How can I remote access my Mac from my PC?

[stanny]

I have got a Mac at home and I would like to remote access it from my Windows PC at the office. Is this possible? Remote access which means my PC screen would be exactly the same as my Mac at home.

 

[aaronw1986]

I have got a Mac at home and I would like to remote access it from my Windows PC at the office. Is this possible? Remote access which means my PC screen would be exactly the same as my Mac at home.

Look into VNC. Or something like www.logmein.com

 

[SHADO]

Logmein is a good option. Also I use the program TeamViewer, which is cross-platform, for remote support and stuff.

 

[LtRammstein]

I get an SSH client, Putty, and I set it up to do a VNC tunneling. Make sure Vine Server is installed on your Mac.

I then get a free version of RealVNC. So to get it work properly, since it is tunneling, I type: localhost:5900 into RealVNC. This will access the SSH tunnel I created.

It's a bit of a headache, but it's secure.

 

[steveza]

Unless you are going to go down the tunneling route logmein is probably the easiest option. If you are at the office then you probably have a firewall between yourself and the Internet which will block all sorts of remote access software unless its running on the common web ports i.e. 80 and 443.

 

[PaperQueen]

I get an SSH client, Putty, and I set it up to do a VNC tunneling. Make sure Vine Server is installed on your Mac.

I then get a free version of RealVNC. So to get it work properly, since it is tunneling, I type: localhost:5900 into RealVNC. This will access the SSH tunnel I created.

Would this work if I’m trying to access my blog from Beijing? Last time I was there, access was blocked to Blogspot and my website. Since then, the blog has been moved to my second (different) website, but something tells me that’s going to be another brick wall.

Especially if anyone takes a peek and sees that I’m a journalist-—not the flavor of the month in that neck of the woods.

 

[Beerfloat]

Would this work if I’m trying to access my blog from Beijing? Last time I was there, access was blocked to Blogspot and my website. Since then, the blog has been moved to my second (different) website, but something tells me that’s going to be another brick wall.

Especially if anyone takes a peek and sees that I’m a journalist-—not the flavor of the month in that neck of the woods.

Sure, all you need for ssh to work is access to TCP port 22. And even if that is somehow blocked, just run ssh on any other port you feel like.

SSH is pretty good secure solution short of setting up an ipsec link to your home, but some of the other suggestions are a little easier to set up.

 

[PaperQueen]

Sure, all you need for ssh to work is access to TCP port 22. And even if that is somehow blocked, just run ssh on any other port you feel like.

(insert: shuffling of feet, looking sheepishly at ground)

I’m embarrassed to admit this after using Macs for 25 years, but...how/where do I change a port setting? Have only dealt with them in outbound email settings via Mail.

Yeah. I feel like a dork right now. Thanks for not laughing and pointing.

 

[illegallydead]

(insert: shuffling of feet, looking sheepishly at ground)

I’m embarrassed to admit this after using Macs for 25 years, but...how/where do I change a port setting? Have only dealt with them in outbound email settings via Mail.

Yeah. I feel like a dork right now. Thanks for not laughing and pointing.

[laughs and points]

I'm not really a network guru, so I won't be much help here, but I would be very interested in getting this set up for my mac as well. Good thread!

 

[Killerbob]

Most, if not all, of the settings you need to play around with are in the Airport Utility". Select your 'gateway', and go into "Manual Setup". Select "Advanced"-settings, and under "Port Mapping", you can add services. You select a service, and then you add the port and the local IP address you want to forward etc.

I have only had to do this for the SSH connections from my NAS provider, and that was very easy. How to set up remote desk-topping I don't know. I have used LOGMEIN, and with a PC that was cool, but there is only the free version available for Macs, and that doesn't allow file management.

I am traveling soon, and would like to be able to access my NAS from abroad, and need a solution for this. What about setting two Macs both up on the same MOBILEME account, would that work?

 

[Beerfloat]

(insert: shuffling of feet, looking sheepishly at ground)

I’m embarrassed to admit this after using Macs for 25 years, but...how/where do I change a port setting? Have only dealt with them in outbound email settings via Mail.

Yeah. I feel like a dork right now. Thanks for not laughing and pointing.

Well the easiest way to change the port is simply to have your ADSL/Cable modem/Router device reserve some fixed port, say 10022, and forward that to your Mac on port 22.

Then all you need to do from the outside is ssh to port 10022 on your outside IP address (with putty or any other ssh client), and your router will forward that incoming connection through to port 22 on the Mac.

Then you enable ssh tunneling for specific ports and you'll be able to connect to your remote host on localhost:xxxx and it will actually make a connection to your Mac on port:xxxx, automatically encrypting that connection on the fly. For instance if you make a tunnel to port 5900 where your Apple Remote Desktop could be listening, if you enabled it and selected VNC compatibility, you can then use a VNC client to securely remote control your Mac from anywhere.

If you happen to still have a router that does not support forwarding ports to different port numbers, then you could also just change the ssh port on your Mac itself by editing /etc/sshd.conf and adding a 'Port XXXX' statement in there (and restarting), and setting up a straight forward on your router.

But still, for many people logmein etc might just be easier.

 

[Killerbob]

LOGMEIN is for sure much much easier to work with, and free as well. However, you cannot do file transfer with LOGMEIN, as basically all you are doing is screen sharing. If that is enough, then OK, LOGMEIN is good. For the PCs you can have file mgmt., and a bunch of other niceties, but not for OSX.

