly created user account For verification, display all DBs and confirm that the hostmandb is available: SHOW DATABASES; Step 9: Configuration for Remote Access Setting up the server for supporting remote accessibility is necessary if an individual is required to access MySQL remotely. Follow these steps: Access the mysql.cnf file and modify the particular file for MySQL: sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf Opening the MySQL configuration file (mysqld.cnf) to enable remote access Look for the line with the bind-address and change it to: bind-address = 0.0.0.0 Updating the bind-address parameter to 0.0.0.0 to allow remote connections Reload the MySQL service: sudo systemctl restart mysql Restarting the MySQL service to apply the configuration changes Permit the user to have remote access: sudo mysql -u root -p GRANT ALL PRIVILEGES ON hostmandb.* TO 'minhal'@'localhost';FLUSH PRIVILEGES;EXIT; Granting privileges, flushing changes, and exiting the MySQL shell. Step 10: Firewall Configuration You must allow traffic on MySQL port 3306 if you have a firewall turned on. Follow these procedures to set up the firewall: Allow traffic through MySQL: sudo ufw allow mysql Allowing MySQL traffic through the firewall with ufw allow mysql Now, activate the UFW on the system: sudo ufw enable Enabling the UFW firewall to start protecting the system Reload the firewall: sudo ufw reload Reloading the UFW firewall to apply the updated rules Step 11: Restore and Backup Maintaining regular backups is crucial to avoiding data loss. The mysqldump utility is provided by MySQL for backup creation. To achieve this, consider these instructions: Backup a Single Database: This command employs mysqldump to create the backup of the hostmandb as a hostmandb_backup.sql file: sudo mysqldump -u root -p hostmandb> hostmandb_backup.sql Creating a backup of the hostmandb database using mysqldump Backup All Databases: For creating a backup of all databases as a file named all_databases_backup.sql with root privileges, utilize mysqldump: sudo mysqldump -u root -p --all-databases > all_databases_backup.sql Exporting all MySQL databases into a single backup file Restore a Particular Database: Now, restore the hostmandb from the backup file hostmandb_backup.sql: sudo mysql -u root -p hostmandb < hostmandb_backup.sql Restoring the hostmandb database from a backup file Step 12: Optimize MySQL Operations (Optional) Depending on the workload and server resources, you can adjust settings to guarantee peak performance. These instructions will help you maximize MySQL's speed: Adjust InnoDB Buffer Pool Size: Caches for data and indexes are kept in the InnoDB buffer pool. Expanding its size can enhance its functionality. Edit the MySQL configuration file: sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf The below line should be added or changed: innodb_buffer_pool_size = 1G using MySQL performance by setting the InnoDB buffer pool size in the configuration file Its size should be adjusted according to the amount of memory on the server. Enable Query Cache: The query cache stores the outcome of SELECT queries. Enabling it can enhance operations for repetitive queries. Modify the .cnf file: sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf Add or edit the below lines: query_cache_type = 1query_cache_size = 64M Configuring query cache settings in the MySQL configuration file for better performance Optimize Table Structure: Frequently optimize your customers table in hostmandb to recover wasted space and boost efficiency: USE hostmandb;OPTIMIZE TABLE customers; Running OPTIMIZE TABLE on the customers table to improve efficiency and reclaim unused space Analyze Operations: DB operations can be tracked and analyzed with tools like MySQL Workbench and mysqltuner. Using the command below, install mysqltuner: sudo apt install mysqltuner Installing mysqltuner to analyze and optimize MySQL performance Run mysqltuner to get performance recommendations: sudo mysqltuner Running mysqltuner to analyze the MySQL server configuration and receive performance recommendations Conclusion Installing a MySQL environment is important in today's digital world. By following this instruction, you'll be able to safely install and connect to your MySQL database. This strategy not only increases security but also improves remote database maintenance efficiency. It helps to prevent breaches and ensures the confidentiality of your data. This article has given thorough instructions for the installation of MySQL's database environment on Debian. It is suggested that MySQL servers should be regularly monitored and optimized to guarantee optimum performance and dependability. In addition, Hostman offers pre-configured and ready-to-use cloud databases, including cloud MySQL.  When you know how to install MySQL on Debian

