Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Remote admin helper scripts UNIX
I frequently use my box remotely via ssh. I've set up OSXVnc so that it's not a startup item, but can be started up easily from the ssh session (and forwarded over it). I consider this to be more secure. I also forward X11 over ssh in an encrypted manner. There are some scripts and modifications that I find invaluable that let all of this run smoothly.

X11

To allow X11 forwarding, you alter the file /etc/sshd_config. You need to add lines (or uncomment ones that exist) so that you have the following:
X11Forwarding yes
X11DisplayOffset 10
The first line allows forwarding, the second tells SSH which display offset to forward. It's probably a good idea to have a number here -- so that truly local windows don't get forwarded. When you ssh into your machine, be sure to use a -X option to forward the X server (or an equivalent GUI option). If your client allows, get it to set up the DISPLAY variable. If not, then set it to localhost:10.0, which directs the X11 connections to a local X display 10 -- that's the one you selected for forwarding, so it'll actually pop up on the remote machine if you set up an XServer on it (I can recommend XWin multiwindowed for Windows).

VNC

First of all, some utility commands to help launch and kill the VNC server - I'm using OSXVnc here. I call this one startvnc:
#!/bin/sh
/Applications/OSXvnc.app/OSXvnc-server -rfbport 5901 \
> ~/Library/Logs/OSXvnc-server.log 2>&1 &
And its friend, stopvnc:
#!/bin/sh
killall OSXvnc-server
Save these two, make them executable, and put them in your path (I use tcsh with Athena initialization setup, so ~/bin works nicely). Now you need to get the sshd server to forward the connection. To do this, you forward local port 5901 to some port on the machine you're SSHing in from. Port 5901 on that machine would be fine:
% ssh -X -L 5901:127.0.0.1:5901
This way, you can connect on the machine you SSH from to the local port 5901, and get your remote machine's (encrypted + tunneled) VNC connection. If you also use the -C switch for ssh, the X11, VNC and terminal setup will be compressed! In combination with screen (see other hints here), this is a really powerful, but secure setup.

Other utilities

Sometimes, I forget to quit Mail before I leave, then because it regularly accesses my mail server, it can be hard to get a connection from a remote location. I could fire up VNC, and use that to quit Mail, but it'd be a pain. I could also killall Mail.app, but I wouldn't recommend it if you want your data to remain intact. What's needed is a nice way to quit GUI apps from the commandline. Try the kindquit script below, which takes the name (no need for .app) of the application to quit as its argument:
#!/bin/sh

osascript -e 'tell application "'"$1"'"' -e 'quit' -e 'end tell'
What about, I'm done now and I want to shut down. Try kindshutdown:
#!/bin/sh

osascript -e 'Tell application "Finder"' -e 'shut down' -e 'end tell'
Or better still, after upgrading a system component via the command line softwareupdate command, try kindrestart
#!/bin/sh

osascript -e 'Tell application "Finder"' -e 'restart' -e 'end tell'
All of these will nicely treat apps that have unsaved data and so on. A box will be displayed to ask you if you want to save changes -- and the kind* script won't exit until you deal with it. So if it's taking ages, you can hit Control-C and fire up OSXVnc and deal with the box. But it's much safer than other commandline options -- those will just kill everything no questions asked. These scripts are not overly complex, but do provide a great deal of utility for me. Hope these are useful for other people too.
    •    
  • Currently 2.33 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (3 votes cast)
 
[13,000 views]  

Remote admin helper scripts | 5 comments | Create New Account
Click here to return to the 'Remote admin helper scripts' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Remote admin helper scripts
Authored by: Djehuti on Aug 06, '04 11:13:47AM

Another way to start OSXvnc remotely is to choose the option "Start server when launched" and then just run "open -a OSXvnc" when you login via SSH.



[ Reply to This | # ]
Remote admin helper scripts
Authored by: johnd0e on Aug 07, '04 08:02:51AM

Another useful script
#!/bin/bash
#finder2sleep.sh
# puts computer to sleep after a given amount of seconds
sleep $1;
osascript -e 'tell application "Finder" to sleep'



[ Reply to This | # ]
Remote admin helper scripts
Authored by: osxpounder on Aug 09, '04 05:54:03PM

Hmm, I don't see that option in my OSXVnc ... perhaps you have a newer version. Where does one download that? BTW, don't try "osxvnc.com" for that, because it's apparently the home of some porn site -- at least, I got a rude web page when I followed the link OSXVnc provided....

Instead of putting OSXVnc in my /bin, I just created a one-line text file that is the path to the .app, plus command-line options; I set that to be executable, and now I just log in via SSH, type the name of that file, and OSXVnc starts. I connect via a VNC viewer, and, when I'm done and ready to disconnect, I go back to the ssh terminal window and do CTRL-C, which kills the server and returns me to a command prompt.

---
--
osxpounder



[ Reply to This | # ]
Remote admin helper scripts
Authored by: msk on Nov 09, '04 09:11:19AM

If you ssh in and use softwareupdate why would the Finder be running, using AppleScript to tell the machine to restart is not going to work, I get the message "24:34: execution error: Application isn't running. (-600)"
(tested on OS X 10.3.5)



[ Reply to This | # ]
Remote admin helper scripts
Authored by: j-beda on Aug 02, '06 06:48:00AM
If you ssh in and use softwareupdate why would the Finder be running

You could probably launch it first via the "open" command, but a simpler way to restart is to use the "reboot" command (see "man reboot" for more details.) After a remote software update, if necessary I use "sudo reboot" to restart the system - provided nobody is logged in and/or running any background processes (some of the machines I administer are used for numerical simulations and thus may be acitively working on something even with nobody logged in).

[ Reply to This | # ]