Remotely Accessing & Controlling Your Home Mac

May 22nd, 2008 Paul

If you are like many people, you have a computer at home and one at work, or you have a desktop machine and a laptop. In many cases, it would be incredibly helpful to be able to access your home machine while you are somewhere else, and with a little bit of work you can set up your systems to do just that. This article walks through a simple setup to let you get at your home machine from anywhere, including VNC for screen sharing and Apple File Sharing to get at your files.

There are a few things to set up, and we’ll go through those first:

Set Up Dynamic DNS

Most people connect to the internet through a cable modem or DSL line. These work great, but one problem is that your Service Provider will usually give you a dynamic IP address. This means that your machine doesn’t always have the same IP address that the internet as a whole sees. This is normally not a big deal, but if you are t rying to access your machine from somewhere and your IP address at home is changing, you are trying to hit a moving target and things just aren’t going to work.

So, the solution is to use a service that keeps track of your home IP address and gives you a static name to reference. Luckily there are some free services that handle this. I use www.dyndns.com to set up my dynamic DNS names. You just have to sign up for the free service and set up a hostname by choosing from one of 88 domains. As an example, you might choose the name “myhome” and select their domain “webhop.net.”

This makes the friendly domain of “myhome.webhop.net” which is a lot easier to remember than something like 23.212.76.108.

The next step is to download their updater program onto the machine you want to share. So if you have an iMac at home and want to share that, you will install the software there. Whgat the software does is regularly check the IP address and report that to the system, making sure that the name you set up, “myhome.webhop.net” always points to the right place.

Configure the Mac to Share

Once that is all set, you need to enable a few sharing options on your mac. For this example, let’s say we want to share our files and allow screen sharin. open up the System Preferences on your home machine, go to the Sharing sectionand turn on the Screen Sharing, File Sharing, and Remote Login options. There are individual options for these, and at a minimum you will want to set a password for screen sharing.

An important bit of info to note for later: on any of the sharing options, it will display some info on the right, such as: Other users can access your computer at vnc://192.168.1.20/  Make note of that IP address.

With that done, go to the Security System Pref, and click Firewall. I chose to set it to “Set access for specific servies and applications.” You should see a list of items below, including Screen Sharing and File Sharing.

Set Up Port Forwarding on the Router

Chances are that you have a cable modem or some other box hooked up to a wireless router in your house, and your individual computers use that access point to get on the internet. If that’s the case, you need to allow the router to pass through some of the traffic you want to use, and this is called Port Forwarding. In essence, you tell the router that if a request comes in on a certain port, to pass that along to a specific device. In this case, your home machine.

The procedure for this will vary depending on your hardware, but I have a Linksys wireless router, so I’ll describe that. To access it, I open a web browser and go to a special local address, 192.168.1.1. It will ask me for a password, and once logged in I see the router control panel. In my setup, I click a link called Applications & Gaming and that is where I set the few ports I need.

I set up my router to allow three parts, SSH (port 22), VNC (port 5900) and File Sharing (port 548). Without that, the router will block my requests.

Finally, Connecting

I decided to use the very fancy sounding “SSH Tunneling” to login to my home machine. Unfortunately, a screen sharing session or file sharing are not very secure, and an interested party could intercept the data. To help prevent that, we are going to send our traffic through an SSH tunnel. SSH is a secure protocol, and it will mask our data and keep it safe. It takes a couple extra steps to do this, but it’s worth it.

To Connect to Screen Sharing:

In the Terminal application (yes, you’ll need to do a teeny bit of command line stuff) enter the following and press return:

ssh -L 8888:myhome.webhop.net:5900 username@myhome.webhop.net

Explanation:this starts an SSH session. It takes a local port (8888) and maps that to the port used by VNC (5900). You then tell it to login with a username that exists on your home machine. Obviously, you would swap in your own dynamic DNS name, and you can make the local port anything you want. I just happened to choose 8888.

If everything works right, you will be prompted to enter your password. This is the password associated with the username you specified above.

At this point, you are done with the terminal.

Switch over to the Finder, and press command-K (for Connect to Server). In the dialog box, enter:

vnc://127.0.0.1:8888

and click Connect. A program called Screen Sharing will start, and after a while you will be prompted to login. If you do so, you will then see your own home computer desktop in all it’s glory.

To Connect to File Sharing:

The process is exactly the same. All you need to do is make two substitutions. In this line, swap port 5900 for port 548

ssh -L 8888:myhome.webhop.net:5900 username@myhome.webhop.net

And in this line, swap vnc:// for afp://

vnc://127.0.0.1:8888

That’s it! When you are done with your session, go to the Terminal and type “exit” or “logout” at the prompt. That’s the basics, and should get you connected to your home machine from anywhere on the net.

Posted in Macintosh | No Comments »