So, to start you need ssh access to a server on the network you want access to. Check

Now you need to know the port of the service on the remote machine you need access to.ARD uses port 5900 for control/observe. Check.

Now, you just need to forward the port like so

ssh -L 9999/10.1.32.25/5900 helios.lcsd2.org

I’ll break that down a bit.

-L 9999/10.1.32.25/5900

The -L requests that port 9999 on the local machine be bound to a secure tunnel over ssh to the remote machine. 10.1.32.25 is the machine that i am trying to access ultimately and 5900 is the port that i want.

helios.lcsd2.org

This is the remote machine i am ssh’ing to. This is the one i have access to outside the network that i use to connect to the computer i want access to inside the network.

So, to recap. I establish a secure connection to helios.lcsd2.org. I choose a local port on the local machine that i want to use to access that secure tunnel. I choose the machine and the port and the end of the tunnel that i want access to. Now all thats left is to connect.

I am assuming here that you are running leopard. In Finder, go to the “Go” menu and choose “Connect to Server”

Now, in the “Connect to Server” box, enter vnc://localhost:9999.

Now, if all is well, you should see a prompt asking for a username and password on the remote machine. Just enter in your credentials and your done! You should now see the screen of the remote machine and have full access to it.

I should point out that this basic technique can applied to just about anything. I used to use it to access my router configuration page when i was away. Just change the ip address to the router and the port to 80 and your good. You could also use this to access internal websites at your company, school, whatever.

Enjoy! Please leave a comment if this was helpful.

*Update* I forgot when i wrote this that Quicktime Pro is required. Quicktime Pro is $15 and in my opinion well worth it. While i agree that its functionality should be standard, it is the same cost as dedicated tools for just iphone ringtones and it does a lot more.

First, obviously, you have to have the music. You won’t be able to use iTunes music for this unless its iTunes plus. DRM gets in the way (that’ll be another post). The song needs to be one you ripped from a cd, pirated, et al. I don’t judge. I’m going to do this as step by step as i can for the benefit of my less technically inclined listeners.

Ok, second. In iTunes, find the song you want. Right click (or control click) on it and choose “show in finder”.

Now, a finder window will pop up and the song file will be selected.

The next step is to open the file in quicktime. If you double click it, by default, the file will probably open in iTunes so right click on the file (control click) and choose open with -> Quicktime Player.

Now you’re in quicktime. Here you have a window showing the song as a bar. At the one end are little triangles that that you can drag to select the portion you want. Just listen to the song and try to select just the part you want. Its important to note that the iPhone won’t do ringtones over 30 seconds. I think iTunes might not even sync it for you.

When you have about what you want, i recommend selecting a little more on purpose, press apple+c to copy it. Now you will need to press apple+n for a new windows and press apple+v to paste your selection into it. Here you can edit it further down to what you want. A tip, you can drag the window out to get more precise with your selecting.

Ok, you’re done choosing your ringtone. Its time to export the ringtone into a format iTunes will accept. Go to File -> Export, or you can press apple+e.

In the export options, at the bottom, click next to Export: and choose “Movie to MPEG-4″.

Now click options. At the top, make sure it says MP4 and not MP4 (ISMA). Under video you won’t have to change anything, there is no video. In audio, you want Format: AAC-LC, Data Rate: 128 (or whatever you want if you know better), Channels: Stereo, Sample Rate: Recommended (or whatever, not important), and Encoding Quality: Best. Under streaming, just make sure that streaming is unchecked and click ok.

Now you’re back at the export save screen. This part is important. iTunes will only recognize your file as a ringtone if it has a .m4r extension.

Save it somewhere you can find too, i recommend the desktop. Now its just a simple matter of dragging the file into iTunes and syncing your iPhone. If you manually manage things, just drag the ringtone over. The ringtones will show up in a special place in iTunes called “Ringtones”.

