Remote Control
Volume Number: 20 (2004)
Issue Number: 12
Column Tag: Programming
Remote Control
by Brad Belyeu
It's Not Just For Your TV
Welcome
The purpose of having a remote control for you home entertainment center (other than a good thumb
workout) is to save you the effort and time of getting out of your recliner to change channels or
adjust the volume. It's a great idea, and everyone uses one. Remote control of your Mac is just as
easy and convenient. Anyone who has more than one computer has valid reasons to use remote
computing. Most people probably don't make use of this great functionality simply because they
don't understand how it can make things so much easier for them. The advantages of a TV remote are
pretty obvious, but unless we stop to think about it the advantages of remote controlling another
computer are not quite as obvious. We'll take a how-to look at some of the powerful things that can
be done with different forms of remote computing.
Take Command Line Control
Thanks to the Unix underpinnings of OS X,
remote computing is built right into our operating system. You can enable secure command line
remote login via SSH in System Preferences Sharing pane.
Secure SHell (SSH) came about due to the increasing security needs when transferring data over
the Internet. Back in the early days of the Internet, a lot of data was sent as plain text. Back
in the "good old days", you didn't need to worry about who was watching. Unix applications like
rsh, rcp, & rlogin were perfectly acceptable for logging into a computer remotely. Now any ten year
old that knows how to download and use a packet sniffer can intercept plain text transmissions. SSH
provides security by creating a "tunnel" between two computers. Every packet of data sent between
the computers is encrypted using an authentication key shared between the computers. If SSH is used
correctly, it can make remote computing just as secure as sitting in front of the machine itself.
Secure SHell (SSH) came about due to the increasing security needs when transferring data over
the Internet. Back in the early days of the Internet, a lot of data was sent as plain text. Back
in the "good old days", you didn't need to worry about who was watching. Unix applications like
rsh, rcp, & rlogin were perfectly acceptable for logging into a computer remotely. Now any ten year
old that knows how to download and use a packet sniffer can intercept plain text transmissions. SSH
provides security by creating a "tunnel" between two computers. Every packet of data sent between
the computers is encrypted using an authentication key shared between the computers. If SSH is used
correctly, it can make remote computing just as secure as sitting in front of the machine itself.
ssh username@remotehost
You will then be prompted to enter your password. After entering it correctly your current
working directory becomes the home folder of the user you logged in as. To make this meaningful,
lets run Software Update on another Mac on your network. To list the available updates, try:
sudo softwareupdate -l
This will list all available updates. It will give you output saying, "Software Update found the
following new or updated software" after which it will list each available update. Using the -i
argument will install updates. You can specify each one to be installed individually by specifying
the updates name.
sudo softwareupdate -i name_of_update
You can choose to install all "required" updates by using the -r flag in place of the update
name. Using the -a command will install all available updates.
You can choose to install all "required" updates by using the -r flag in place of the update
name. Using the -a command will install all available updates.
top -u
This will list all running applications on the remote machine. The -u argument will sort
processes by processor usage. The processes at the top of the list are using the most system
resources and are more likely to be locking the system up. Take a note of the PID (process ID) to
the left of the application name. You can press the Q key to quit the 'top' command, then you can
use the 'kill' command to terminate the offending process.
sudo kill process_id
This will hopefully kill the offending application so you can use your Mac again. If it doesn't
kill the application, try using the argument -9 before the process id. The -9 flag is used to send
a non-catchable, non-ignorable 'kill' command.
Let's say it's late and you've been using your PowerBook and Airport network to check your
email one last time before you retire for the evening. Suddenly you remember that you left the Mac
on in the study. Instead of getting out of your warm, cozy bed, just use SSH again to save the day,
or night. After logging into the remote system, use the command:
sudo shutdown -h -now
The -h option halts the system and shuts it down. You can use the -r option in its place to
restart the computer instead of shutting it down. The -now option can be replaced with +anynumber
to shutdown the computer a certain number of minutes later.