Samba is an open-source, stable software that allows cross-platform sharing of printers and files and makes integration of Windows and Linux problem-free. Windows primarily employs the SMB and CIFS protocols for sharing. Samba employs these protocols to create a shared and common network. With this tool, you can: Get hassle-free file sharing between Linux and Windows platforms. Make the printers available to both platforms. Incorporate Linux servers into Windows-based workgroups or domains. Implement user-based access rights for improved control over shared resources. And if you’re looking for a reliable, high-performance, and budget-friendly solution for your workflows, Hostman has you covered with Linux VPS Hosting options, including Debian VPS, Ubuntu VPS, and VPS CentOS. This guide covers installing, configuring, and setting up Samba on Debian securely. Either you are new or a seasoned admin, this tutorial breaks down each step into step-by-step instructions. Choose your server now! Advantages of Samba Samba is among the most reliable tools for mixed-OS networking because of the vast list of benefits it offers. Let's take a look at why Samba is such a gem: 1. Cross-Platform Compatibility Samba facilitates smooth communication and resource sharing between the Linux and Windows environments. It breaks the compatibility hurdles and allows for effortless shared drives configuration, printers, and files. 2. Centralized Management Samba enables smooth integration into Windows environments, facilitating centralized authentication and streamlined resource management. It is very handy for corporations and large companies that have numerous users. 3. Cost-Effectiveness Because Samba is open source, it does not rely on proprietary systems, which is cost-effective without losing enterprise functionality. 4. Security Customizable access controls allow only users with the rights to see or edit sensitive documents. Add-on features such as encrypted passwords add an extra security layer. 5. Scalability Samba is capable of supporting small home networks and also large corporate networks, scaling up as needed. Setting Up Samba on Debian Samba setup entails installing software, configuring shared directories, creating users, and troubleshooting. Below is the step-by-step process. Step 1: Update System To avoid incompatibilities, update system packages before installing Samba. Launch the terminal and enter: sudo apt update && sudo apt upgrade This makes your Debian server ready for Samba installation. Step 2: Install Samba on Debian Samba isn't installed by default in Debian but is easily installable with its package manager. To get this tool, type in: sudo apt install samba -y Step 3: Create a Shared Directory Shared directories are centralized folders that can be accessed from client machines. Establishing one involves the following steps: Create the directory for sharing: sudo mkdir -p /srv/samba/hostman_shared This command makes a new directory for file sharing. Note: /srv directory is where the Filesystem Hierarchy Standard (FHS) advises putting data which is meant to be shared or served by the system. /srv shared directories ensure your directory structure is uncluttered and best practices compliant. Set directory permissions: sudo chmod 2770 /srv/samba/hostman_shared This ensures only trusted users can read and write within the directory. Assign the group to the directory: sudo chgrp sambashare /srv/samba/hostman_shared Group ownership assignment enables user-based access control via the sambashare group. Step 4: Add Samba Users With Samba, shared directory permissions can be set and customized through these commands: Add a new user: sudo adduser sambauser This process ensures you create a samba user with the required permissions. Set a Samba password for the user: sudo smbpasswd -a sambauser Enable the user: sudo smbpasswd -e sambauser With authentication enabled, Samba restricts directory access to permitted users. Step 5: Edit Samba Configuration The Samba config