I want to install a Graphical User Interface (GUI) in my Amazon EC2 instance running Amazon Linux 2. How do I do this?
Last updated: 2020-05-15
I want to install a Graphical User Interface (GUI) in my Amazon Elastic Compute Cloud (Amazon EC2) instance running Amazon Linux 2. How do I do this?
The MATE desktop environment, a lightweight GUI based on GNOME 2, is available as an extra for Amazon Linux 2 and is used in the Amazon Linux 2 offering of Amazon WorkSpaces. For more information about MATE, see the MATE desktop environment website.
To interact with MATE, you can install a Virtual Network Computing (VNC) service, such as TigerVNC. For more information about TigerVNC, see the tigervnc.org website.
You can install popular web browsers, such as Firefox or Chromium, on Amazon Linux 2 as well. For more information on Firefox, see the mozilla.org website. For more information on Chromium, see the chromium.org website.
Note: These instructions apply only to Amazon Linux 2. To confirm the version that you're running, run the following command.
Before you begin installation
1. Use SSH to connect to your Amazon EC2 instance as ec2-user.
Note: The instance must be in a public subnet and be accessible through a public IP address or an Elastic IP address. Or, you can establish a connection using AWS VPN or AWS Direct Connect that allows you to access your instance through a private IP. These instructions don't apply to environments using a bastion host. For security reasons, traffic to the VNC server is tunneled using SSH. It's a best practice to avoid opening VNC ports in your security groups.
2. Update your instance by running sudo yum update, and then reboot the instance. Failure to do so can lead to unpredictable results when executing the steps below.
1. Install MATE packages.
sudo amazon-linux-extras install mate-desktop1.x
2. Define MATE as your default desktop.
To define MATE for all users:
sudo bash -c 'echo PREFERRED=/usr/bin/mate-session > /etc/sysconfig/desktop'
To define MATE for the current user only (ec2-user):
echo "/usr/bin/mate-session" > ~/.Xclients && chmod +x ~/.Xclients
1. Install TigerVNC packages.
sudo yum install tigervnc-server
2. Configure a VNC-specific password containing 6 to 8 characters for this user. When asked if you want to enter a view-only password, press "n".
3. Start the VNC Server on display number 1.
Enter the following command to start the VNC Server only once.
Note: Entering this command prevents the service from coming up after a reboot.
Enter the following commands to always start the VNC Server at boot time.
Create a new systemd unit.
sudo cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@.service
Replace all occurrences of <USER> in the new unit with ec2-user.
sudo sed -i 's/<USER>/ec2-user/' /etc/systemd/system/vncserver@.service
Reload the systemd manager configuration.
sudo systemctl daemon-reload
Enable the service.
sudo systemctl enable vncserver@:1
Start the service.
sudo systemctl start vncserver@:1
Connect to the GUI using the VNC
1. Install the TigerVNC software on your local computer, if it's not already installed. TigerVNC is available for Linux, Windows, and macOS. See the TigerVNC website to access the download.
2. On your local computer, use SSH to connect to your instance while creating a tunnel to forward all traffic on local port 5901/TCP (VNC) to the instance's VNC server.
Linux and macOS
Use the -L parameter to enable port forwarding. Replace PEM_FILE with your private key, and INSTANCE_IP with your instance's public or private IP, as appropriate.
ssh -L 5901:localhost:5901 -i PEM_FILE ec2-user@INSTANCE_IP
Before opening the connection with PuTTY, configure port forwarding:
From the Connection menu, select SSH, and then select Tunnels.
Enter 5901 in the Source Port field.
Enter localhost:5901 in the Destination field.
Open the connection.
3. Open the VNC Client on your local computer. When asked for the VNC server hostname, enter localhost:1 and then connect to it.
4. Enter the VNC password you set up in step 2 of the Install TigerVNC section. If an alert appears stating that the connection isn't secure, disregard that alert. Although VNC data is unencrypted by default, you're accessing the VNC server using an encrypted SSH tunnel.
Your MATE desktop environment appears.
Install Web Browsers:
AWS currently doesn't provide web browsers such as Mozilla Firefox or Google Chromium in Amazon Linux 2 repositories. To install one of these browsers, follow the steps below.
Note: AWS doesn't provide support for software installed from third-party sources.
Chromium (open-source version of Google Chrome)
1. Enable the EPEL repository. See the EPEL documentation on the Fedoraproject.org website for more information.
sudo amazon-linux-extras install epel
2. Install Chromium packages.
sudo yum install chromium
Chromium installs on MATE under Applications, Internet, Chromium Web Browser.
Mozilla Firefox (current user only)
1. Download the latest Firefox version for Linux 64-bit to your local computer. See the mozilla.org website to access the download.
3. Extract the file contents. The command below indicates that the file is in the ec2-user's home directory. Change the path and the Firefox version as needed.
tar jxf ~/firefox-xx.y.tar.bz2 -C ~/
4. Using vim or your favorite editor, create a desktop icon. Create the file ~/Desktop/Firefox.desktop with the contents as shown in the following example.
[Desktop Entry] Version=1.0 Type=Application Terminal=false Icon=/home/ec2-user/firefox/browser/chrome/icons/default/default128.png Icon[en_US]=/home/ec2-user/firefox/browser/chrome/icons/default/default128.png Name[en_US]=Firefox Exec=/home/ec2-user/firefox/firefox Comment[en_US]=Firefox web browser Name=Firefox Comment=Firefox web browser GenericName[en_US.UTF-8]=Firefox web browser Categories=Network;WebBrowser;
5. Use the icon you created in step 4 on your desktop to launch Firefox.