Now you’re done. Just select the ringtone on your iPhone in the usual way and then enjoy your free ringtones forever. Feel pride in the fact that you didn’t let the record industry rape you with their $.99 ringtones and flaunt your newfound abilities in their faces. Also, if you’re bored, let apple know this is unacceptable the way things are. The recording industry won’t hear or listen to you but apple might. They want their customers to be happy.

One more thing, if this all sounds like too much, remember, there are for pay programs out there that will assist you. Unfortunately programs like iPhone Ringtone Maker cost the same as Quicktime Pro so i recommend just learning the routine with quicktime. Quicktime Pro can be used for a lot more than just ringtone editing too. Let me know how it goes in the comments .

In Mac OS X there are at least two methods for resetting a password. And it does require resetting. This isn’t windows, you can’t just boot off a cd and automatically crack the password. Apple decided to used modern encryption techniques 10 years ago that were probably 10 years old then to protect your passwords. Microsoft still hasn’t.

Method number 1: Follow the instructions here to boot off a disc and reset your password the apple way.

Method number 2: Follow my instructions below and reset it the “cool” way.

Before i begin, there’s something i should talk about. In the traditional *nix world (unix, linux, solaris…nix), the idea of storing passwords in a flat file on the filesystem is the norm. Usually, in linux anyway, user info is in /etc/passwd (user id, shell, name, etc.) and the password data is encrypted in /etc/shadow. You will notice in OS X that the file /etc/fstab exists. So that file is where all user account data is stored, right? WRONG! This file exists but it is only consulted/used in any way in single user mode (i’ll get to that later). The thing to take away here is that in OS X, account data is stored in a database. Prior to 10.5 (maybe 10.4 too??) this database was apple’s proprietary netinfo database. In 10.5, netinfo was done away with completely and replaced something else ( i think its openldap). Either way, theres a little more to it than editing a text file.

I mentioned single user mode before. In the *nix world (again. unix, linux, etc.), there is some concept for allowing access to the system without loading the entire system up. You know, in case of emergencies or for maintenance reasons. Microsoft actually does this also with the recovery console…kinda. The important thing is, (unless you’ve locked it down) it gives you access to the system without authenticating. Whats more is that it gives you “root” access.

Ok, lets get to it. To enter single user mode, reboot the machine and, at the chime, hold down the “apple” and the “s” keys. Keep holding them down until you are presented with a text only prompt. We will be modifying files on the filesystem so we need to remount the filesystem as read/write. Type the following:

mount -uw /

Next step, we need to load the daemon responsible for providing access to the account database. This is a little different between 10.4 and 10.5. In 10.4, despite my sincerest efforts, i was unable to find a reliable way of starting only the process needed. I’ve only had trouble on clients 10.4.9 and below and i’m pretty sure its an apple bug. It just doesn’t work right (hangs at blue aqua screen). If you’re using 10.4.9 or below, good luck or check the end of this document for an alternative.

10.4:

sh /etc/rc

In 10.5, apple will actually give you the command to use if you try to use dscl (directory services command line utility).

10.5:

launchctl load /System/Library/LaunchDaemons/com.apple.DirectoryServicesLocal.plist

Now the daemon is running and you have access to the database. What we’re going to do here is enable the root account. Remember how i said that you currently have root access? Well, you can’t type passwd, give it a password and be done. The reason is like i said, right now /etc/passwd is being consulted. At best the command would fail. At worst, nothing would happen. You need to change the directory database root user’s password. I’m pretty sure this is the same in 10.4 and 10.5. We’ll be doing this interactive mode:

dscl .

This opens the command line utility and gives you “shell” access to the database. Next, we navigate to the right user like so…

cd /Users

Pretty easy so far. Now we’ll give the root account a password thus enabling it on boot. You can also substitute “root” here for any other account you see after typing ls to reset that password.

/Users > passwd root
New Password:
/Users >

Just enter your password of choice after “New Password” and your done. Type exit and then reboot to reboot into normal mode

exit
reboot

When the computer comes up, either click on other and type root for user and the password you gave or just type it in the name a password fields and voila! Superuser access. Now be careful. “With Great Power Comes Great Responsibility”. Seriously, the superuser isn’t inhibited by any permissions or many of the security features of the system. You can cause real damage and not even be warned about it with him. That said, you can also use it to ignore permissions and retrieve files or whatever you need to do.