file, smb.conf, controls how shared resources are accessed and protected. Modifying this file is essential to setting up your shares. Open the configuration file: sudo nano /etc/samba/smb.conf Insert the following block to declare the shared directory: [HostmanShared] path = /srv/samba/hostman_shared valid users = sambauser writable = yes browsable = yes guest ok = no create mask = 0660 directory mask = 0770 Where: [HostmanShared] is the designated name for the shared resource in this configuration. path = /srv/samba/hostman_shared defines where the shared directory is placed on the server. valid users = sambauser determines which users have privilege to share. writable = yes provided users permission to modify, create, and delete files inside the shared directory. browsable = yes ensures the share is easily accessible in network searches.  guest ok = no prevents guest access to the share. Only authenticated clients (such as sambauser) can access.  create mask = 0660 sets the default permissions for files created within the shared folder. directory mask = 0770 controls folders permissions created within the shared resource.  Save and exit the file (Ctrl + X, Y, Enter).  Step 6: Restart Samba Server Reload the Samba service to activate the latest configuration updates: sudo systemctl restart smbd Check the status to confirm it’s running: sudo systemctl status smbd Your configuration is now fully operational after this step. Step 7: Connect from a Windows Client For connecting to the shared folder from a  Windows computer: Open File Explorer. Enter \\<server-ip>\HostmanShared into the address bar. Enter the required Samba login credentials to proceed. This confirms your Samba network share is properly configured. Step 8: Connect from a Linux Client To interact with the Samba share from a Linux machine, use the smbclient utility. It helps you connect with the shared resources directly from the terminal. You must install smbclient on your other Linux system via: sudo apt install smbclient Then execute this command to connect to Samba share on Linux: smbclient '\\<server-ip>\HostmanShared' -U sambauser Modify <server-ip> by inserting the real IP address of your Debian system. Once connected, the shared resources can be accessed. Frequent Problems and Their Solutions A proper setup doesn’t always guarantee a smooth experience. Here’s how to resolve potential issues: Permission Denied Check whether access settings are correctly configured for the shared directory. Ensure that the Samba user is set up and activated to be able to access shared folders. When installing the Samba server, make sure to add the user to the sambashare group. This will prevent permission problems when attempting to access or request files. Note: A user can be added on Debian via: sudo adduser [username] Connection Refused Ensure that the Samba service is up and operational: sudo systemctl status smbd Firewall Blocking Connections Configure your firewall to unblock Samba-required ports (137-139 and 445) for smooth operation: sudo ufw allow 137,138/udp sudo ufw allow 139,445/tcp Advanced Samba Features You can expand Samba’s functionality by implementing advanced features, such as: Adding Multiple Shared Directories Samba helps you configure multiple shared directories. Simply repeat the steps for creating and configuring a directory, adding each directory block to the smb.conf file. For example: [PublicShare] path = /srv/samba/public guest ok = yes writable = yes browsable = yes This enables guest access for public files, separate from private resources. Monitoring Samba Usage You can also monitor Samba usage to analyze performance and identify issues: Enable logging in smb.conf: [global]    log level = 3    log file = /var/log/samba/log.%m Analyze logs to troubleshoot or audit usage: sudo tail -f /var/log/samba/log.smbd Choose your server now! Conclusion The Linux and Samba integration offers transparent sharing of resources among operating systems. From home installation to corporate network with thousands of nodes, the scalability and flexibility of Samba make it an indispensable cross-platform integration software. From this tutorial, you have acquired secure access, user authentication, and shared-resource capabilities, and a functional, properly configured environment. Take advantage of Samba functionality to create collaboration and ease the execution of operations, and network appliances efficiently.

