Remote access a Snow Leopard Server
January 20, 2012 1:34 PM   Subscribe

My boss wants me to set up remote access to our OSX (Snow Leopard) server. What is the best way to do this?

We have a Snow Leopard Server behind a Cisco router. The boss wants users to be able to access documents and data from home.

I presume I need to set up a VPN? I'm just not sure what that is or what it means. Or what extra security measures that I need?

Real simple instructions appreciated (I'm a desktop expert rather than a server person).
posted by chairish to Computers & Internet (4 answers total) 3 users marked this as a favorite
 
OS X Server does have its own VPN server that's pretty easy to set up. You will have to punch holes through your filewall to get this to work though.

Also some cisco firewalls do have VPN functionality as well, you might want to look into that.
posted by rickim at 1:39 PM on January 20, 2012


This really depends on what kind of access you might need. If users just need to upload and download files, you probably don't need a full VPN. You might be able to get away with setting up SSH access and telling users to install either Cyberduck or Filezilla to access the server over SFTP.
posted by RonButNotStupid at 1:45 PM on January 20, 2012


Here's some documentation about setting up the VPN built-into MacOS X.

I do think a VPN-based solution might be a bit overkill if the situation only calls for basic filesharing. VPNs are complicated and have the potential to introduce a host of unintended security issues.
posted by RonButNotStupid at 2:02 PM on January 20, 2012


You don't need VPN, if all you need is access to files. I'm seconding SSH/SFTP. Choose a random, high TCP port, forward the nonstandard port you chose through the router to port 22 on the OSX server, and force public key logins (turn off PasswordAuthentication in ssh_config, so no password logins allowed). That's very secure, with no need for setting up VPN. Make sure you've got all the latest security patches before you do anything, regardless of how you open the server up to the outside.

Depending on how tech savvy your boss is, a very good option for getting documents would be ExpandDrive. The interface is integrated into Finder/Explorer, so it is just like the drive is local. If you set up login via public key encryption, your boss never has to enter a password (as long as he/she has his/her key file). One click and you're in, while still remaining secure. It's typically recommended that you set up a passphrase for the key, so there's still a password, but this can be saved by keychain (OSX) or Pageant (Windows).
posted by Philosopher Dirtbike at 1:24 PM on January 21, 2012


« Older stylist with "curly scissors" in Southern New...   |   Show Me The Giants Newer »
This thread is closed to new comments.