Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'How to securely control another Mac over the internet' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
How to securely control another Mac over the internet
Authored by: cnsayre on Dec 24, '06 01:33:35PM
I know this topic is ancient by this point in time, but I'm trying to rig it so that I can help my father-in-law cross state lines with his mac.

I've got most of it setup (I can control his mac w/Chicken of the VNC within his "LAN."), but the setting up of the ssh is giving me fits.

The command:

ssh dummy@mypowerbook.ddnsname.whatever -R 5900:

Is returning a request for a password...

Um, what password?



[ Reply to This | # ]

Might be DSA key password
Authored by: waboom on Dec 27, '06 11:01:55PM
It sounds like it could possibly be asking for the password used when you generated the DSA key. When generating the public/private DSA keys, you can assign a password to the key set. If this is the case, the best way to fix it is todelete the ~/.ssh folder on your Dad's (the client) Mac (in Terminal, type cd ~/.ssh; rm *; cd ~; rmdir .ssh), recreate a new DSA key using ssh-keygen -t dsa and just keep hitting return at all the prompts. Then, take the ~/.ssh/ file from the client Mac, and copy the contents into ~/.ssh/authorized_keys on the host Mac (the one that is doing the controlling). You should first remove the old key associated with the client Mac from the authorized_keys file; if this was the only public key you've installed on the host Mac, you can just delete the file and create a new authorized_keys file with the new key. Hopefully that will take care of the errant password prompt.

You might call this hint ancient, but I call it timeless. It works as well today as when the submitter first posted it. I use it to help out my father, brother, mother-in-law AND father-in-law, each of whom seems to find new and inventive problems on their Macs monthly. Being able to quickly access their Macs and fix the problem in 5 minutes, instead of talking them through a half hour of dialog manipulation over the phone, is a real time and sanity saver.

I'll add another "gotcha" that I discovered in the process of setting this up myself: before the remote user connects to the host Mac, make sure that you don't have Apple Remote Desktop enabled in the sharing prefpane on the host Mac; if you do, Chicken of the VNC will simply display your own desktop!

Finally, I wrote this AppleScript to be run on the client Mac, because I might have to remotely control the other Mac from someplace other than my home. This script allows the client Mac to enter in a domain name or IP address to connect to, validates it, then runs the 'ssh' terminal command. Copy & paste into Script Editor, save as application, then place it on the client Mac. Whenever they need to connect to the host Mac, double-click the AppleScript.

set dummyAcct to "dummy" --Whatever the account name is on the host Mac you're connecting to
set defaultHostIP to "" --Either the DNS address or IP address of the host Mac
set myHero to "Steve" --Your name (it just appears in the first dialog presented when the script is run)

set isValidIP to false
repeat while isValidIP is false
set remoteIP to text returned of (display dialog "what is " & myHero & "'s IP address or DNS Address?" default answer defaultHostIP) set savedTextItemDelimiters to AppleScript's text item delimiters try set isValidIP to true set AppleScript's text item delimiters to {"."} set IPList to every text item in remoteIP set countOfIP to count of IPList if countOfIP is not equal to 4 then set isValidIP to false repeat with index from 1 to countOfIP set currentValue to text item index of IPList as integer if currentValue > 255 then set isValidIP to false end repeat set AppleScript's text item delimiters to savedTextItemDelimiters on error -- In case something bogus happens, make sure the delimiter is set back set AppleScript's text item delimiters to savedTextItemDelimiters set isValidIP to false end try -- Check if they entered a domain name try last character of remoteIP as integer on error --if the last character isn't a number, it's a domain name set isValidIP to true end try if isValidIP is false then display dialog ("This is not a valid IP address:" & return & remoteIP) buttons "Try Again" default button "Try Again" else set x to button returned of (display dialog ("Is this the correct address?" & return & remoteIP) buttons {"No", "Yes"} default button "Yes") if x is "No" then set isValidIP to false end if end repeat tell application "Terminal" activate do script ("ssh " & dummyAcct & "@" & remoteIP & " -R 5900:") end tell

[ Reply to This | # ]