You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: drcpub
drcpub Author
User level: Level 1
8 points

VNC through ssh using Mojave Catalina or Big Sur

I am trying to connect to my MacPro running Mojave from work using my Big Sur laptop. Connections through connect to server using vnc work fine. Connecting by ssh work fine. I would like to create an ssh, vnc tunnel from work to my Mac Pro. I've seen many different ways to do it but either I am getting the syntax wrong. Could someone please assist me in getting this up and running? Because of Covid, many still have me working remotely and since it involves peoples names and personal data, I would like to keep any information sent over the internet as safe as possible.

Thank you

MacBook Air 11″, macOS 11.1

Posted on Mar 16, 2021 9:14 AM

Reply
Question marked as Top-ranking reply
User profile for user: BobHarris
BobHarris
User level: Level 9
54,923 points

Posted on Mar 16, 2021 9:23 AM

If you can make an ssh connection, then the following should work:


ssh -L 55900:localhost:5900 username@remote.mac.address


Now from the Finder -> Go (menu) -> Connect to server -> vnc://localhost:55900


This should work. The 55900 is just a random large value that is unlikely to be in use as a TCP/IP port number. It can be any large value less than 65534, and greater than 1024. The 5900 is the port I assume the remote Mac's Screen Sharing is listening on.


The vnc://localhost:55900 will start a local Screen Sharing session connecting to the local port 55900 that is your local entrance to the ssh tunnel, and it will exit at port 5900 on the remote Mac which should be the port the remote Mac's Screen Sharing is listening on.


I've done this many times between my Mac and my Mom's iMac 300 miles away across the internet.


View in context

Similar questions

6 replies
Question marked as Top-ranking reply
User profile for user: BobHarris
BobHarris
User level: Level 9
54,923 points

Mar 16, 2021 9:23 AM in response to drcpub

If you can make an ssh connection, then the following should work:


ssh -L 55900:localhost:5900 username@remote.mac.address


Now from the Finder -> Go (menu) -> Connect to server -> vnc://localhost:55900


This should work. The 55900 is just a random large value that is unlikely to be in use as a TCP/IP port number. It can be any large value less than 65534, and greater than 1024. The 5900 is the port I assume the remote Mac's Screen Sharing is listening on.


The vnc://localhost:55900 will start a local Screen Sharing session connecting to the local port 55900 that is your local entrance to the ssh tunnel, and it will exit at port 5900 on the remote Mac which should be the port the remote Mac's Screen Sharing is listening on.


I've done this many times between my Mac and my Mom's iMac 300 miles away across the internet.


Reply
User profile for user: drcpub
drcpub Author
User level: Level 1
8 points

Mar 17, 2021 9:18 AM in response to BobHarris

So I tried the file sharing, it is very possible I'm doing something wrong but here are the results.


ssh -L 55900:localhost:5900 -L 50548:localhost:548 -L 50139:localhost:139 username@remote.mac.


The terminal command works fine for the VNC connection no issues.


The AFP mapping works but bring me to an external hard drive ( the time machine backup volume ), " Connect to server, CMD K, ---> open afp://localhost:50548 from a second terminal window. Funny thing is the Time machine backup volume is not even shared at all.


The SMB file share does not connect at all, error message says service not running. SMB is turned on in File Sharing preferences along with AFP sharing. So I wondering if 2 other ports need to be included in the nested ssh command, adding port 137 and 138. According to an apple supplied port assignment https://support.apple.com/en-us/HT202944


Any thoughts please?

And again thank you for your help, Bigtime!!



Reply
User profile for user: BobHarris
BobHarris
User level: Level 9
54,923 points

Mar 16, 2021 2:36 PM in response to drcpub 

ssh -L 50548:localhost:548 username@remote.mac.address


Finder -> Go (menu) -> afp://localhost:50548


for an SMB server


ssh -L 50139:localhost:139 username@remote.mac.address


Finder -> Go (menu) -> smb://localhost:139


Again, the 50548 and 50139 are just local TCP/IP ports that are not used for anything (well not typically). The 548 is the AFP server port, and the 139 is the SMB server port.


Also from a local Terminal session (not the one you ssh'ed into the remote Mac) you can also issue


open vnc://localhost:55900
open afp://localhost:50548
open smb://localhost:50139


There are other ways to make the connections, but I'm not going to try an detail them here.

Reply
User profile for user: BobHarris
BobHarris
User level: Level 9
54,923 points

Mar 18, 2021 10:10 AM in response to drcpub

For SMB try port 445 instead of 139. But NOTE: I got both 139 and 445 to work from my personal mac to my company Mac. But from the Company Mac to my personal Mac neither worked, because the company makes me run a commercial Anti-Virus package, and its firewall interferes with local and remote connections. If you have any A/V package, firewall, LittleSnitch, or even the macOS Firewall installed/enabled, that may interfere with your file server connections.


As to AFP, you made a connection. It is now up to the remote Mac to offer what it is going to offer. Play with the Remote Mac's System Preferences -> Sharing -> File Sharing -> Options..., and Shared Folders, and Users

Reply

VNC through ssh using Mojave Catalina or Big Sur

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up