Thursday, December 2, 2010

Enabling Remote Access on your mac mini server via SSH.

During the installation of your Mac Mini server if you take all the defaults, SSH will be enabled. This means you can access your mac though a secure shell client like Putty, or any thing you prefer. Now, for remote access to your servers as if you were in front of it, OS X Leopard has a feature called “Screen Sharing”. Those on Windows and Unix also know this as “VNC”. You can also use a VNC client to view your mac server's desktop.

If you're already at your physical server you can turn on the feature however if you need to do it remotely - Example you mac mini server is hosted in a Data Center; Or for security reasons you have switched the feature off; Or you may have accidentally switched off remote access; This is how you turn it back on.

What should already be in place:

1) A User account with admin access. This account should also have root access.

2) An SSH client on your local computer. For example we use Putty on windows. Linux and MAC OS X, by default, come with SSH.

3) A VNC viewer client on your local computer. We use Tight VNC. For some reason Real VNC just did not work and most users that need to VNC to Mac OS X use Tight VNC.

4) Of course you must have network access to your Mac server through either VPN or public access. If a local firewall is running it must allow remote access as well.

How to Remotely Turn On (and off) OS X Screen Sharing

1) SSH into your server wtih your admin login and password.

2) To enalbe remote desktop - screen sharing with vnc use the follwoing command:

sudo /System/Library/CoreServices/RemoteManagement/ -activate -configure -access -on -clientopts -setvnclegacy -vnclegacy yes -clientopts -setvncpw -vncpw mypasswd -restart -agent -privs -all

3) Login using a VNC client. Again we are using TightVNC. Your password is “mypasswd” (see the -vncpw flag in the above command; you can — and should — change this).

4) When you are done, you can also turn of screen sharing/vnc within the same session. However if you have secure access to your server, i.e. a trusted IP through a firewall, you can leave it enabled if it is used on a regular basis.

sudo /System/Library/CoreServices/RemoteManagement/ -deactivate -configure -access -off.