Another great security feature of SSH is port forwarding. You can forward TCP/IP traffic through
an SSH shell to secure your data over the Internet. Port forwarding can be used with FTP, HTTP,
POP3, SMTP, etc; this can allow you to connect securely to any of these types of servers. The data
will be sent through the SSH tunnel. It works like an encrypted subway system connecting two
points. Normally the traffic goes over its respected port (80 for HTTP, for example), but when you
use port forwarding it is actually sent over SSH's port (22). The syntax is:
ssh -L local_port:hostname:remote_port username@hostname
To forward your outgoing mail port, you could use the example below.
sudo ssh -L 25:smtp_server_name:25 username host
If you are running Mac OS X Server, almost any System Preference option can be set through the
command line 'systemsetup' command. If you are running a copy of OS X Server view the man page for
'systemsetup' to view all available options.
VNC- Virtual Network Computing
Virtual Network Computing was developed by AT&T laboratories as an open-source cross platform
graphical interface for remote desktop computing. It is currently on version 3.3.7. VNC requires a
server application and client application to communicate. The server software must be running first
on the computer that you want to connect to before the client software can connect to it. Major
advantages of VNC include cost (its free!), small & simple file size, platform-independency, and the
fact that one desktop can be shared with several computers. No state is stored at the viewer, which
means if you're working on something remotely and your computer crashes or locks up nothing will be
lost. It is all stored completely on the server. A good & free VNC server application for Mac OS X
is OSXvnc by Redstone Software Inc. My VNC client of choice is VNCDimension, a freeware application
from AT&T laboratory developers. My favorite part of VNC is that it is cross-platform. If someone
has a VNC server running on a pc, it can be accessed from a Macintosh. VNC loads only the viewer
application locally. All other work is processed remotely. I will never use a memory hogging
virtual pc application on my Mac again. VNC can be used to run applications off your pc while
saving tons of processing power on your Mac. You can initiate any program and it will run remotely.
Understanding that most of the computers in the world run Microsoft Windows, it is sometimes
necessary to run Windows applications. With the cost of Virtual PC starting at $249 (Win XP Home
Ver 7), it is worth the extra couple hundred dollars to me to have the extra processing power and
storage of actually owning a Windows pc. I run TightVNC freeware on my pc.
Imagine the extra productivity this allows! Of course, I use VNC more often on external networks
than I do on my internal network. VNC allows for connections across the Internet as well. I
recommend using an SSH session when connecting over an insecure network such as the Internet via
port forwarding techniques explained earlier. For details on setting up VNC over SSH, see Aaron
Adams article in MacTech Vol 20, No 7 2004. Other VNC clients worth trying are VNCThing and Chicken
of the VNC. ShareMyDesktop is another good VNC server.
VNC is a great way to do simple remote computing but there are professional applications which
are much more powerful and feature rich than most VNC clients. Let's take a look at these.
Professional Applications
Whether you professionally service computers or you're just the 'computer guy' for your
friends and family, you might want to consider purchasing a professional remote desktop application
such as Timbuktu. It'll save you a lot of time and money if you make frequent trips to fix small
software related problems. Also if you have an Xserve you want to control without hooking up a
monitor to it, remote computing applications are a great solution. If you want to share your
desktop with up to fifty other Macs in a training type environment, Apple Remote Desktop would be
the perfect application. Timbuktu is great for one to one computer connections to fix problems, but
ARD seems to be a better application for a lab or classroom type environment.
Apple Remote Desktop can be used to sleep, wake, restart or shutdown a group of Mac OS X systems.
Software packages can be installed onto multiple computers at once, and they can even be scheduled
to install at times when you network will have its lightest traffic load. ARD can connect to a VNC
server running on any platform. It allows you to copy files remotely, and you can also have a
real-time text chat with the user sitting at the remote computer. ARD supports Unix commands being
sent to remote Macs. Sharing your screen with up to fifty other Macs allows teachers or trainers to
demonstrate on-screen to students. If you're using ARD to troubleshoot a problem, it allows you to
get a complete hardware report of remote machines. ARD also has a software difference report, which
compares installed packages on the admin computer with other computers in a group. Timbuktu has
most of the same options as ARD, but it also allows for voice communications. Unfortunately, due to
the cost, both of these products are frequently restricted to commercial use.
Brad Belyeu is the President of ABConsulting based out of Oklahoma
City, OK. He is an Apple Certified Technician and a certified member of the Apple Consultant
Network.
