Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

SSH into 10.6.8 MacMini

Been a few years since I last did this so I'm rusty. Any tips will be appreciated. The lowdown:


I want to open my MacMini 10.6.8 via wi-fi to my home router, so I can access it from work. In System Preferences>Sharing I have enabled Remote Login (for all users).


I've also forwarded port 22 from the router to the MacMini and can confirm that it's open (using http://portchecker.co/), only when Firewall is OFF in System Preferences. As soon as I switch Firewall to ON, the port is closed.


What am I forgetting?


This is difficult to troubleshoot while sitting at the MacMini at home for the added reason that my MacBook Pro uses the same router as the MacMini. Is there a way, by the way, that I can 'spoof' my MacBook Pro to behave as if it doesn't belong to the same wLAN when trying to connect to the MacMini?


Thanks, people.

MacBook Pro (17-inch 2.4 GHz), Mac OS X (10.6.8), iPhone 2G, TiBook 550MHz Gigabit Ethernet, PowerBook G4 17, B/W

Posted on Apr 27, 2015 1:00 AM

Reply
9 replies

Apr 27, 2015 6:17 AM in response to Alex Zachopoulos

1st if your Mac mini is going to be sitting behind your router all the time, you do not need to firewall, as the router is going to block all unsolicited connections, except port 22, which you explicitly opened, and you want your Mac mini to see as well.


If you insist on the firewall, then you need to use the System Preferences -> Security -> Firewall -> Options to specify that port 22 is allowed.


As for accessing your Mac mini via the outside world, but while still sitting at home, you should be able to just specify the router's IP address

ssh 11.22.33.44 (which is whatever your router's IP address is as reported by a service such as whatismyip.com or just googling "My IP Address".


NOTE: You may want to consider opening a different higher numbered port and have the router switch that to your Mac mini's port 22. Most routers allow this outside to inside port number switching. For example, open port 43922 to port 22 via the router, then access your Mac mini by specifying

ssh -p 43922 11.22.33.44

As long as the high numbered port is legal, there is very little chance of it interfering with anything.


The high numbered port to port 22 trick also allows you to have more than one port opened going to different Macs at home. I have about 5 such ports open on my router so I can ssh into different Macs at home while I'm away from the house.


The other advantage is that port 22 is well known, and an easy target for attempts to break into a system. Using a high numbered port reduces the number of probes to your Mac trying to break in. While it is not security, it is an annoyance reduction factor.

Apr 27, 2015 7:25 AM in response to BobHarris

Hi Bob, and thanks for pitching in.


1. About the Firewall setting: Already Port 22 is listed among the 'open' ports in the System Preferences. I suppose this is because I have enabled 'Remote login' in Sharing. The port, however, shows as 'closed' when I use a web service for port status checking. It changes to 'open' when I disable the Firewall. I appreciate what you say, namely, that since I'm behind a router/modem I might as well disable the MacMini's Firewall. I just would like to understand why the port is closed even though 'Remote Login', ie. service on port 22, is specifically set to On, or 'Open port 22'.


2. I have tried the 'ssh' command in Terminal on my MacBook Pro from work. I invariably get the long silence and finally 'ssh: connect to host 5.55.47.155 port 22: Operation timed out'. I have no idea as to why this happens.

Apr 27, 2015 7:54 AM in response to Alex Zachopoulos

then look at the Mac mini's system logs

Applications -> Utilities -> Console -> system.log

search for ssh


On the Mac making the ssh connection try:

ssh -v -v -v outside.address

ssh -v -v -v Mac_mini_name.local (or the local LAN IP address).


The the -v -v -v options will give tons of diagnostic information.

You want to preform 1 to the router IP address (the one that fails)

And 1 to the inside address (the Mac mini System Preferences -> Sharing -> Computer name fine print will give computer_name.local, which you can use)


Now compare the inside to outside ssh connection information and see if the debugging information will give you a clue about why the outside request failed. Also the Console output may tell you if you even made it as far as the Mac mini or if the router rejected the connection.

Apr 29, 2015 6:54 AM in response to BobHarris

Many thanks, Bob. Issue resolved. The reason why 'connection was refused' a few times is a silly one: I was entering an outdated ip... Also, when I finally did enter the correct ip, I was forgetting that my MacBook Pro was assuming that the ssh session ought to be for my own user account, 'Alex', while I was entering my wife's User Account Password for the MacMini (since it was her account that was active on the MacMini itself...). I know...


Out of curiosity: any tips as to how to enable greek character encoding in my Terminal session? I've got quite a few greek filenames, which all show as '?'s over ssh.


I've fiddled with the Terminal window encoding preferences on the MacBook Pro (i.e. from the computer from which I initiate the ssh session), I enabled all greek-related encodings, one by one, to no avail.

Apr 29, 2015 7:03 AM in response to Alex Zachopoulos

UPDATE: I had the Firewall set to 'Stopped' on the MacMini receiving the ssh session. Which is okay, since it's sitting behind my router.


However, should it not also work with the Firewall set to ON, assuming I have opened port 22 on the MacMini by checking the 'Remote Login' option in System Preferences>Sharing?


Because I have, and it's not.

Apr 29, 2015 7:13 AM in response to Alex Zachopoulos

I'm glad you got it working.


With respect to Greek and the Terminal, I'm not sure (being in the US, the Terminal default language works as is for me, and I've never had to play with it).


I assuming you have played with Terminal -> Preferences -> Advanced -> Character encoding:

And [X] Set locale environment variables on startup just before the "Character encoding:"


You may also want to play with the "Declare terminal as:" (same Advanced preference) to see if that affects how commands output their text.


After each change you may need to quit and launch Terminal again to get some of the changes to effect the commands you are issuing.


Finally, you can also give iTerm2 a try

<https://iterm2.com/>

This is another terminal emulator that may offer additional features. It is also kept up-to-date, where as the 10.6.8 version of Terminal has not changed since 2011.

iTerm2 -> Preferences -> Profiles -> Text -> font

iTerm2 -> Preferences -> Profiles -> Terminal -> Character Encoding


And there is always "Google" to see if someone else has solved this issue.

Apr 29, 2015 8:07 AM in response to Alex Zachopoulos

PS Any tip as regards my other question, about the Firewall?

Sorry, no.


I will ask if you run any programs such as LittleSnitch or an Anti-Virus utility. These programs can bounce connections from outside your LAN.


If they are not a factor, then the only advice I can give is to again use the ssh -v -v -v options of a failed AND a successful connection to see what changes, and to look at the Console -> system.log for why the ssh daemon may have rejected the connection. Actually it is also possible the logs would have firewall rejection messages, I'm just not sure what you would search for.

SSH into 10.6.8 MacMini

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.