TL;DR – Ubuntu remote access choices
- Use SSH for admin work: It is the default answer for shell tasks, automation and low-overhead maintenance.
- Use XRDP for a full desktop: Especially when your client machine is Windows and RDP is already the habit.
- Use VNC only when you actually need it: Shared sessions and app-level GUI workflows are the usual reasons.
- Do not expose everything: The biggest decision is often how the service is reached, not which service you picked.
Start here: If you already know you want the desktop route, How To Install Xrdp Server On Ubuntu 22.04 is the deeper XRDP walkthrough. This page helps you choose the right access model before you install anything.
| Tool | When | Command or port |
|---|---|---|
| SSH | Shell admin, files, scripting | sudo apt install openssh-server / TCP 22 |
| XRDP | Full Ubuntu desktop from Windows RDP | sudo apt install xrdp / TCP 3389 |
| VNC | Shared GUI session or specific remote desktop pattern | Usually TCP 5900+ |
| Rule | Any internet-facing setup | Restrict access with VPN, firewall rules or trusted source IPs |
The easiest way to get Ubuntu remote access wrong is to start with the most visual answer instead of the most practical one. Many people install a full desktop stack when what they really needed was a shell, file access and a stable SSH workflow.
SSH is still the default answer for server work
If the job is package management, config edits, service restarts, logs, automation or file work, SSH is the cleanest path. It is lighter, safer to expose through controlled paths, and much easier to pair with keys, jump hosts and VPN access.
XRDP makes sense when you need a real desktop
XRDP is the obvious fit when the user expects a full Ubuntu desktop and is connecting from Windows. It lines up nicely with the native Remote Desktop client and feels familiar to people who already manage Windows boxes that way.
If that is your direction, use How To Install Xrdp Server On Ubuntu 22.04 for the dedicated install and troubleshooting path.
VNC is the niche answer, not the default answer
VNC still has a place. It is useful when you need a shared graphical session, when the workflow is tied to a particular VNC stack, or when you are dealing with a tool that expects that style of desktop access. It is just not the best first answer for most Ubuntu admin tasks.
Security matters more than the access method label
- Expose as little as possible directly to the internet.
- Restrict source IPs where you can.
- Prefer VPN access for GUI protocols.
- Harden SSH properly if it is your main admin channel.
For the SSH side of that conversation, the follow-on guide is Linux SSH Hardening Checklist for Small Servers and Home Labs. For a fresh Ubuntu box, pair this with Ubuntu Server First 30 Minutes