I wanted to be able to access my machine at home via SSH, but I didn't want to waste electricity to have it awake all the time and I didn't want it sitting there exposed to brute force password attempts. I came up with a way to use the wake-on-LAN feature from anywhere on the Internet, even though my Mac, like many, is behind a NAT router.
For those unfamiliar with wake-on-LAN: a specially-formed data packet containing your ethernet device's MAC address can be used to tell your computer to wake up. Most implementations of this functionality work only on your LAN. They send the packet to your TCP network's broadcast address so it goes to all the computers available on the local network. Only the one with the matching MAC address will actually wake up. However, I found a website that will send the magic packet for you to any IP address (and you could probably roll your own site using sample Perl scripts that are readily accessible via Google). So, here's how to make it work. Instructions are for the interface in 10.3 and 10.4, though this will work with any Mac OS version on any hardware that supports wake-on-LAN. And before anyone asks: yes, the computer must be connected via ethernet.
Up until now, Mac users have been unable to watch archived games on baseball's TV website (mlb.tv) in full screen mode -- this is due to these games only being available via an embedded Windows Media Player. But if you simply trash the WMP plugin found in System/Library/Internet Plugins.
The next time you attempt to watch an archived game, you will get a dialog box saying "Safari can't display content on this page ... some content on this page requires an Internet plug-in that Safari doesn't support. The application 'Windows Media Player' may be able to display this content. Would you like to try?" Just click OK, and Windows Media Player will launch, and you will be able to use full screen mode.
I decided to post this here because mlb.tv seems incapable of providing this simple workaround, and I get lots of traffic to my blog from frustrated Mac users.
[robg adds: I can't test this one (mlb.tv is a subscription site), but it makes sense in theory.]
Last week I showed my wonderful wife how to use Image Capture to copy movies from our camera onto the eMac. The next day she tried to email six movies of the kids to grandpa totaling around 80 MBs ... three times ... it did not work. So I thought I would help her out and wrote a droplet that lets her 'email' the movie clips. That is, it uploads the movies to a web server, then emails the links to the movies instead of the movies themselves.
Copy and paste this AppleScript into Script Editor and save as an Application. I named it 'Mail Link' and saved it into the /Applications folder. Then copy and paste this shell script into a text editor. Change the server=example.com and user=foo lines to match your server account settings. Save it as maillink into /usr/local/bin, and make it executable. Note that you cannot change this name or location without modifying the AppleScript -- the end of this hint also contains a link to an archive of everything you need, with instructions on how to install.
What this script does is it takes the file(s) you wish to email as command line arguments. It then guesses what the file types are and opens Mail.app with a new message containing link(s) to the soon-to-be-uploaded files. Then it uses scp to copy them to a web server. (You need to have an account somewhere.) You could change the last command to cp if you run a web server on your machine, and disable the BatchMode if you do not share keys with your web server. If you would like to share keys so that you do not need to enter passwords, read this article at O'Reilly about how to do it. If you want password-protected keys, look in to ssh-agent and one of either SSH Agent or SSHKeychain. Just as a meta hint, if you need to use ftp to transfer files to your webserver, curl is your friend. That way, you will not need to hard-code a password into your script. Just use the -u and -T options in the curl -- see the man curl page for more info.
With the new Safari in Tiger, it is easy to import self-signed SSL certificates you may come across. Just click Show More in the alert box, and then drag the certificate icon to a folder or your desktop. Then double-click the certificate, and Keychain Access will prompt to import it. Select the "X509Anchors" keychain from the Select box and click OK. Finally, enter your admin password to allow that keychain to be modified.
For example, my university has a self-signed SSL certificate for their IMAP server, and Mail.app constantly complains about this. So I pointed Safari at the IMAP SSL port eg: https://imap.ufl.edu:993/ to grab and import the certificate into the system keychain. Now when I start up Mail.app, it doesn't complain when connecting securely to my school's IMAP server.
Most IRC servers still require an ident answer from your connection to let you in. Unfortunately, few Mac IRC clients have a working identd server bundled in. Furthermore, identd might also be needed for certains FTP servers. This hint will show how to enable a simple launchd service listening on 113 TCP, running all the time and available for all users. This should be fairly OK from a security standpoint, as the Python script I will use is unlikely to present any buffer overflow issue.
