Remote access to OS X Tiger hard drive
October 21, 2005 9:41 AM Subscribe
How can I access my OS X Tiger hard drive remotely?
I've read that this is possible via ftp. I'd appreciate someone giving me a step-by-step process of how this is done. If there are other ways, I'm open to these too.
I have DSL access at home. Powerbook G4 1GB RAM. I'd like to avoid purchasing a .Mac account.
Is security a concern?
I've read that this is possible via ftp. I'd appreciate someone giving me a step-by-step process of how this is done. If there are other ways, I'm open to these too.
I have DSL access at home. Powerbook G4 1GB RAM. I'd like to avoid purchasing a .Mac account.
Is security a concern?
Response by poster: Also, I'm not interested in paying for anything, so GoToMyPC is not an option.
posted by cahlers at 10:02 AM on October 21, 2005
posted by cahlers at 10:02 AM on October 21, 2005
The best way is sftp, which is available if you have Remote Login enabled in the Sharing preferences panel. It's all secure and stuff, though you just have to make sure that none of the users on your box have obvious passwords (or else require public-key authentication, which is fairly easy but is not for the novice). Once you click that checkbox, you can use any FTP client that supports SFTP on Mac or Windows (on Mac try Interarchy or Transmit; on Windows try WinSCP or Filezilla) or for that matter Linux.
posted by kindall at 10:02 AM on October 21, 2005
posted by kindall at 10:02 AM on October 21, 2005
On Preview: GoToMyPC isn't going to help if you're accessing a Mac. The equivalent for this is Apple Remote Desktop, or the true cross-platform solution: VNC. The following advice ensures SFTP access is enabled and shows you a few programs you can use to access your computer.
Odds are unless you've changed your default firewall settings, your computer is already enabled for things like Apple File Sharing and Secure Shell Access. You're not changing the security of your computer by accessing FTP because this stuff is already open (at least in Panther).
Somebody update me on Tiger if things have changed, but you need to go into System Preferences -> Sharing. Stop everything except Remote Login (please have a secure password). Make sure Remote Login is started.
You now have remote SSH enabled for your machine. On the other computer you need to have a client that supports SFTP. For OS X, your graphical options are Fugu (free/buggy) and Fetch (shareware/pretty). For Windows the free program of choice for file downloads is probably WinSCP.
When you log into your computer remotely, you're going to start in your /Users/cahlers directory (or whatever the name of home is for you). For best results you might want to make sure your files are easily accessible from there.
posted by onalark at 10:03 AM on October 21, 2005
Odds are unless you've changed your default firewall settings, your computer is already enabled for things like Apple File Sharing and Secure Shell Access. You're not changing the security of your computer by accessing FTP because this stuff is already open (at least in Panther).
Somebody update me on Tiger if things have changed, but you need to go into System Preferences -> Sharing. Stop everything except Remote Login (please have a secure password). Make sure Remote Login is started.
You now have remote SSH enabled for your machine. On the other computer you need to have a client that supports SFTP. For OS X, your graphical options are Fugu (free/buggy) and Fetch (shareware/pretty). For Windows the free program of choice for file downloads is probably WinSCP.
When you log into your computer remotely, you're going to start in your /Users/cahlers directory (or whatever the name of home is for you). For best results you might want to make sure your files are easily accessible from there.
posted by onalark at 10:03 AM on October 21, 2005
Transmit and Interarchy are both clients. Also, make sure you know your computer's IP address (Apple Icon in top-left, About this Mac, More Info, Network).
Be warned, if you see something that starts with 10. or 192.168.1 then odds are you're on a private subnet that doesn't have a public IP. I don't think this is the situation for you, however.
posted by onalark at 10:06 AM on October 21, 2005
Be warned, if you see something that starts with 10. or 192.168.1 then odds are you're on a private subnet that doesn't have a public IP. I don't think this is the situation for you, however.
posted by onalark at 10:06 AM on October 21, 2005
Response by poster: I will mostly be accessing my home Mac from a Windows machine at an academic or government institution. The Windows computers at these institutions are frequently locked down such that it is not possible to download or install software. Is there a web-based solution? Alternatively, is there a Windows program already installed that I could use?
