Remote Control of OS X (Tiger) Desktop via VNC
Posted by Dave Minor Fri, 21 Dec 2007 21:25:00 GMT
I’ve been asked to post the method that I use to easily log onto remote macs to facilitate support on some of my client’s machines. This is not rocket science, just my howto that I pieced together from several sources long forgotten (sorry). It’s very possible that this procedure will continue to work on Leopard, all of the machines I deal with are still running Tiger at this point. I think this worked with Jaguar too, but I can’t recall.
The basic idea is to log onto the remote machine via SSH, start a VNC server, then connect from the local machine and use SSH port forwarding tricks to keep yourself from leaving VNC ports open and forwarded on the remote router.
Remote Machine Setup
- must have an administrator’s account
- must have a static IP address on the LAN
- install OSXvnc which is now called something else. I am running version 1.4. I’m not sure if this will work with the new server
- create a ~/bin directory
- in ~/bin, I have two files:
dminor$ cat bin/startvnc
#!/bin/sh
sudo /Applications/OSXvnc.app/OSXvnc-server -rfbport 5900 \
> ~/Library/Logs/OSXvnc-server.log 2>&1 &
echo "VNC has started"
dminor$ cat bin/stopvnc
#!/bin/sh
sudo killall OSXvnc-server
echo "VNC has stopped"
- locally, run bin/startvnc and bin/stopvnc to make sure they are working properly and that they are firing off the osxvnc server
- in ~/.bash_profile, just under my path, I put
source ~/bin/startvncand as the last line of the file,trap '$HOME/bin/stopvnc' 0 - now when you start a terminal sesssion (locally or SSH), the vnc server will start.
- verify in Sharing Pref Pane that the Remote Login service is checked and that you can SSH into the box.
Remote Network Setup
You’ll need to have port forwarding on the network’s router to the remote machine on port 22. As you’ll see below, there is no need to have VNC ports forwarded on the router.
Ease of Access via Hostname
It sure makes it a lot easier if you can SSH to a hostname that stays constant instead of having to determine the dynamic IP address of the remote machine each time. For dynamic IPs, I use dyndns.org to maintain a good hostname. For static IPs, I just setup an A record in the DNS zone file. Actually, if it’s a dynamic, I usually setup a CNAME record pointing to the dyndns hostname. And this works great on a local network too with bonjour.
Local Machine Setup
On your local machine, you need SSH and a VNC client. On OSX, I use Chicken of the VNC.
In my ~/.ssh/config file, I’ve setup entries for each remote machine like:
Host jkmini
HostName jkwork.clients-domain.com
Port 22
Compression yes
LocalForward 5901 127.0.0.1:5901
[dminor@ginger: ~]$ ssh sarahs-imac.local
Last login: Fri Dec 21 15:54:35 2007 from ginger.local
Welcome to Darwin!
VNC has started
[dminor@Sarahs-iMac: ~]$ ps aux | grep vnc
root 21718 0.0 0.2 196736 2680 p2 S 3:55PM 0:00.17 /Applications/OSXvnc.app/OSXvnc-server -rfbport 5900
dminor 21721 0.0 0.0 27812 4 p2 R+ 3:55PM 0:00.00 grep vnc
[dminor@Sarahs-iMac: ~]$ logout
VNC has stopped
Connection to sarahs-imac.local closed.
In the case of a controlling a local machine (as above), I’d simply fire up Chicken of the VNC and connect to the hostname.local on the proper port (5900 here) and gain access.
On a remote session over SSH, you’ll see that we setup local port forwarding on the SSH session, so locally, port 5901 is being redirected to 5901 on the remote machine over SSH. I fire up Chicken and connect to localhost:5901.
Multiple Remote Machines That Share a LAN
I’ve also configured multiple machines behind the same router (therefore a shared public IP). I can attach to two machines on the same LAN at the same time over SSH with no problems. I may post that additional writeup one day.
I hope this is helpful and not too confusing.
