Skip to Content
DocsApplicationsRemote AccessnoVNC
noVNC

noVNC

Browser-based VNC access that runs well in modern desktop and mobile browsers

Overview

noVNC is both a VNC client JavaScript library and an application built on top of that library. It runs well in any modern browser, including mobile browsers on iOS and Android.

It is a browser-based VNC client, not a native desktop viewer—access happens through your web browser rather than a standalone app.

Key features

noVNC focuses on simple, browser-based VNC access with QuickBox-managed services and paths.

🧭 Browser-first VNC

VNC client JavaScript library that runs in modern browsers, including mobile

🧩 Per-user services

Systemd units vnc@username.service and novnc@username.service are created per user

🛤️ Reverse-proxied paths

nginx locations /username/vnc and /username/websockify map to /srv/novnc and 127.0.0.1:port

🔌 Base ports

Base ports are 6080 (web) and 5901 (VNC daemon) with auto-generated flags enabled

When to use it

Choose noVNC when you want browser-based VNC access that QuickBox exposes through user-scoped paths.

You want

  • Need VNC access that works in modern desktop and mobile browsers
  • Want user-scoped web paths like /username/vnc and /username/websockify
  • Prefer per-user systemd services for VNC and websockify

QuickBox provides

  • QuickBox provisions vnc@username.service and novnc@username.service per user
  • nginx serves /username/vnc from /srv/novnc and proxies /username/websockify
  • Dashboard Service Control surfaces live port and service state for noVNC

Installation

QuickBox installs noVNC through the CLI or from the dashboard Package Management tab.

Install from the QuickBox CLI

Command
qb install novnc -u username
Description
Install noVNC for the specified user
Command
qb reinstall novnc -u username
Description
Reinstall noVNC for the specified user
Command
qb update novnc -u username
Description
Update noVNC for the specified user
Command
qb remove novnc -u username
Description
Remove noVNC for the specified user

CLI Options

-u, --usernameRequired

Target QuickBox username for install, reinstall, update, and remove actions

Install from the Dashboard

The Package Management tab shows noVNC with Install, Reinstall, and Remove actions. The Application Control view displays the live noVNC port and status for the selected user.

Access and authentication

URL / route

Item
Base web port
Details
6080 (auto-generated flag enabled)
Item
Base VNC daemon port
Details
5901 (auto-generated flag enabled)
Item
Port confirmation
Details
Dashboard Service Control shows the current noVNC port

Login / credentials / tokens

  • QuickBox decrypts the QuickBox user password and applies it with vncpasswd during install.
  • HTTP Basic auth for /username/vnc uses /etc/htpasswd.d/htpasswd.username.

Security notes

VNC daemon port access

QuickBox adds iptables rules to accept only localhost traffic on the VNC daemon port and drop other traffic. Access is intended through the nginx paths instead of direct VNC port access.

Configuration and files

Key paths
/
srv/# noVNC client files and utilities
└── novnc/
│ ├── utils/novnc_proxy# WebSocket bridge used by novnc@username.service
│ └── utils/self.pem# Bundled certificate for novnc_proxy
etc/# Service + nginx definitions
├── systemd/system/
│ ├── vnc@username.service# TightVNC display bound to the VNC daemon port
│ └── novnc@username.service# novnc_proxy listening on the assigned web port
├── nginx/conf.d/username.vnc.conf# Websockify proxy for /username/websockify
├── nginx/software/username.novnc.conf# Alias for /username/vnc served from /srv/novnc
└── htpasswd.d/htpasswd.username# HTTP Basic auth for /username/vnc
home/# User session assets
└── username/.vnc/xstartup# Xfce session launcher with autocutsel and startxfce4

Common tasks

FAQ

QuickBox sets a base web port of 6080 and a base VNC daemon port of 5901, with auto-generated flags enabled. The Dashboard Service Control view shows the current assigned noVNC port.
QuickBox outputs the per-user path /username/vnc/vnc.html?resize=remote&host=host&path=username/websockify and maps the nginx locations /username/vnc and /username/websockify to the noVNC client and websockify bridge.
QuickBox sets the VNC password using vncpasswd based on the stored QuickBox user password, and nginx protects /username/vnc using HTTP Basic auth from /etc/htpasswd.d/htpasswd.username.

Best practices

Do

  • Use the Dashboard Service Control view to confirm the active port and service state for noVNC.
  • Keep /home/username/.vnc/xstartup executable so Xfce launches with autocutsel and startxfce4.
  • Use the /username/vnc path protected by HTTP Basic auth for browser access.

Don't

  • Do not expect direct access to the VNC daemon port; iptables drops non-local traffic to that port.
  • Do not delete /etc/htpasswd.d/htpasswd.username if you rely on HTTP Basic auth for /username/vnc.

Troubleshooting

Symptom: browser loads but the desktop is blank

Checks: Confirm vnc@username.service is running and /home/username/.vnc/xstartup exists and is executable.

Symptom: connection refused on the websockify path

Checks: Confirm novnc@username.service is active and /etc/nginx/conf.d/username.vnc.conf points to the assigned web port.

Resources

Resources

noVNC official website

Official noVNC project website with documentation and downloads

noVNC GitHub repository
VNC protocol overview

Wikipedia article covering the Remote Framebuffer (RFB) protocol used by VNC

Join the Community

Media server operators sharing configs, getting support, and shaping the future of QuickBox Pro.

Dedicated Support
Feature Previews
Community Configs
Active Discussions
Join Discord Server
Remote AccessWeb Console