posted by cahlers at 10:09 AM on October 21, 2005
posted by cahlers at 10:09 AM on October 21, 2005
In that case you will probably need to brave the insecurity of FTP. Windows does come with a command-line FTP client, which you can access by Start > Run... and typing "ftp."
posted by kindall at 10:24 AM on October 21, 2005
posted by kindall at 10:24 AM on October 21, 2005
cahlers, you could probably speak to an administrator at the institution you're visiting and ask them what programs they have for securely accessing information with SFTP. There is a built-in FTP client on Windows but you DON'T want to use unsecured FTP. Most computer guys will be impressed that you know about SFTP, and try to help you download the files.
With this in consideration, you may want to use Samba (SMB), which is less secure, but at least has the sense to encrypt passwords (which FTP doesn't).
You can enable Samba in the System Preferences -> Sharing area. When SMB is started, it will tell you the hostname your files are being shared as. It will look something like \\XXX.XXX.XXX.XXX\cahlers. Take this set of numbers to your machine at work and enter them into Windows Explorer. This is not sure-fire guaranteed to work as a firewall on their side may prevent you from doing this by blocking the SMB ports.
posted by onalark at 10:32 AM on October 21, 2005
With this in consideration, you may want to use Samba (SMB), which is less secure, but at least has the sense to encrypt passwords (which FTP doesn't).
You can enable Samba in the System Preferences -> Sharing area. When SMB is started, it will tell you the hostname your files are being shared as. It will look something like \\XXX.XXX.XXX.XXX\cahlers. Take this set of numbers to your machine at work and enter them into Windows Explorer. This is not sure-fire guaranteed to work as a firewall on their side may prevent you from doing this by blocking the SMB ports.
posted by onalark at 10:32 AM on October 21, 2005
to add to the previous good suggestions, if you ARE behind a firewall / NAT / router at home, and DO see a private IP (starts with 192/172/10, to oversimplify), you'll need to set your router to direct port 22/tcp at that machine's IP. Google would help here for your specific appliance.
posted by kcm at 10:32 AM on October 21, 2005
posted by kcm at 10:32 AM on October 21, 2005
You have a lot of options. One not mentioned is you could configure your home machine with WebDAV. That would take some know-how but there are lots of instructions on the net. I've done it my self and it's not that hard. Tiger supports it natively on the client side so does Windows, pre-Tiger does not but there are clients available.
Sftp is down and dirty but not easy if you arn't comfortable with a command line.
You don't need the Apple Remote Desktop, which costs money, to do remote desktop viewing. You can use Chicken of the VNC.
posted by Mr T at 11:16 AM on October 21, 2005
Sftp is down and dirty but not easy if you arn't comfortable with a command line.
You don't need the Apple Remote Desktop, which costs money, to do remote desktop viewing. You can use Chicken of the VNC.
posted by Mr T at 11:16 AM on October 21, 2005
ssh. sftp. scp. http.
If you want to use non-secure protocols like ftp, afp, or vnc, tunnel them through ssh.
posted by raster at 2:21 PM on October 21, 2005
If you want to use non-secure protocols like ftp, afp, or vnc, tunnel them through ssh.
posted by raster at 2:21 PM on October 21, 2005
Response by poster: raster, *how* do I do those things? I don't know how to "tunnel through ssh", that's why I'm asking here. Could you explain what all those abbreviations mean, and how I apply them, or direct me to a site that explains?
posted by cahlers at 4:12 PM on October 21, 2005
posted by cahlers at 4:12 PM on October 21, 2005
ssh. sftp. scp. http.
The first three are all different variations of Secure Shell technology (ssh is just Secure SHell). I think I pointed this out in one of my first comments, but when you enable Remote Login, you are enabling this exact type of access into your computer.
Without going into the boring UNIX details, raster is advising you against enabling ftp, afp, or vnc access without Knowing What You are Doing.