The term Virtual Network Computing (VNC) refers to a system for remote access to a computer’s desktop environment. It allows users to interact with the interface, access files on storage, run applications, and modify operating system settings. A similar approach is used for managing virtual machines rented from providers like Hostman, who has reliable, high-performance, and budget-friendly solutions for your workflows, including Linux VPS Hosting options: Debian VPS, Ubuntu VPS, and VPS CentOS. This guide will walk you through setting up a VNC server on a Hostman's VPS servers running Debian, with a secure connection established over SSH. For this example, we’ll use the TightVNC utility, known for its reliable performance even over low-speed connections and seamless file transfers in both directions (to and from the server). Technical Requirements Before starting, ensure you have a prepared Debian server, either in the cloud or locally. Apart from having the operating system ready, it's recommended to configure both a root user and a sudo user (the former without privileges and the latter with them). Additionally, you must allow SSH connections through the firewall. You will need the following: A machine running Windows or macOS. A pre-installed VNC client such as TightVNC, RealVNC, or UltraVNC on Windows, or Screen Sharing on macOS. Alternatively, if you are using another Linux machine, you can install a VNC client such as Vinagre, KRDC, RealVNC, or TightVNC. Installing the VNC Server and Desktop Environment By default, a Debian server doesn’t have a graphical interface for easier management, nor does it include a remote management tool. Therefore, the first step is to install both. In this example, we’ll use the Xfce desktop environment and TightVNC, both of which are available in Debian’s official repository. Update the Package List First, update the list of available packages on the host system by running: sudo apt update Install the Xfce Desktop Environment Next, install the Xfce desktop environment along with additional utilities: sudo apt install xfce4 xfce4-goodies During the installation, the system will prompt you to select a keyboard layout from the provided list. Choose the desired option and press Enter to continue. Once the installation is completed, proceed to install the VNC server. Install the TightVNC Server Use the following command to install TightVNC: sudo apt install tightvncserver After the installation, you need to configure TightVNC by setting a security password and generating configuration files where connection parameters will be stored. Initial VNC Configuration Run the following command to start configuring the VNC server: vncserver The program will prompt you to set a password for connecting to the remote system: You will require a password to access your desktops.Password:Verify: The password must be between 6 and 8 characters long. If a longer password is entered, it will be automatically truncated. Additionally, you can set up a view-only mode, where the connected user can only observe the desktop without being able to control the keyboard or mouse. This mode is useful for demonstrations. After entering both passwords, the utility will generate a configuration file: Would you like to enter a view-only password (y/n)? nxauth:  file /home/username/.Xauthority does not existNew 'X' desktop is your_hostname:1Creating default startup script /home/username/.vnc/xstartupStarting applications specified in /home/username/.vnc/xstartupLog file is /home/username/.vnc/your_hostname:1.log Configuring the VNC Server The VNC server needs to be configured so that it knows what commands to execute upon startup—for example, specifying the desktop environment to be launched when a connection is established. These startup instructions are located in the xstartup file, which resides in the .vnc subdirectory of the home directory. This file is automatically created when you launch the vncserver for the first time.  In this guide, we’ll modify the configuration to launch the Xfce graphical interface upon startup. By default, VNC communicates with remote hosts using port 5901, also known as the display port for "display 1". Additional instances can be started on ports 5902, 5903, etc. Stop the VNC Server Before configuring VNC on Debian, stop the currently running instance with the following command: vncserver -kill :1 The output will look something like this: Killing Xtightvnc process ID 17648 Backup the Original Configuration File It’s a good practice to create a backup of the original xstartup file, so you can easily revert the settings if anything goes wrong: mv ~/.vnc/xstartup ~/.vnc/xstartup.bak Create and Edit a New xstartup File Now, generate a new xstartup file and open it for editing using a text editor (in this case, nano): nano ~/.vnc/xstartup The commands you add to this file will be automatically executed when the VNC server starts or restarts. Add the following lines to launch the Xfce desktop environment: #!