|
|
Use Connect to Server to connect to anywhere
Any links to some explicit directions on how to do this? I've been using AFP routinely to connect to my home computer with a dyndns domain. I'd much appreciate making this more secure, but never have had luck figuring out the SSH method on my own. I need a hand to hold.... :(
AFP over SSH Tunnel
> Any links to some explicit directions on how to do this?
First off, I should clarify my above comment: AFP is turned off at the *router*, not on my home server. Set up is: 1) On home server's System Preferences > Sharing, turn on "Personal File Sharing" (aka Apple File Protocol, or AFP) and "Remote Login" (aka Secure SHell, or SSH). The firewall should automatically allow these connections, but it doesn't hurt to verify. 2) On your home server, open /etc/sshd_config and make the changes outlined here [link:]http://macdevcenter.com/pub/a/mac/2004/07/20/inside_ssh_pt3.html (basically turning off password authentication, root access, etc.). 3) On home router, disable AFP port forwarding. Computers outside the LAN will not be able to connect to your home server via AFP. (Inside will still work if you use the LAN IP, for example, Go To Server > afp://192.168.0.2.) 4) On home router, enable SSH port forwarding to the server. 5) Generate a public key for your remote computer. There's a great article here [link:]http://www-128.ibm.com/developerworks/library/l-keyc.html but be warned that it's long. Open Terminal and enter ssh-keygen -t dsa. When it asks for a passphrase, enter a really secure one. Accept the default file locations. 6) Add your remote computer's public key to your home server. The public key is a file in a hidden folder of your user directory: ~/.ssh/id_dsa.pub (note the period before ssh). Copy its contents (the key), and paste into your home server's ~/.ssh/authorized_keys file (create if necessary). More info here [link:]http://kimmo.suominen.com/docs/ssh/ 6) Get SSH Agent [link:]http://www.phil.uu.nl/~xges/ssh/ and install. Create a DSA identity and set it to be the Default. Select File > New Tunnel and fill in Local Port:10548, user:your-user-name-on-server, Tunnel Host:server-ip-address, Tunnel Port:22, Remote Host:127.0.0.1, Remote Port:548. Click File > Save, and save with a name like "AFP Tunnel." 7) When you're ready to connect, double-click the AFP Tunnel file to open SSH Agent. Enter your passphrase when requested--if you leave the SSH Agent running, you'll only have to enter it once no matter how often you connect or disconnect. Click "Open" in the SSH Agent dialog to start the tunnel. 8) Switch to the Finder and hit Cmd+K (or select Go > Connect to Server). For Server Address, enter afp://localhost:10548. Save it to your favorites, hit Enter, and you're in! (Hopefully.) Apparently I don't understand how to use BB code tags. Sorry about that.
AFP over SSH Tunnel
Now this should definitely be a standalone hint. Thank you so much!
I could still use a little more help tho. I've gone through the steps and can't get it to work. To check things I tried to SSH from my laptop (REMOTE) to my desktop (SERVER) going through the dyndns URL. This is what keeps popping up on the laptop:
Items in italics have been changed to avoid posting anything I shouldn't. Any ideas?
AFP over SSH Tunnel
Hmmm . . . not sure exactly what's going on, but the culprit seems to be these lines:
Add correct host key in /Users/landis/.ssh/known_hosts to get rid of this message. Offending key in /Users/landis/.ssh/known_hosts:1 See explanation here [link:]http://amath.colorado.edu/computing/unix/sshknownhosts.html
AFP over SSH Tunnel
two things are going on. |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.26 seconds |
|