VNC & ssh through NAT
I periodically need to help my father with his computer. Since he’s on DHCP behind an AirPort Extreme (which is getting its own IP via DHCP), this has been tricky. I recently found the solution.
Here’s what I sent to Dad:
- Please go to System Preferences:Sharing:Services.
- Make sure Apple Remote Desktop is checked.
- Select Apple Remote Desktop.
- Check Show status in menu bar.
- Click on Access Privileges, and make sure VNC viewers may control screen with password: is checked.
- Type your password into the text box.
- Hit OK.
- Repeat this on all your Macs.
Next time I need to access one of your Macs, paste the following into a Terminal window: “ssh -R 6900:127.0.0.1:5900 -R 6922:127.0.0.1:22 www.reppep.com“.
After this, I should be able to connect to your computer without any more futzing on your end.
Thanks to RimuHosting for the idea.
rogeradams said,
April 8, 2007 at 11:50 pm
Hi, I am having difficulty in configuring VNC on my Intel dual core MiniMac in trying to copy my “id_rsa.pub” to my “authorized_keys: “cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys“ but get the following errors in my terminal window:
Quote
Rogers-MacMini-3:~ rogeradams$ authorized_keys: “cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys” -bash: authorized_keys:: command not found Rogers-MacMini-3:~ rogeradams$ ssh 127.0.0.1 ssh: connect to host 127.0.0.1 port 22: Connection refused Rogers-MacMini-3:~ rogeradams$ cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys cp: /Users/rogeradams/.ssh/id_rsa.pub: No such file or directory Rogers-MacMini-3:~ rogeradams$ cp ~/.ssh/rogeradams_rsa.pub ~/.ssh/authorised_keys cp: /Users/rogeradams/.ssh/rogeradams_rsa.pub: No such file or directory Rogers-MacMini-3:~ rogeradams$ authorized_keys:”cp ~/.ssh/id_rsa.pub ~/.ssh/authorised_keys” -bash: authorized_keys:cp ~/.ssh/id_rsa.pub ~/.ssh/authorised_keys: No such file or directory Rogers-MacMini-3:~ rogeradams$ authorised_keys: “cp ~/.ssh/rogeradams_rsa.pub ~/.ssh/authorized_keys” -bash: authorised_keys:: command not found Rogers-MacMini-3:~ rogeradams$
Unquote
Can anyone show me where I am going wrong?
Many thanks
Roger
reppep said,
April 9, 2007 at 12:04 am
Roger,
Don’t start the command with the filename, and you don’t need any quotes for it. “
cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys” looks right, but it seems to be complaining about your~/.sshdirectory.Try the following:
The
cdshould work if you have a.sshdirectory. Thelsshould show youid_rsa.puband likely other files, and thecpshould copy the file. Thesshshould log you back in without typing a password.Good luck!
Note that in real life, you normally want to copy to a remote machine. There are two steps for this, the first only required if you might not have a remote
.sshdirectory (this assumes you already have anauthorized_keysfile on the local system):Note: All this assumes you actually have
~/.ssh/id_rsa; you will have to change filenames from the examples if not.sarahmei said,
August 17, 2007 at 8:05 pm
Very helpful post. Thank you for writing it.
I’m helping a client set up an OS X server for me to remote into. We’re on a VPN together, so the server has a 10.1.1.XXX address. I can ssh in just fine but it’s a lot easier to install DMGs when you can double-click them…
They’ve set up access to ARD with the checkbox checked for my user, but I still get an error when I try to connect with the VNC client. “Connection failed: Apple Remote Desktop is not configured. Please configure it so VNC viewers may control screen with password.”
So, I googled around for solutions and came across your post. I’m not sure if DHCP has anything to do with my issues - as a VPN client perhaps it’s me with the weird IP.
In any case, I wonder if you could clarify what the ssh step is doing. It looks like it’s binding port 5900 to 6900, and port 22 to 6922, then ssh’ing to your (the client) machine? What does that do?
Sarah