How to control one Mac with another Mac, via a secure internet connection, for freeAdd Comment
This is fairly basic stuff and has probably been explained elsewhere, but I thought I’d quickly summarize for anyone who might be wondering how to do this. I was inspired by DiveIntoMark’s tutorial on using a Windows PC to control a Mac. This process is pretty similar, but I’m going to show how to do it Mac-to-Mac using slightly different software and techniques. This is great if you’re like me, and you gave your mom a Mac and occasionally need to help her troubleshoot something. It’s also good if you want to control your home computer from work.
Using technology semi-generically called VNC (Virtual Network Computing), you can control one computer from another, even if you’re on a Mac and want to control a Windows pc or a Linux box, or vice versa. This is sometimes called using “Remote Desktop.” With VNC, you have a “VNC server”, i.e., the computer you are connecting to and controlling (your mom’s) , and the “VNC client,” the computer you are sitting in front of and doing the controlling with (yours).
You can accomplish this using a variety of software packages, but for ease of use, I recommend:
- Apple Remote Desktop Client. A bit of a misnomer as far as I can tell. This package actually contains the VNC server software you need. This should be installed on the computer you want to control. It is installed by default on Mac OS X 10.4 (Tiger), but if you don’t have it, you can download it for free.
- Chicken of the VNC. A great VNC client. This should be on the computer you want to use to control the other computer.
- That’s it.
On the VNC server
- Configure the router at the location of the VNC server to forward all traffic on port 22 (SSH) to the VNC server. The methods for each router vary. If you don’t know how to do it, just search Google or your router’s documentation for “port forwarding.”
- In the System Preferences panel of the VNC server (the computer you want to control), click Sharing. In the Services panel, check “Remote Login” (aka SSH) and “Apple Remote Desktop”.
- Click “Start” to start each service if they aren’t already running.
- For “Apple Remote Desktop,” click “Configure” and make sure “Observe” and “Control” are checked. Also, it’s smart to check “Guests may request permission to control screen” and enter a password for this function.
- Determine the external IP address of the VNC server. The easiest way to do this is probably to go to the always useful whatismyip.com. Or just check your router settings.
On the VNC client
- On the VNC client, make sure any VNC server software is turned off. (In other words, go into the Sharing control panel on your machine and make sure Apple Remote Desktop is not checked.) This is because if the client machine is running a VNC server, it will clog up port 5900 and you won’t be able to connect to the desired VNC server. (I learned this the hard way.)
- To set up a secure connection between your computer (the VNC client) and the other computer, open the Terminal application on your Mac (Applications/Utilities/Terminal.app) and type
ssh [email protected] -L 5900:127.0.0.1:5900
yourusernameontheserveris a valid username on the VNC server, and the
vnc.server.ip.addressis the external IP address of the VNC server. For example, to connect to the machine 100.100.100.1 on which you had the username
trobots, you would type:
ssh [email protected] -L 5900:127.0.0.1:5900. This command will connect you to the VNC server and redirect all traffic on the VNC client port to the server’s VNC port, through the secure (encrypted) tunnel that SSH establishes.
- Open Chicken Of The VNC on the client computer.
- In the “Host” textbox, type
localhost:5900and click “Connect.” Your VNC client will try to connect to “localhost” (your computer) on port 5900 but all that traffic will just get sent right out through the SSH tunnel, which goes straight to the VNC server. Pretty cool.
- After some delays related to encrypting all that traffic going back and forth between your computer and the VNC server, you should see an image of the other computer’s screen on your screen. Moving your cursor will move the cursor on the VNC server’s screen. It will respond slowly, but you can now control the other computer. Anyone on the other end will be able to see everything happening on the VNC server’s screen.
- When you are ready to logout, close Chicken of the VNC, and go back into Terminal and end your SSH session by typing “exit”.
Note: When you are done, I recommend stopping the Remote Login service on the VNC server. It’s just one checkbox in the Sharing preferences panel, and it will secure the computer. Teach your mom or whoever to turn that service on and off so that it’s only activated when you need it to be. If want to leave the Remote Login service turned on all the time, you should come up with some strong passwords, or use a more secure technique that relies on public and private keys rather than passwords. (See “Resources” below.)
- A more complicated method of doing this using a “reverse” SSH tunnel.
- DiveIntoMark’s PC-to-Mac VNC tutorial. Describes using public/private keys instead of passwords.