Apple Event: May 7th at 7 am PT

Learn more

Add to your calendar 

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Erroll
Erroll Author
User level: Level 1
102 points

How do I connect to another Mac via SSH?

Can somebody walk me through, or steer me to an online tutorial on, the following:

I want to connect to my work computer from my home computer. Both are Macs running 10.4.10. The work computer (a MDD Dual G4) is on an airport extreme network, and my home computer (17" macBook Pro) is on a wireless network with a NetComm router. 'Remote Login -SSH' is enabled on the work computer.

I got the work computer's IP address from: http://www.ip-adress.com/
and just tried to 'Connect to server' from the finder but the connection fails. I also tried to connect using SSH using the instructions here:
http://www.cmu.edu/computing/documentation/terminal/terminal.html
but the connection also failed. I'm unsure if I have to download and install something called Kerberos, for this to work.

I suspect I may have to configure one or both routers to get this to work, but have no idea where to start. Can anyone help?

Thanks in advance,
Steve = : ^ )

17" MacBook Pro, Mac OS X (10.4.10)

Posted on Jul 29, 2007 2:04 AM

Reply
Question marked as Best reply
User profile for user: Camelot
Camelot
User level: Level 9
54,333 points

Posted on Jul 29, 2007 3:13 AM

You shouldn't have to configure anything on your home router, but you will on the one at work.

The office network is almost certainly denying incoming connections (from the internet). You may be using a NAT-based router, or a firewall, but either way incoming connections are blocked.

The solution is going to depend on how your network is configured. If you're using a simple NAT-based router then you need to setup port forwarding to forward connections on port 22 to your desktop Mac.
If you're using a firewall, you'll need to add a firewall policy that allows incoming traffic.

In both cases you'll probably need to configure the desktop with a static IP address so that the port forwarding will be consistent - it's no good forwarding the SSH connection to 192.168.1.10 today if the desktop moves to .11 tomorrow because it's using DHCP.

The alternative (and somewhat better) solution is to implement a VPN connection. This enables your machine at home to appear just like any other machine on the office LAN, giving you full access to al the resources at the office (including printers, file servers, etc.). It'll take a little more to setup, but offers additional advantages that might be useful.
View in context
30 replies
User profile for user: Erroll
Erroll Author
User level: Level 1
102 points

Jul 30, 2007 5:39 AM in response to Erroll

Okay, I'm at home and it doesn't work. I can only think that something has gone down at the work end (or the ISP has changed the IP address) as I've forwarded ports 22, 427 & 548 from the router to the computer at work yet "Connect to server" from the finder and SSH using Terminal both time out. 😟

I'll check the setup when I get to work tomorrow and report back.

Steve = : ^ )

P.S. Does anyone here have any experience with HamachiX? I installed it today but need a bit of help.
Reply
User profile for user: Rick Van Vliet
Rick Van Vliet
User level: Level 5
6,372 points

Jul 30, 2007 7:33 AM in response to Erroll

Just so we're sure of your setup.
You've configured the Work Router to open tose ports and to forward those ports into the Work computer.

You're attempting a "connect to" the Public IP address at work router (you mentioned 220.239.ab x and ab.xyz...you've tried both the x and the xyz?

can you ping either of those x or xyz IP's?

HamachiX:
http://forums.hamachi.cc
Reply
User profile for user: Erroll
Erroll Author
User level: Level 1
102 points

Jul 30, 2007 2:14 PM in response to Rick Van Vliet

Yes, I've done what you said and I've tried both the addresses. The longer address times out, the shorter one gives me an immediate failure.

Ping works to both addresses:

--- 220.239.ab.xyz ping statistics ---
10 packets transmitted, 10 packets received, 0% packet loss
round-trip min/avg/max/stddev = 16.952/109.349/240.961/80.799 ms


--- 220.239.ab.x ping statistics ---
10 packets transmitted, 10 packets received, 0% packet loss
round-trip min/avg/max/stddev = 9.653/10.485/11.225/0.485 ms

I guess that means things haven't gone down at that end and there's another problem, right?

Steve = : ^ )
Reply
User profile for user: Rick Van Vliet
Rick Van Vliet
User level: Level 5
6,372 points

Jul 30, 2007 3:17 PM in response to Erroll

Since we don't know what's your true public IP address, I can't really tell you try on or the other for sure.
I am shooting in the dark.

Except, look at the times on xyz vs x...
x is 9 to 11 milliseconds away.
xyz is 16 to 240 milliseconds round trip away
That's the remote router, I'm guessing

The mac in the office we called dot-ten...is it ALWAYS dot-10? Have you set them to have static IP's inside your network? sometimes IP's change. that would mess up any forwarding you've configured on the router.

This might help:
http://portforward.com/
Reply
User profile for user: Erroll
Erroll Author
User level: Level 1
102 points

Jul 30, 2007 6:41 PM in response to Rick Van Vliet

I'm back at work and, yes, there was a problem: a second AE base station, which relays from the first to the computer in question, had gone down.

This morning I left the MacBook connected at home, but had trouble configuring my home router for port forwarding so can't test the connection the other way around. However, HamichiX is working and I can access the MacBook from here at work. I'm guessing that this was the only problem and I'll be able to "Connect to server' to the work computer from home when I get there tonight.

If so, I'll mark the question answered and everybody's responses helpful.

Thanks a heap,
Steve = : ^ )
Reply
User profile for user: Erroll
Erroll Author
User level: Level 1
102 points

Jul 30, 2007 9:50 PM in response to Rick Van Vliet

Thanks. I just checked out he second AE base station, which is configured as a "remote bas station", and port mapping is greyed-out, so I assume the mapping is handled by the main base station.

HamachX is very slow, which I'm, hopefully, putting down to the encryption. The data I will be copying isn't of a sensitive nature, and I'll happily copy it without encryption if it speeds things up a lot.

Thanks again,
Steve = : ^ )
Reply
User profile for user: Community User
Community User

Jul 31, 2007 2:07 AM in response to Rick Van Vliet

Okay, I'm home now and Connect to server' from the Finder of my MacBook Pro now connects to the G4 at work. Thanks!

I just copied a file, then unmounted the drive and then remounted it via HamachiX and am copying the same file and the transfer doesn't seem much slower than the non-secure one. HamachiX was really slow today when I was trying to transfer files in the other direction.

Thanks again to everyone who helped.
Steve = : ^ )
Reply
User profile for user: Rick Van Vliet
Rick Van Vliet
User level: Level 5
6,372 points

Jul 31, 2007 3:44 AM in response to Community User

Glad to hear it.
Hamachi is a secure peer-to-peer.
It initially goes through a third server, but after the authentication, you're directly connected with your own machine...so speed is limited only by the internet, the ISP connection at each end (DSL?Cable?dialup?) and the network/hard drive at the destination.
The security isn't your bottleneck.

Glad to see that you're in business again 🙂
rick
Reply

How do I connect to another Mac via SSH?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up