- On your home machine, enable Screen Sharing (vnc), Remote Login (ssh), and File Sharing (afp) using the System Preferences -> Sharing control panel.
- On your home AirPort router, reserve a fixed DHCP IP Address for your home machine using the AirPort Utility -> Internet -> DHCP -> DHCP Reservations panel. For example, I set up a DHCP reservation for my home machine with the following values:
- Description: myMac
- Reserve address by: MAC Address
- MAC Address: aa:bb:cc:dd:ee:ff (this is the MAC of my iMac's network card).
- IPv4 Address: 10.0.1.xxx
- On your home AirPort, enable port mapping so that ssh port 22 forwards to the fixed IP address of your home machine (e.g., 10.0.1.xxx), using AirPort Utility -> Advanced -> Port Mapping. For example, I set up a Port Mapping Service with the following values:
- Service: Remote Login - SSH
- Public TCP Port(s): 22
- Private IP Address: 10.0.1.xxx
- Private TCP Port(s): 22
- Description: Remote Login - SSH
- Advertise globally using Bonjour: No
- I'm not sure about this, but I think you have to enable NAT Port Mapping Protocol too, using AirPort Utility -> Internet panel. Set the "Enable NAT Port Mapping Protocol" check box to yes. Maybe someone will test to confirm whether this setting makes any difference.
- Set up a Hostname to resolve to your home external IP Address, so that in later steps you can specify the Hostname, and not need to specify the external IP address (which could change). I used DynDNS at https://www.dyndns.com to create a free Hostname under "Host Services". (Note: I also set up my machine at home to keep the entry fresh if ever my home external IP address ever changes, using the DnyDNS Updater application that I downloaded from their web site). For example, I set up a Dynamic DNS Host at their web site with the following values:
- Hostname: hostname.dyndns.com
- Wildcard: Yes
- Service Type: Host with IP address
- IP Address: gg.hh.ii.jj
- TTL Value: 60 seconds
- Mail Routing: No
- Confirm that everything works so far. From any machine run ssh
.domain (e.g., ssh myhostname.dyndns.com). The ssh command will prompt you for your home machine password, and then give you shell prompt on your home machine. Yay! You may need to specify a user name for your home machine, if there is more than one user account on that machine. For example, you might have to use ssh username@myhostname.dyndyns.com, where username is the user account on that machine. - Start forwarding ports. If Screen Sharing (or VNC) is running at home on port 5900, then on your work machine do ssh -C -L 1200:10.0.1.xxx:5900 username@myhostname.dyndyns.com, then run Screen Sharing (or VNC) on your work machine and point it at localhost:1200. This forwards VNC traffic over the SSH connection. To run Screen Sharing, enter vnc://localhost:1200 in your browser, or press Cmd-K in the Finder to display the Connect to Server, and enter vnc://localhost:1200 in the Server Address, and click the Connect button. Note that the -L section allows you to forward any local port to any destination IP address and port number that the destination can see, which is very powerful. Note that the -C option compresses the data sent.
- Shorten your command line so you can just type "ssh home" and it will find the right machine and forward the port automatically. On your work machine add a section to ~/.ssh/config like this:
- Host home
- HostName myhostname.dyndyns.com
- User username
- Compression yes
- LocalForward 1200 10.0.1.xxx:5900
- Advanced Modification 1: It's a good idea to change your SSH to use a non standard port number such as 3322, instead of 22.
- Advanced Modification 2: Eliminate the need to enter a password each time you start ssh to your hostname, by setting up ~/.ssh/authorized_keys on your home machine.
Germany angers European neighbors as it tightens migration along all land
borders - CNN
-
1. Germany angers European neighbors as it tightens migration along all
land borders CNN
2. Germany reintroduces border checks to far-right p...
5 hours ago
