So, to start you need ssh access to a server on the network you want access to. Check

Now you need to know the port of the service on the remote machine you need access to.ARD uses port 5900 for control/observe. Check.

Now, you just need to forward the port like so

ssh -L 9999/10.1.32.25/5900 helios.lcsd2.org

I’ll break that down a bit.

-L 9999/10.1.32.25/5900

The -L requests that port 9999 on the local machine be bound to a secure tunnel over ssh to the remote machine. 10.1.32.25 is the machine that i am trying to access ultimately and 5900 is the port that i want.

helios.lcsd2.org

This is the remote machine i am ssh’ing to. This is the one i have access to outside the network that i use to connect to the computer i want access to inside the network.

So, to recap. I establish a secure connection to helios.lcsd2.org. I choose a local port on the local machine that i want to use to access that secure tunnel. I choose the machine and the port and the end of the tunnel that i want access to. Now all thats left is to connect.

I am assuming here that you are running leopard. In Finder, go to the “Go” menu and choose “Connect to Server”

Now, in the “Connect to Server” box, enter vnc://localhost:9999.

Now, if all is well, you should see a prompt asking for a username and password on the remote machine. Just enter in your credentials and your done! You should now see the screen of the remote machine and have full access to it.

I should point out that this basic technique can applied to just about anything. I used to use it to access my router configuration page when i was away. Just change the ip address to the router and the port to 80 and your good. You could also use this to access internal websites at your company, school, whatever.

Enjoy! Please leave a comment if this was helpful.

Key-based authentication is an alternative way of authenticating over ssh. Instead of a user name and password, you use a public/private key pair and authenticate this way. A user can optionally be specified as well.

To begin you’ll need to open Terminal.app in your Applications/Utilities folder.

Issue the following command into terminal:

mkdir ~/.ssh

This creates the necessary directory to hold your key.

Now navigate to the directory

cd ~/.ssh

In this directory issue the following command

ssh-keygen

Press enter at every prompt, you should see something similiar to this:

Jesse-Coles-MacBookPro:~/.ssh a$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/a/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/a/.ssh/id_rsa.
Your public key has been saved in /Users/a/.ssh/id_rsa.pub.
The key fingerprint is:
66:e2:df:a0:09:dd:41:aa:4b:d4:6f:f3:22:b3:a2:b4 a@Jesse-Coles-MacBookPro.local

The next step is to copy the public key to the remote machine. First though, the directory must be created.

Initiate an ssh connection to the remote machine.

ssh user@host

Enter your password like usual.

Next create the .ssh on the remote machine.

mkdir ~/.ssh

Now end the connection so you can copy the file to the remote machine.

exit

And copy the id_rsa.pub file to the remote machine

scp id_rsa.pub @:~/.ssh/new.pub

Notice i named the destiation file new.pub, this is so that if the destination machine already has key-based authentication already set up, you won’t overwrite its public key.

Now you need to initiate another ssh connection the the remote machine. This will be the last time you type your password for ssh.

ssh user@host

Now copy your public key to the users list of authorized keys

cat ~/.ssh/new.pub >> ~/.ssh/authorized_keys
exit

Your done!

From now on when you ssh to the remote machine, you will not be prompted for you password.