I decided to put together his how-to after setting this up for my dad, and figuring there are probably a number of others out there who serve as the de facto tech support person for friends and family in remote locations. The idea is to be able to remotely view and, if needed, control another Mac to help teach a new Mac user how to do something or fix their problem.
This isn't the fastest thing in the world mind you -- anything they do with much in the way of graphics, like iPhoto, takes a long time to paint on my end -- but it definitely works well enough for what I need. My method certainly isn't the only way of doing it, but it meets my criteria, which are:
secure - didn't want to pass anything in the clear over the internet.
free - I'm sure that Timbuktu and Apple Remote Desktop (ARD) Server are great products, but what can I say, I'm cheap.
built-in - I always prefer to use as many standard built-in tools as possible to keep things simple.
simple - wanted point-and-click simplicity on my dad's end. Didn't want him typing in IP addresses and such.
zero or at least minimal network changes on Dad's end - I didn't want to have him mucking around with his router and end up hosing himself so that he can't get online anymore since I can't fix that sort of thing remotely.
For the purposes of this how-to, the Mini is my dad's computer, and the PowerBook is my computer. This should help keep things straight as far as which computer needs to do what. I had Apple ship the Mini to me directly so I could set this up in advance, but the same could probably be done remotely without too much pain.
I've been a long-time Firefox devotee, but with Safari 2.0 in Tiger, Firefox is quickly becoming my secondary browser. One thing that I missed, however, was a GMail notifier, a la the Firefox GMail Notifier extension, since I spend a lot of my computing time in my browser.
While checking my GMail today, I noticed the RSS icon in Safari's address bar. Clicking it resulted in a GMail login sheet, with an option to save the info in my keychain. To make Safari's RSS work as a notifier for you, simply bookmark the RSS feed on your Bookmarks bar (or even a folder on the bookmarks bar with multiple RSS feeds). The number of unread RSS entries for the feed (your GMail inbox, in this case) will show up next to the bookmark (or bookmark bar subfolder that your RSS feeds are in) at the interval you specify in Safari's prefs. Viola! An instant GMail notifier on your Safari Bookmark Bar!
Quicktime 7 doesn't allow saving streaming movies to the hard drive without a Pro key. Which sucks. Also the previous /private/tmp/ folder trick doesn't work any more. However, by complete accident, I stumbled on a new way to save movies to the hard drive. I'm using Tiger, but I assume this works in 10.3 as well...
First, make sure you have QuickTime set so movies are saved to disk cache with enough space -- look at QuickTime's System Preferences panel.
Wait until the entire file is downloaded. Then control-click on the file and hit Cut from the pop-up menu. Do this to a frame you don't mind losing; the first or the last, presumably. Close the movie's window or choose File: Quit. QuickTime will pop up a box asking if you want to save the changes you made. Naturally hit Yes. It will say then say it can't determine the location of the document, so hit Save As. Choose somewhere to save it, and save it as a self-contained movie. It will take a minute to "flatten" the movie and then ... you're done.
I tried this with the 720p streaming HD/H.264 trailers for "Serenity" and "Batman Begins," both available on Apple's HD Gallery page.
[robg adds: It's a shame the cache-save feature has been disabled. To use this hint, you'll need to get the movie open directly in QuickTime Player, not in your browser. Using your browser's View Source command, and/or its Activity window, find the URL for the actual movie. The URL will probably end in .mov, so try searching on that first. Copy this URL and then use File: Open URL in QuickTime Player and paste the URL. After the movie downloads, you can then use the cut/save trick ... and it worked fine for me in testing.]
Over the past two years, folks have published a few tips here on how to hack Internet Connect so that you can access your office via the VPN and the internet at the same time. Now Tiger has finally dispensed with all that, and allows you to do this out of the box.
Simply open Internet Connect, select Options from the Connect menu, uncheck 'Send all traffic over VPN connection,' and press OK. You're done! For reference, here are the two most used articles about how to hack this from the past few years: