Screen Sharing to your Mac at home
So you have a Mac at home… but you’re out and about, with another Mac. Maybe you’re at work and you want to dial home.How do you do that? And how do you do it securely?
First we need to be able to SSH to your home machine. SSH is a secure network protocol. Then we’ll run Screen Sharing over that secure connection.
Get yourself a DNS name from dyndns.org. It’s free. Let’s say you end up with myhomemac.homeip.net. So now you know the internet address of your home router… you need to get through that to your Mac.
We’re going to be using SSH – very secure. It runs on port 22, and your router needs to know that any connection on port 22 should be made to your Mac. Every router has a different way to configure this.
To do that in Airport Utility, go to the Internet tab, then click DHCP; then add a DHCP Reservation. Next go to the Advanced area and click Port Mapping. Add an entry for “Remote Login – SSH”. Ignore the UDP fields but enter the DHCP IP address you set up in the Private IP Address field.
On the Mac you want to tunnel to, ensure both SSH and Screen Sharing are enabled by going to System Preferences, Sharing, and then checking the Remote Login and Screen Sharing boxes.
That’s all the home work done.
Now when you’re at work, create an SSH tunnel to carry the screen sharing traffic. You need to do this from Terminal:
ssh -N -L 59001:127.0.0.1:5900 myhomemac.homeip.net
Switch in the network address you got from dyndns, of course. This basically connects your local port 59001 to the remote port 5900, which is the port used by Screen Sharing.
The Screen Sharing program doesn’t show up in Spotlight. Argh. Using Finder browse to /System/CoreServices, and Screen Sharing is in there. Then from the menu bar choose Connection->New, and enter:
vnc://127.0.0.1:59001
This tells Screen Sharing to look at your local machine’s port 59001, which SSH has tunneled to the remote Mac’s port 5900, which is the port that your screen is shared on.
You have secure remote screen sharing! Ensure your Mac’s password is strong, as it’s now open for SSH access and it will get hack attempts.
Navin Said,
March 3, 2010 @ 9:48 am
I hope the built-in Mac version of this works better than the Windows version. I have never been able to establish a connection with Windows’ included remote software, and was forced to turn to third party remote access to solve those connectivity needs. With Macs being far superior in most ways, I am willing to bet they edge out Windows in this category as well..