Mac os ssh vnc

Set up a computer running VNC software for Remote Desktop

VNC access is determined by the VNC software. To access a computer running VNC, you only need to know the IP address or fully qualified domain name and the password designated in the VNC software. The VNC password doesn’t necessarily correspond to any other password on the system.

Set up a non-macOS client running VNC software

You can set up a non-macOS client to be viewed with Remote Desktop.

Install the VNC Server software and assign a VNC password on the client computer.

Make sure the client’s firewall has the VNC port open (TCP 5900).

For more detailed instructions on steps 1–2, see the documentation that came with the client operating system, VNC software, and firewall software.

Make sure “Encrypt all network data” isn’t selected in the Security pane of Remote Desktop preferences.

If you encrypt network data, you won’t be able to control the VNC client, because Remote Desktop can’t open the necessary SSH tunnel to that computer. When you try to control a computer running VNC software, you see a warning that the keystrokes aren’t encrypted.

Add the computer to the All Computers list in Remote Desktop using the client’s IP address.

Enter the client computer’s VNC password in the Remote Desktop authentication dialog.

Configure a client to be controlled by non-Apple VNC software

You can configure a Remote Desktop client to be controlled with non–Apple VNC software. Allowing non–Apple VNC software access to a Remote Desktop client is less secure than using Remote Desktop to control the client. The VNC protocol implemented in non–Apple VNC software may not encrypt keystrokes sent over the network, so sensitive information can be intercepted. Also, the non–Apple VNC software expects the password to be stored in a cryptographically unsecured form and location. Granting VNC access to control a screen is the most powerful feature in Remote Desktop, and provides nearly unrestricted access.

WARNING: Don’t select a VNC password that’s the same as the password of any local user on the client computer or of the Remote Desktop administrator.

On the client computer, choose Apple menu > System Preferences, click Sharing, then select Remote Management in the list at the left.

Click Computer Settings, then select “VNC viewers may control screen with password.”

Enter a VNC password, then click OK.

Change the VNC port on an existing computer

After you add a computer running VNC software to a computer list (or when you’re first adding it), you can set a custom port for VNC communication, and you can designate a display to control.

In Remote Desktop , select a computer list in the sidebar of the main window, select a computer running VNC software, then choose File > Get Info.

Click Edit, edit the Screen Sharing Port field, then click Done.

Designate a custom VNC port when adding a computer

You can pick a custom VNC port on which to view clients. Custom VNC ports are used for Network Address Translation (NAT) implementations, firewall settings, or viewing multiple displays.

In Remote Desktop , choose File > Add by Address, then enter the following:

The IP address or fully qualified domain name of the client computer

The user name and password

If the client computer uses NAT, click the Advanced Options triangle.

Enter the public ports that are mapped to the client in the Remote Management Port field and the Screen Sharing Port field, then click Add.

Источник

Question: Q: enable vnc over ssh

I am struggling over how to set up vnc over a ssh connection on my local Mac. I can connect a ssh to the remote host but it is only command-line-based. I prefer visualization so I want a vnc. I have googled a lot of pages on how to enable a vnc over ssh and most of them suggest that I first key in «ssh -L 5901:localhost:5901 -N -f -l username remote_IP» on a terminal and give the password when prompted. Then key in «vncviewer localhost» will suffice. But what is this «vncviewer»? My laptop denotes there is no such command.

Posted on Sep 8, 2017 1:43 PM

Helpful answers

Finder -> Go -> Connect to Server -> vnc://localhost:5901

This will start up the macOS build-in Screen Sharing app, which support VNC, and should do exactly what you want. Especially if the other system is a Mac.

NOTE: Is your remote VNC server running on port 5901? I ask, because typically VNC servers use port 5900. I would have expected to see an ssh command more along the lines of:

ssh -L 5999:127.0.0.1:5900 -N -f -l username remote.system.address

Where the 5999 is the local port (could be any unused port), 5900 is the VNC server port on the remote system, and the command to make your connection would be «open vnc://localhost:5999»

If you are NOT going to another Mac, but rather going to a Linux or Unix based system, then download and install the free RealVNC Viewer. This will perform better in a cross platform environment.

I find the nicest thing is that RealVNC keeps your clipboard in sync, so that you can Copy & Paste between the 2 systems.

Re: vncviewer is an open source app. It is also X11 based. To use vncviewer you would have to

A) get it via a package manager (or compile it yourself)

B) install XQuartz to get X11 support on your Mac

C) it would be a less pleasant experience. 🙂

PS. I do VNC across ssh tunnels all the time. I connect to my Mom’s 300 mile away iMac using an ssh tunnel. When connecting from home to work and I want to use a VNC, I use an ssh tunnel.

PS 2. I have used vncviewer in an X11 environment on my Mac, so I speak from experience. The macOS Screen Sharing, RealVNC, or Chicken (of the VNC), would all be better than using vncviewer.

Sep 9, 2017 5:02 PM

There’s more to the conversation

Loading page content

Page content loaded

Finder -> Go -> Connect to Server -> vnc://localhost:5901

This will start up the macOS build-in Screen Sharing app, which support VNC, and should do exactly what you want. Especially if the other system is a Mac.

NOTE: Is your remote VNC server running on port 5901? I ask, because typically VNC servers use port 5900. I would have expected to see an ssh command more along the lines of:

ssh -L 5999:127.0.0.1:5900 -N -f -l username remote.system.address

Where the 5999 is the local port (could be any unused port), 5900 is the VNC server port on the remote system, and the command to make your connection would be «open vnc://localhost:5999»

If you are NOT going to another Mac, but rather going to a Linux or Unix based system, then download and install the free RealVNC Viewer. This will perform better in a cross platform environment.

I find the nicest thing is that RealVNC keeps your clipboard in sync, so that you can Copy & Paste between the 2 systems.

Re: vncviewer is an open source app. It is also X11 based. To use vncviewer you would have to

A) get it via a package manager (or compile it yourself)

B) install XQuartz to get X11 support on your Mac

C) it would be a less pleasant experience. 🙂

PS. I do VNC across ssh tunnels all the time. I connect to my Mom’s 300 mile away iMac using an ssh tunnel. When connecting from home to work and I want to use a VNC, I use an ssh tunnel.

PS 2. I have used vncviewer in an X11 environment on my Mac, so I speak from experience. The macOS Screen Sharing, RealVNC, or Chicken (of the VNC), would all be better than using vncviewer.

Sep 9, 2017 5:02 PM

Thank you for your reply! I have followed your suggestion to change remote port to 5900. My command line to set up ssh tunnel is now as following:

ssh -L 5900:localhost:5900 -N -f -l username remote.system.address

Then I go to Finder -> Go -> Connect to Server -> vnc://localhost:5900 but there is a wrong message:

In the meantime, the terminal shows that «channel 2: open failed: connect failed: Connection refused». What is «channel 2» here? How can I solve this?

Sep 9, 2017 4:44 PM

In the meantime, the terminal shows that «channel 2: open failed: connect failed: Connection refused». What is «channel 2» here? How can I solve this?

I’m guessing the SSH connection has multiple channels, and the tunnel is channel 2.

I’m going to guess that 5900 is not the port the remote VNC server is listening on. Maybe it is 5901. We are going to have to figure this out.

Time to ask a few questions.

• What operating system is the remote system using? Mac? Linux? Other?
• Can you VNC without ssh?
  • If you can VNC without ssh
    • what is the VNC client you are using on your Mac?
    • what is the connection information (do not actually tell me the real remote host name or IP address; I do not need that, but I do need to know if you have to plug in a display number or port value)
  • If you CANNOT VNC without ssh, can you tell me anything about the VNC server you are using on the remote system
    • How do you start the remote VNC server? Did it come with the remote operating system, or did you have to install it?
    • Did you have to configure the remote server. Did you have to specify a display or port number. For example on a Linux system I use, I issue the following command to start my VNC server
      • vncserver :51
      • where :51 translates to port 5951, I would use: ssh -L 5999:localhost:5951 .
      • did you need to use something similar to start your VNC server?
    • With your vnc server running on the remote system, assuming it is some flavor of Linux/Unix, can you get any information using the ‘ps’ command
      • ps ax | grep vnc
      • I get something like this from my Linux system:

        7851 ? S 14:18 /usr/bin/Xvnc :51 -desktop remote.node.name:51 (me) -rfbport 5951

    • If you have not figured out what the VNC server port is yet, is there an ‘lsof’ command (list output files)
      • lsof | grep ‘vnc.*listen’
      • I get something like this:
        • Xvnc 7851 me 0u IPv6 602312 0t0 TCP *:6051 (LISTEN)
        • Xvnc 7851 me 1u IPv4 602313 0t0 TCP *:6051 (LISTEN)
        • Xvnc 7851 me 6u IPv4 602318 0t0 TCP *:5951 (LISTEN)
        • vino-serv 7926 me 15u IPv6 602922 0t0 TCP *:vnc-server (LISTEN)
      • The 5951 is the one I’m interested in.

Anything else you can tell me about the remote server, the remote operating system, etc. will be helpful in figuring out what is missing in the ssh connection setup.

Источник

Stepanoff Home Network

Unix Блог

8 февраля 2011 04:47 пп

Включение Remote Desktop и VNC в Mac OS X через SSH

Иногда возникает необходимость зайти на оставленный дома Mac, и выясняется что вы забыли включить удаленное управление, но при этом SSH доступ включен. В этой заметке я расскажу как управлять удаленным рабочем столом на Mac OS X из терминала локально, или через SSH.

