It won't even let the VNC server advertise the usual VNC port. Checking this box is important because it requires that the VNC session be encrypted via SSH and won't allow any unencrypted sessions to be established. The two important things to point out are that, under the General tab, the port should be set to 5900 for the purposes of this tutorial, and that, under the Sharing tab, the Only allow local connections (SSH) box should be checked. OSXvnc is a straightforward application, and most of the options it presents are obvious and don't require an explanation. Make sure the connecting user has a username and password available on the remote box.Īs for VNC, a great server is OSXvnc, available at popular download sites, such as Version Tracker or MacUpdate. Enabling SSH on any Mac is as simple as going in to System Preferences, bringing the Sharing pane, and checking the box next to Remote Login. Two things are required on the remote machine to prepare it to accept an encrypted VNC session: An SSH server and a VNC server. Don't shy away from encrypting VNC sessions because of Terminal fright. Making this encryption happen requires use of the *gasp!* command line! Most Mac users cringe at the thought of using the command line because it's so "un-Mac-like", but it's a powerful tool that's not very hard to learn, and quickly becomes an excellent exercise in abstract thinking. This prevents port scanners, and other miscreants, from discovering VNC on a target machine. Besides encryption, one other advantage of using SSH to tunnel other protocols is that a server only needs to expose a single port for SSH instead of an individual port for each service offered, such as additional ports for each possible VNC session. SSH intercepts the traffic from the VNC client at that port, encrypts it, sends it to the SSH server at the other end of the connection, where it is decrypted and passed to the VNC server. To force VNC to use the tunnel, it has to be instructed to connect to the local machine at a certain port. This process is called tunneling because the data travels inside an encrypted virtual pathway created by the communicating SSH pieces. SSH is the encrypted replacement for plain-text telnet, a command line utility used frequently on the old text-based Internet, with a few added features thrown in for good measure, including the ability to encrypt traffic generated by other protocols. Yes! The solution comes in the form of another piece of freeware included with every Mac: Secure Shell. Is there some way to keep VNC traffic from prying eyes? Passing login names and passwords, or other sensitive data, over the public Internet in the clear isn't a good idea, and neither is advertising the fact that a machine can be controlled via VNC by leaving its corresponding TCP port open. VNC was developed at a time when security wasn't the same priority as it is now, and the data transmitted between a VNC server and client is unencrypted. However, it's the wild wild web out there, and security is a major consideration. VNC is certainly a useful tool for those who need something simpler than Remote Desktop. VNC stands for Virtual Network Computing, and it allows a user to control a remote machine as if he were sitting at the desk in front of it. Freeware VNC, on the other hand, fits the one-to-one bill perfectly. Most users won't need all the features included in Remote Desktop it's intended for labs and other environments that require the management of large numbers of machines at once, not the remote control of a single machine. Apple's most recent remote control offering, Remote Desktop 2.0, can be overkill when it comes to a simple one-to-one connection between machines. The ability to remotely control a machine can come in handy for a variety of reasons, whether the purpose is system administration, or helping a friend. Review: VNC Over SSH: The next best thing to being thereĬolumn Tag: Review Review: VNC Over SSH: The next best thing to being thereīy Aaron Adams Securely control a remote Mac with two pieces of free software Educational Institution and Student Discounts.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |