OS X Remote Management using a "man-in-the-middle" linux server

Occasionally some of my friends contact me asking for assistance with their Macs. Usually this help can be conveyed over the phone, but sometimes I couldn't be bothered trying to explain it all, I just do it myself!

How, you might ask, can I accomplish this when my friends are 2 hours away!

Here's how:

Reverse SSH tunnels.

Using my linux VPS, morepackets.com, as a middle-man.

My friend connects to morepackets.com using a reverse tunnel. This allows ports on a remote machine to redirect to ports on my friend's local machine.

Since my VPS is headless, it won't be running VNC. Therefore for purpose of simplicity I choose to reverse tunnel remote TCP port 5900 to local TCP port 5900. The VNC/Remote Management port.



For this setup, some configuration of the Mac in question is required, i.e. enabling of Remote Management in System Preferences.


Remote OS X Management:


1. Open System Preferences
2. Sharing
3. Enable Remote Management
4. Click Computer Settings
5. Enable "Anyone may request permission to control screen"


If using Apple Remote Desktop to control, skip ahead.
Else, set a VNC password for yourself.


The "Please Help Me" Tunnel:
Get your friend to use this tunnel!

1. Open Terminal (/Utilities/Terminal.app)
2. enter the following at the prompt:
ssh USERNAME@server.name.com -CNvR 5900:localhost:5900 
3. Accept the request to control screen when you see it.


The "Imma gonna save ya" Tunnel:
Rescuer uses this tunnel!

1. Open Terminal (/Utilities/Terminal.app)
2. Enter the following at the prompt.
ssh USERNAME@server.name.com -CNvL localport:localhost:5900 
Then simply connect to localhost OR listening_ip_address on a port of 'localport' using the VNC client of your choice.
If using Apple's Remote Desktop application, connect to the listening_ip_address using your localport.
If using another VNC app, like Chicken of the VNC, simply connect to localhost on your localport.
Wait for friend to accept control request. Done!