As for tunneling through SSH, this requires you to remotely login with SSH in the first place. And if you're going to do that, you might as well just use SFTP (which is really file transfer over an SSH connection).
cahlers, what's wrong with the SMB or WinSCP approaches suggested above? These are the simplest solutions available that won't cost you money .
posted by onalark at 4:38 PM on October 21, 2005
The first three are all different variations of Secure Shell technology (ssh is just Secure SHell). I think I pointed this out in one of my first comments, but when you enable Remote Login, you are enabling this exact type of access into your computer.
Without going into the boring UNIX details, raster is advising you against enabling ftp, afp, or vnc access without Knowing What You are Doing.
As for tunneling through SSH, this requires you to remotely login with SSH in the first place. And if you're going to do that, you might as well just use SFTP (which is really file transfer over an SSH connection).
cahlers, what's wrong with the SMB or WinSCP approaches suggested above? These are the simplest solutions available that won't cost you money .
posted by onalark at 4:38 PM on October 21, 2005
I don't know how to "tunnel through ssh", that's why I'm asking here.
Basically you make a ssh connection to your machine and tell it you want to forward certain ports (the ports needed for the services you want to use). Then you configure your client applications (e.g. FTP or VNC) to connect to localhost rather than their real target host and your ssh client forwards them to the remote host which forwards them to where you really want them to go (usually this is the same host). Since the ssh connection is encrypted, this encrypts all connection sent through the tunnel. That way nobody can spy on your connection and figure out passwords and such. This is obviously a Good Thing if you're using a public wireless network or even a wired network at a large company or a school. You never know who may be running a packet sniffer.
ssh tunneling is so common that you really can't step out onto the Internet without stumbling upon a tutorial for same. For Windows what you want is an application called PuTTY (a "clever" pun on TTY or teletype). Here is a how-to I found by googling "putty tunnel" -- it's the first result and it seems reasonable enoguh.
But of course if you can get them to let you install PuTTY, you may as well get them to install WinSCP for you.
posted by kindall at 4:44 PM on October 21, 2005
Basically you make a ssh connection to your machine and tell it you want to forward certain ports (the ports needed for the services you want to use). Then you configure your client applications (e.g. FTP or VNC) to connect to localhost rather than their real target host and your ssh client forwards them to the remote host which forwards them to where you really want them to go (usually this is the same host). Since the ssh connection is encrypted, this encrypts all connection sent through the tunnel. That way nobody can spy on your connection and figure out passwords and such. This is obviously a Good Thing if you're using a public wireless network or even a wired network at a large company or a school. You never know who may be running a packet sniffer.
ssh tunneling is so common that you really can't step out onto the Internet without stumbling upon a tutorial for same. For Windows what you want is an application called PuTTY (a "clever" pun on TTY or teletype). Here is a how-to I found by googling "putty tunnel" -- it's the first result and it seems reasonable enoguh.
But of course if you can get them to let you install PuTTY, you may as well get them to install WinSCP for you.
posted by kindall at 4:44 PM on October 21, 2005
Maybe it's just me, but nobody seems to have asked this -- what do you mean "access the drive remotely"?
What do you want to do? Just access files from home while you're at work, or are you imagining working on your Mac, the way you would if you were at home, while elsewhere and on a Windows machine?
They're very different things. And if you just need to work on files from home while at work, surely some kind of removable storage is all you need?
posted by AmbroseChapel at 7:41 PM on October 21, 2005
What do you want to do? Just access files from home while you're at work, or are you imagining working on your Mac, the way you would if you were at home, while elsewhere and on a Windows machine?
They're very different things. And if you just need to work on files from home while at work, surely some kind of removable storage is all you need?
posted by AmbroseChapel at 7:41 PM on October 21, 2005
Response by poster: Ambrose, I want to access files remotely. I do not need to work on my Mac from a remote machine, just access the files.
A flash drive will indeed work most of the time. However, at my place of work, some computers will not allow plugging in a flash drive.
I appreciate everyone's input.
posted by cahlers at 6:24 AM on October 22, 2005
A flash drive will indeed work most of the time. However, at my place of work, some computers will not allow plugging in a flash drive.
I appreciate everyone's input.
posted by cahlers at 6:24 AM on October 22, 2005
This thread is closed to new comments.
posted by hellbient at 9:51 AM on October 21, 2005