Method 2.b. Make your own account.

Maybe you need into the computer but don’t want to bother any account data already there. The following commands, in non-interactive mode, will create a user called Administrator with administrative privileges.

dscl . -create /Users/"admin"
dscl . -create /Users/"admin" UserShell /bin/bash
dscl . -create /Users/"admin" RealName "Administrator"
dscl . -create /Users/"admin" UniqueID "id"
dscl . -create /Users/"admin" PrimaryGroupID "20"
dscl . -create /Users/"admin" NFSHomeDirectory /Users/admin
dscl . -passwd /Users/"admin" "password"
dscl . -append /Groups/admin GroupMembership admin

One thing about the above. The UniqueID. This has to be unique. One thing you can do to determine a usable uniqueid is to run this command:

echo $[$(dscl . -list /Users uid | awk '{print $2}' | sort -n | tail -n1)+1]

Of course, you’re probably safe using a high number like 550 provided you don’t have 50 or more local users on your machine. You can change the commands above to create a user with a different name, etc. but be careful. Theres a little more to it than that. Here are apples instructions on creating users this way but they leave out creating a group for the user and just using staff instead. Thats probably fine but i’ve had trouble not creating a group before. I may do a writeup on that later.

Now, the security conscious people out there are probably wondering, “isn’t this a huge security hole? I mean anyone can gain root whenever they want”. First, no they can’t. This might sound obvious but to do any of this, they have to be sitting in front of the machine. For years, security experts have said physical security is the first step to a secure system. Seriously, any machine can be compromised if you have physical access to it. FWIW, there are any number of tools available online to reset windows passwords. This same basic technique can also be applied to any linux system that hasn’t been really locked down but again, with physical access, you can reset it. That said, you can’t always have physical security. In a school for example, kids may be in a position to reboot a computer and do this without a teacher really noticing. If you want to, there are a few things you can do to mitigate the problem.

1. Set a firmware password. Here are apple’s instruction for doing so. The upside is it prevents both single user mode and booting from a disc without the password. The downside however is once again, physical security. If you have physical access to the machine you can reset the firmware password by removing some memory, turning it on and off, and putting the memory back in. This is, however, much less easy to do in a school lab environment.
2. Turn on filevault. Filevault will encrypt your home folder and all files in it using aes encryption. Filevault requires your account password to decrypt it or alternatively, the master password. The master password cannot be reset because only the one that encrypted it can decrypt it. This secures your data but a new account could still be made allowing someone to use the machine.
3. Disable single user mode. I hesitate to mention this because people might think its a legitimate thing to do. Don’t. Unless you’re sure you know what you’re doing, don’t. I’m not going to post instructions or links here but a quick google search should give you what you want.

Alternative method.

There is another thing you can do. If you don’t care about the current user account or its corrupt or something, you can reset it completely. Understand that all your login credentials will be wiped out and you will have to create a new one. First, enter single user mode and mount the filesystem read/write. Then do this:

10.4

rm -Rf /var/db/netinfo

10.5

rm -Rf /var/db/dslocal
rm /var/db/.AppleSetupDone

This removes the database files and forces Mac OS X to go through the setup assistant again allowing you to create an administrative account as though it were a brand new machine

Well, i hope this article has been informative. Please leave a comment if you like or have any suggestions/corrections to make.

*Update. Turns out i was a little off on (at least)one thing. In Mac OS X 10.5, netinfo has been completely dropped in favor of xml based files /var/db/dslocal. It looks like the directory services daemon starts at runtime and reads these in allowing for database style queries to it.

*Update 2. I really need to learn to proofread. Corrected many spelling errors and added commands where i had previously left placeholders. Enjoy.

*Update 3. Mac (seriously “mac”? thats the best you could do?) has pointed out that i’ve made a mistake. In 10.5 there is an additional step to take after deleting the directory database. I’ve added it above.