Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Remote control one computer via another using ssh UNIX
I have a Linux server (slowly being phased out by my OS X server) connected directly to the internet with a static IP address. Then I have an old PowerMac 9500 running OS 9.1 with Retrospect and a tape library to back up my Linux server. I like to be able to check the status of my backups remotely. This is how I did it.

First I installed VNC on the 9500 (OS9vnc Server v3.5.0) and set it up so that VNC runs as soon as it boots. It also auto-connects to the shares to be backed up. And it has a static IP address. Second, I installed VNCDimension on my PowerBook and created a session that connects to 127.0.0.1 and saved it. Here's how it looks:
 PowerBook --internet-> Linux Server --intranet-> 9500
Then I run this script on the PowerBook. I called it vnc9500 as this works with my other computers. All I need to do is copy the script, rename it and change the IP of the computer I want to remote control.

This script connects to my Linux server via ssh and does TCP forwarding to my 9500 (IP of 192.168.0.90) thru port 5900 for VNC. Then it opens the VNC session on 127.0.0.1, launching VNCDimension. Then it checks for a connection every minute. When I quit VNC, the script detects it and kills the ssh connection. This script should work with OS X in the middle instead of Linux with no problems.

[robg adds: Oct 25th update: I have fixed the link to the missing script. Sorry about that!]
    •    
  • Currently 1.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (3 votes cast)
 
[15,986 views]  

Remote control one computer via another using ssh | 5 comments | Create New Account
Click here to return to the 'Remote control one computer via another using ssh' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Remote control one computer via another using ssh
Authored by: kyngchaos on Oct 25, '05 08:27:57AM

er, where's the script? "404 not found" error from macosxhints.com.



[ Reply to This | # ]
Remote control one computer via another using ssh
Authored by: robg on Oct 25, '05 01:58:24PM

Sorry, I had a typo in the URL; it's fixed now.

-rob.



[ Reply to This | # ]
tightvnc
Authored by: macubergeek on Oct 25, '05 02:06:10PM

You might want to check out tightvnc. It is optimized for performance when tunnelled over ssh:

http://www.tightvnc.com/



[ Reply to This | # ]
Remote control one computer via another using ssh
Authored by: legacyb4 on Oct 25, '05 10:58:27PM

Pretty much the same concept as using Timbuktu over SSH, Microsoft Remote Desktop Client over SSH, or any other forwarding through an SSH tunnel.

Good to see how it's being used in other ways.



[ Reply to This | # ]
more info
Authored by: kyngchaos on Jan 04, '06 11:04:34AM

I finally had a chance to try this out and experiment. Here's what I found, that might helps others. (sorry if it duplicates info in other ssh tunneling hints)

First, the details of the ssh tunnel in the script: (this is what I had trouble wrapping my brain around)

ssh username@tunnel_server -N -L 5900:tunnel_dest:5900

tunnel_server is the computer acting as the go-between. It is visible to the client computer (ie on the internet). It can be the same as the computer one is tunneling to.

username is a user on the tunnel_server.

tunnel_dest is the ultimate goal. And where it gets tricky. If one follows this hint, so that it's another computer than the tunnel server, then the destination must have the VNC port open on its firewall and the VNC server must accept outside connections (not just local connections), and it will be an unsecure connection from the tunnel server to the destination, only the tunnel from the client through the tunnel server is encrypted. At least this is how I figure it.

To make a secure connection all the way thru to the destination, one would have to do a double-tunnel, or some such thing. I haven't got to the point of trying that, tho I have done that in the past with a plain ssh terminal session (ssh to server visible on internet, within that connection ssh to Mac behind the firewall).

Another possibility is directly tunneling to a Mac, on the same network as the client. This will be a secure connection to the destination, and doesn't require the intermediate server. This would be:

ssh username@tunnel_dest -N -L 5900:127.0.0.1:5900

The destination acts as the tunnel server, and localhost (127.0.0.1) on the destination computer is now the destination address. One still connects to 127.0.0.1 in the VNC client. A couple of these is what I'm guessing would be needed to do the double-tunnel trick, unless there is a more direct way that an ssh guru knows about.

A note on the OSXvnc server app - make sure to turn on the Allow Only Connections option for the best security, unless you are using the original hint straight.



[ Reply to This | # ]