Remote SSH tunneling

I'm trying to setup an ssh server on my imac so I can connect to it when i'm at public wifi places with my mbp. I setup a new user account on the imac just for this purpose and have enabled remote login.

But when I try to login in from my laptop nothing seems to work right.

ssh username@192.xxx.x.xxx

the password prompt asks 3 times and then denies with errors
permission denied (publickey, keyboard-interactive)
or connection closed by 192.xxx.x.xxx

I assume this attempt was while you were at home, as a 192.168.x.xxx address is not addressable across the internet.

do i need to create a user account on my mbp with the same name or can i just login with a password?

No.

System Preferences -> Sharing -> Remote Login, do you have Allow access for "All Users" checked, or did you change this to "Only these users"? If you did the "Only these users" option, try changing it, at least as an experiment.

As an experiment use the ssh -v -v -v command

ssh -v -v -v username@192.xxx.x.xxx

This will give you a lot of debugging information. Hopefully, it will give you some additional information about why your connection was refused.

You might also want to go through the "man ssh" man page, looking at "FILES" section checking for "permissions" descriptions under that section, as there are some key ssh files that if they exist (not all will), but if they do exist, must have specific permissions, or ssh will not allow you to login. For example, the destination user's home directory MUST NOT be writable by anyone except the owner. The destination user's home directory .ssh sub directory requires specific permissions, etc...

ssh works very well on Mac OS X. Once you manage to ssh while at home, you will need to configure your home router so that your port forward port 22 from the internet side of your home router to the Mac you are setting up as your home ssh server. PortForward.com has documents providing step-by-step guides on how to setup port forwarding for a huge list of routers
<http://portforward.com/>

By the way, Terminal, Unix, and command line command questions, such as ssh, are best asked in the Mac OS X Technologies > Unix Forum
<http://discussions.apple.com/forum.jspa?forumID=735>

I finally got it to work from within the network and the debugging info looks useful (wish i had more of a knowledge foundation in networking).

Good

Still haven't been able to tunnel in from the outside yet. I've only tried from a borders public wifi but their connection is atrociously slow and i keep getting timed out. Will try from school when I get there.

I got a hostname from dyndns to keep my ip addresses easy to find.

Excellent.

To make sure your DynDNS.org name is working, you can cross check using

nslookup yourdns.dyndns.net # lookup up your name
open http://whatismyip.com

The nslookup address such match the whatismyip.com address information. If they match, then your DynDNS.org updating utility is working correctly.

In theory (depending on whether your router lets you), you should be able to test your port forwarding from home

ssh username@yourdns.dyndns.net

which should work. However, if it does not, that may mean either your router does not like to let you loop back into yourself, or your port forwarding of port 22 is not configured correctly. Of course if it works, you are all set. If it doesn't work, you need to find another place to test from (Barnes and Noble, Paneras, Borders, MacDonalds, public library, some Malls how have Wifi, and Apple Store, etc...).

With respect to ssh tunnels, you can use something along the lines of

ssh -L 22548:localhost:548 -L 22590:localhost:5900 username@yourdns.dyndns.net

Then using Finder -> Go -> Connect to Server -> vnc://localhost:22590 or afp://localhost:22548 should give your screen sharing and file sharing sessions tunneled through your secure ssh connection. Of course you will need to have enabled System Preferences -> Sharing -> Screen Sharing and File Sharing on the home Mac.

Hey Bdayz,

I'm trying to set up an ssh connection so I can access files on my imac (at home) from my mbp (at the dorm). I have searched for quite a while now and can't seem to find any beginners guide. I was hoping that you could possibly offer some steps on how to start this process.

Thanks,

MS

The easy. TeamViewer.com, which can transfer files, get through firewalls, handle home routers. All in all, easy.

ssh is the more difficult route.

First enable System Preferences -> Sharing -> Remote Login
Second enable System Preferences -> Sharing -> Screen Sharing

Configure your home router to port forward port 22 from the internet to your Mac. This may or may not require giving your home Mac a home router based fixed IP address. PortForward.com has documents providing step-by-step guides on how to setup port forwarding for a huge list of routers
<http://portforward.com/>

To make life easier you should also get a dynamic DNS name from No-IP.com or DynDNS.org, but don't forget to download and install the services dynamic DNS updating client which you must run in the background on your Mac.

Once you have Remote Login and Screen Sharing enabled on your Mac, your home router configured to forward port 22 to your Mac, and a dynamic DNS name you can set up a Apple File Sharing tunnel

From your dorm in an Applications -> Utilities -> Terminal session

ssh -L 22548:localhost:548 
 -L 22590:localhost:5900 
 homeUserName@your.dynamic.dns.name

This will login to your home Mac, and give you an ssh tunnel for AFP and VNC

Now from your dorm Mac's Finder

Finder -> Go -> Connect to server -> afp://localhost:22548
Finder -> Go -> Connect to server -> vnc://localhost:22590

The first will allow you to mount your home file system on your dorm Mac. The second will allow you to start a Screen Sharing session.

And you can always use the scp or sftp commands from your dorm Mac's Terminal session. rsync is also possible, however, if you are serious about using rsync, you might want to install Carbon Copy Cloner and find its copy of rsync, as it is always patched and up-to-date.

By the way, Terminal, Unix, X11, and command line command, ssh, rsync, etc... questions are best asked in the Mac OS X Technologies > Unix Forum
<http://discussions.apple.com/forum.jspa?forumID=735>

And finally, if you want to be able to control when a post is marked "Solved" or give "Helpful" stars, you need to start your own new post and not piggy back on someone else's post.

Message was edited by: BobHarris