/bin/bashxrdb $HOME/.Xresourcesstartxfce4 & Here: The first line specifies that the script should be executed using the bash shell. The line with xrdb loads the .Xresources file, which defines terminal colors, cursor themes, font rendering, and other desktop appearance settings. The line startxfce4 & launches the Xfce graphical interface. Make the xstartup File Executable After editing the configuration file, make it executable by running: sudo chmod +x ~/.vnc/xstartup Restart the VNC Server Finally, restart the VNC server: vncserver You’ll see the following output on the screen: New 'X' desktop is your_hostname:1Starting applications specified in /home/username/.vnc/xstartupLog file is /home/username/.vnc/your_hostname:1.log Configuring the VNC Desktop By default, TightVNC establishes a connection without encryption. However, for our purposes, we require a secure tunnel using the SSH protocol. This involves creating a secure connection on the client side, which forwards data to localhost for handling by the VNC utility. You can achieve this by running the following command in the terminal (Linux or macOS): ssh -L 5901:127.0.0.1:5901 -C -N -l user your_server_ip The -L option specifies port forwarding. The default configuration uses port 5901 on both the remote and local hosts. The -C option enables compression, which reduces the size of data sent between the client and server. The -N option tells the SSH protocol that no remote commands will be executed and that it is only being used for port forwarding. The -l option specifies the username for the remote connection. In the above command, replace user with the username (typically a non-privileged root user) and your_server_ip with the actual IP address of the remote host. If you are using Windows, you can create the SSH tunnel using PuTTY, a popular SSH client with a graphical interface. In PuTTY, you need to: Enter the IP address of the remote host. Configure port forwarding by adding localhost:5901 as the new port for data redirection. Save the session settings and initiate the connection. Once you initiate the connection, the system will prompt you to enter the password you set during the initial VNC server configuration. The tunnel will only be activated after successful user authentication. Once connected, you will see the Xfce graphical interface as configured in the .Xresources file. You can finalize the desktop setup by selecting "Use default configuration" in the menu. To end the SSH session, press the key combination Ctrl+C. This will close the tunnel and terminate the remote session. Running VNC as a System Service In the final step, we will configure VNC Server as a system service on Debian, enabling you to start, stop, and restart it just like other system services. This ensures that the utility starts automatically with the server. To do this, we'll edit the configuration file /etc/systemd/system/vncserver@.service: sudo nano /etc/systemd/system/vncserver@.service The @ symbol is used as an argument to modify the service parameters. It is applied when you need to specify the display port used by the VNC utility. Add the following lines to the file (replace user, group, workingdirectory, and username with your own values): [Unit]Description=Start TightVNC server at startupAfter=syslog.target network.target[Service]Type=forkingUser=usernameGroup=usernameWorkingDirectory=/home/usernamePIDFile=/home/username/.vnc/%H:%i.pidExecStartPre=-/usr/bin/vncserver -kill :%i > /dev/null 2>&1ExecStart=/usr/bin/vncserver -depth 24 -geometry 1280x800 :%iExecStop=/usr/bin/vncserver -kill :%i[Install]WantedBy=multi-user.target The ExecStartPre command allows you to stop the VNC server if it is already running. The ExecStart command will restart the server and set the resolution to 1280x800 with 24-bit color. After editing the file, apply the changes and inform the system about the new file: sudo systemctl daemon-reload Next, enable the service: sudo systemctl enable vncserver@1.service The 1 after the @ represents the display number where the service should be activated. It will always be "1" unless you change the default configuration, but you can specify another number if needed. Now, stop the active instance of the VNC server and start the new service: vncserver -kill :1sudo systemctl start vncserver@1 You can check if the VNC server is running with: sudo systemctl status vncserver@1 The result will look like this: vncserver@1.service - Start TightVNC server at startup   Loaded: loaded (/etc/systemd/system/vncserver@.service; enabled; vendor preset: enabled)   Active: active (running) since Wed 2018-09-05 16:47:40 UTC; 3s ago  Process: 4977 ExecStart=/usr/bin/vncserver -depth 24 -geometry 1280x800 :1 (code=exited, status=0/SUCCESS)  Process: 4971 ExecStartPre=/usr/bin/vncserver -kill :1 > /dev/null 2>&1 (code=exited, status=0/SUCCESS)  Main PID: 4987 (Xtightvnc)... After these steps, the VNC server will be available after the system restarts. Now, initiate the SSH tunnel again: ssh -L 5901:127.0.0.1:5901 -C -N -l username your_server_ip This command will create a connection using the client application that forwards the connection from localhost:5901 to your local machine. Conclusion We have completed configuring and launching a secure VNC server on a Debian system. Now, you can perform all usual operations: installing and uninstalling software, configuring programs, managing files, surfing the web, etc. To know more, click on the instruction on how to create server on Hostman's horsepowers.  Frequently Asked Questions How do I install VNC on Debian Linux? Run sudo apt install tigervnc-standalone-server, then follow the steps for your desktop environment. What VNC server is recommended for Debian? TigerVNC is fast and reliable. RealVNC is another solid option with nice GUI tools. How do I start a VNC session in Debian? Just run vncserver :1 once you’ve configured your user and desktop. Can I secure my VNC connection? Absolutely. Always use SSH tunneling to encrypt your session.