Any alternatives out there...?

 

[switon]

RE: SSH nonstandard ports under Mac OS X...

If you happen to still have a router that does not support forwarding ports to different port numbers, then you could also just change the ssh port on your Mac itself by editing /etc/sshd.conf and adding a 'Port XXXX' statement in there (and restarting), and setting up a straight forward on your router.

Hi Beerfloat,

I believe Apple is slowly getting away from the standard Unix/Linux /etc/sshd.conf and /etc/ssh.conf configuration files. (You could download and compile your own ssh package, say from MacPorts, and then it would work with sshd.conf and ssh.conf and you could easily change the default port 22 to anything you want, say 10022.) But the Mac OS X's ssh server/client now default to using a property list for their configuration. This means that if you use the Mac OS X's ssh, then you will configure it by a slightly different way. The following shows how this is done.

SSH Server
On the SSH server, call it myserver.private, edit the /etc/services file to add a new service, say "ssh-nonstd". It turns out that port 10022 is not already assigned to a service, so we'll use this port. The following lines are added to the /etc/services file (and I would add them so that the ports numbers are properly sorted):
/etc/services

# Adding nonstandard ports for sshd on myserver.private:
ssh-nonstd    10022/tcp   # non-standard ssh port for myserver.private
ssh-nonstd    10022/udp   # non-standard ssh port for myserver.private

After editing the /etc/services file, adding the above lines, we now must edit the property list file to reflect the change in service. Thus edit the file:
/System/Library/LaunchDaemons/ssh.plist
on myserver.private using a plist editor, like "TextWrangler", to change the SockServicesName to ssh-nonstd. In other words, find the following lines:
/System/Library/LaunchDaemons/ssh.plist

<key>SockServicesName</key>
<string>ssh</string>

and edit them to read:

<key>SockServicesName</key>
<string>ssh-nonstd</string>

You must now relaunch the ssh daemon on myserver.private (or reboot the myserver.private machine):

launchctl unload /System/Library/LaunchDaemons/ssh.plist
launchctl load /System/Library/LaunchDaemons/ssh.plist

You now have a sshd daemon running on port 10022 on myserver.private.

Note: You can use different nonstandard ports for different machines on your LAN, this would then allow you to ssh to different machines just by changing the port number. So port 10022 would be for myserver.private, while port 10023 might be for your MacBook Pro: myMBP.private.

Router
You must now configure your router to forward ports 10022/tcp and 10022/udp to your server (use the private LAN IP address of myserver.private, say 192.168.0.10 or whatever you use to do this port forwarding on your router) ports 10022/tcp and 10022/udp.

Let's also say the Internet URL for your router is either myinterneturl.myhome.net, or if you don't use a domainname, say your router has an Internet IP address of 212.63.218.101, for example.

SSH Clients
Next I would setup aliases on your client machines to automatically ssh to the proper nonstandard 10022 port. You would add the following lines to your ~/.bashrc file or your ~/.bash_profile file:
~/.bashrc

alias myserversshlocal='ssh -p 10022 yourusername@myserver.private'
alias myserverssh='ssh -p 10022 yourusername@myinterneturl.myhome.net'

or, if you don't run your own DNS server and don't have an Internet domain name, then

alias myserversshlocal='ssh -p 10022 yourusername@192.168.0.10'
alias myserverssh='ssh -p 10022 yourusername@212.63.218.101'

If your client machine is on your local network, then you ssh to your server using the alias:

myserversshlocal

or if your client machine is on the Internet, then you ssh to your server using the alias:

myserverssh

Or if you don't define the aliases in ~/.bashrc, then you would ssh to your myserver.private (local) or myinterneturl.myhome.net (Internet) using the "-p" option:

ssh -p10022 yourusername@myserver.private
ssh -p10022 yourusername@myinterneturl.myhome.net

or, without DNS names, then use the "-p" option for the local and Internet ssh:

ssh -p10022 yourusername@192.168.0.10
ssh -p10022 yourusername@212.63.218.101

SSH Tunnels
If you are also using ssh for tunneling other services, then you must reconfigure them to use the nonstandard ports. For instance, say you are using an ssh tunnel for a subversion repository on myserver.private. Then in the ~/.subversion/config file on your client, specify the new port for the ssh tunnel:
~/.subversion/config

[tunnels]
ssh = $SVN_SSH ssh -p 10022

This will allow you to perform your "svn commit"s using normal subversion commands, for example:

svn commit -m "Updating the Ricci rotation coefficients of the Christoffel module"

even though this is being piped through the nonstandard port 10022 ssh tunnel.

Or if you are using "rsync" for differential backups from myserver.private to your client machine through a ssh tunnel, then you would use the following "rsync" command with the "--rsh=" option for the tunnel (for example):

rsync --rsh='ssh -p10022' -avz 'myserver.private:/Shared\ Items/Repos/Repos' /Volumes/SCMyPassport/Repos

to backup the repos directory on myserver.private to an attached USB3 drive, SCMyPassport, on your client machine.

Sorry for the length of this posting, but I just wanted to specify exactly what needs to be done in order to switch to nonstandard SSH ports under the Mac OS X and then switch your SSH tunnels also to the nonstandard ports.

Have fun with your nonstandard SSH.

Regards,
Switon

P.S. I know that Beerfloat's posting is several years old, that is why I decided to describe the latest plist way of configuring SSH under Mac OS X instead of the older sshd.conf method.