Данное руководство подойдет для Apple Remote Desktop 2.x, Apple Remote Desktop 3.X, Apple Remote Desktop 2.2

Управление Remote Desktop через терминал осуществляется при помощи утилиты kickstart, которая входит в его состав. Далее несколько примеров работы с утилитой kickstart.

Утилита расположена по следующему пути:

/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart

Для использования kickstart необходимы права администратора в системе, поэтому используйте sudo в начале команд.

И так, примеры использования:

Включаем Remote Desktop Sharing, для всех пользователей, и перезапускаем агента ARD (Apple Remote Desktop)

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -restart -agent -privs -all

Включаем Remote Desktop Sharing для пользователя admin со всеми привилегиями, перезапускаем агент ARD и Extra меню.

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -users admin -privs -all -restart -agent -menu

Включаем Remote Desktop Sharing, выключаем привилегии доступа для всех пользователей.

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -off

Останавливаем агент ARD

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -agent -stop

Деактивируем Remote Desktop Sharing

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -deactivate -configure -access -off

Для более подробной информации о возможностях утилиты kickstart выполните команду

Источник

Garbage In Garbage Out : Tech Blog

A collection of technology tips and other words

Set up Screen Sharing (VNC) via command line on Mac OS X remotely using SSH

Locked out of a Mac because Remote Desktop has suddenly taken a crap on you? Want to remotely enable Screen Sharing (Apple’s fancy name for VNC)? Well, as long as you have SSH active, you can enable Screen Sharing on Mac OS X 10.5 by following these easy instructions.

SSH into the machine on which you want to enable VNC.

EDIT 2/23/2017 : If you don’t want to enable Apple remote management, but instead ONLY want to enable screensharing, use the two commands below in Terminal:

EDIT 2/12/2009 : Thanks to David Jones for pointing out a document from Apple which details a command-line equivalent to all the steps detailed in my original post. Instead of the original directions posted here, simply execute the following command after SSHing into the target machine in order to enable screen sharing for the admin user and restart ARD. This will enable Apple Remote Management:

THE FOLLOWING INSTRUCTIONS ARE DEPRECATED:

First, we need to make sure that Remote Desktop is turned OFF. Issue the following command:

Enter your administrator password if requested.

Then, navigate to /Library/Preferences/

We’re going to create three text files there, which set up the preferences for Remote Management and VNC.

Enter your administrator password. Then, copy and paste the following text:

Press return, then press CTRL-d to close the file.

Enter your administrator password if prompted. Then, copy and paste the following text:

Press return, then press CTRL-d to close the file.

Set the default VNC password to “pass” by creating this file:

and copying and pasting the following text:

Press return, then press CTRL-d to close the file.

Let’s change the ownership and permissions on these files to their correct values:

Let’s set up launchd to automatically launch Screen Sharing on startup:

sudo echo enabled > /Library/Preferences/com.apple.ScreenSharing.launchd

Finally, let’s reboot the machine:

You can now VNC into your Mac, using either Leopard’s built in screen sharing or a third party VNC utility. On Mac, I recommend Chicken of the VNC, available for free download at http://sourceforge.net/projects/cotvnc/. Point your app of choice to your machine’s IP address or hostname. When prompted for a password, use the default one from above (pass).

Once you’re in, you need to go to System Preferences -> Sharing -> Screen Sharing, and click the “Computer Settings” button. There, enter in a new password to replace the default used at the beginning steps of this article.

10 thoughts on “ Set up Screen Sharing (VNC) via command line on Mac OS X remotely using SSH ”

This worked for me.

The only thing that’s wrong is the use of the sudo echo enabled > “” command – sudo will run the echo as root but bash won’t have permission to rewrite the file. Change to tee like the above examples.

@Mark: Good catch. Thanks for sharing. I’ve modified the original article to reflect your comment.

Thanks so much for this. Worked a treat. I didn’t want to reboot my Mac, though, so a bit more searching on the net (and a bit of extrapolation) produced this command:

sudo /bin/launchctl load /System/Library/LaunchAgents/com.apple.ScreenSharing.plist

…which started up the VNC server without rebooting. I’m in via TightVNC from my windows box at work. Pain in the rear fighting with the screen saver to log in though. Eventually got it.

Activate Remote Desktop Sharing, enable access privileges for all users, restart ARD Agent:

$ sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -restart -agent -privs -all

For some reason my kickstart (ARD) & associated files got hosed – so the Apple method was useless. This method works fine except no “>” required
—
sudo bash -c ‘echo enabled /Library/Preferences/com.apple.ScreenSharing.launchd’
—
allowed me to use Chicken of the VNC and correct the ARD issues

Hey Brewer – good write-up. My mac’s graphics card appears to be dead, and I searched around looking for exactly this. How cool that it turned out to be your article. talk at ya on FB soon – Orstead

Leave a Reply Cancel reply

You must be logged in to post a comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Bad Behavior has blocked 348 access attempts in the last 7 days.

Источник