Where’s Dave’s ssh article?

  • Posted: 04 November 2012 01:18 PM

    In eps 420, Dave said he was going to write an article on how to shut down a frozen Mac using the terminal and an ssh remote login.  Can anyone help me find it?

         
  • Avatar

    Posted: 06 November 2012 10:47 AM #1

    Hi rllewis!

    I haven’t written that yet, so ... I’ll start here with the basics.

    First—before there’s a problem—go to System Preferences > Sharing and enable “Remote Login.” Once you do, you’ll see the text on the right side of that pane change and show you “to log in to this computer remotely, type ‘ssh [user@computer]’” where [user@computer] is customized for you. Remember this. It might be easy to remember and you won’t have to write it down, but remember it nonetheless. It will be valuable when that machine is acting up.

    When it is, go to the Terminal and type the above command exactly as you read it. For me trying to connect to my office computer it would be:

    ssh dave@imacoffice 

    Then I type in my password and, with a little luck, I’ll get a command prompt that gives me access to my remote machine.

    Once I’m there, it’s one simple command to restart the Mac:

    sudo shutdown -r now 

    There are other ways to issue this command, but this is the one I use because it’s easy for me to remember. ‘sudo’ means we’re going to do this as the superuser, ‘shutdown’ is the command that we’re issuing, ‘-r’ means we want to restart (instead of shutdown) and ‘now’ means, well, do it now (instead of later).

    Because you’re using ‘sudo’ it will ask for your password, but then that *should* do it. It won’t always work, depending on what’s going on with your Mac, but… hey, it’s worth a shot. You’ll lose any documents you haven’t saved (or auto-saved) in your apps, but at least the system itself is shutting down properly and not being rudely powered-off.

    I should note that I often do this from my iPhone instead, using one of the various apps that lets me SSH (I use iSSH from Zinger-Soft). This is easier simply because I am often sitting in front of the offending Mac with my iPhone in my pocket. smile

    Any questions.. just ask!

    Signature

    -Dave Hamilton / The Mac Observer / Mac Geek Gab / Dave on Twitter
    When you find a big kettle of crazy, it’s best not to stir it.

         
  • Posted: 06 November 2012 01:23 PM #2

    How does this work outside of the local network? The address I’m given to type in for Remote Login is a local address.  You mention doing this while sitting in front of the machine, so you would obviously be on the network.  I would think that “Remote” would normally be outside of the network.

         
  • Avatar

    Posted: 06 November 2012 01:26 PM #3

    ziploc - 06 November 2012 01:23 PM

    How does this work outside of the local network? The address I’m given to type in for Remote Login is a local address.  You mention doing this while sitting in front of the machine, so you would obviously be on the network.  I would think that “Remote” would normally be outside of the network.

    You have to be on the local network *or* point the SSH port (TCP port 22) to this specific Mac. In this case, Apple’s using “remote” to mean “not this Mac.”

    You could also setup a VPN or use Back To My Mac (to another Mac) to do this, too… but if you’re troubleshooting a locked-up Mac, chances are you’d be on the local network anyway.

    Signature

    -Dave Hamilton / The Mac Observer / Mac Geek Gab / Dave on Twitter
    When you find a big kettle of crazy, it’s best not to stir it.

         
  • Posted: 10 November 2012 07:29 PM #4

    Another possibility, though a bit more complex, is to configure your local machine to run an SSH server (as you’ve obviously done, Dave) and then configure your firewall to route traffic on a certain port to that local machine. I use this technique to enable SSH connections to multiple servers behind my work firewall.

    The usual SSH port is 22, and the ssh client will use that port by default. The -p switch to the SSH command allows you to specify a different port. So, if your firewall is configured to forward traffic on port 2222 to the SSH port on your local machine, you could ssh to port 2222 and get an ssh connection to your local machine. Of course, you need to know the WAN IP address of your “local network”, or you can use a Dynamic DNS service, which I do, so that you can point your ssh client to a domain name, such as feedbag.myveryownhomenetwork.com.

    As I said, this is a bit more complicated, but it works like a charm and lets you SSH into multiple machines on a single network from anywhere you have an internet connection.  If you want to learn more, there are a lot of articles to be found via Google that explain SSH tunneling and reverse tunneling.