Now, if you are going to connect from the typical open wireless access that you will find at a coffee shop, then you should be thinking about the security of the information you pass to your home network. It is incredibly easy to eavesdrop on your web session on an open wireless network. There are, as always, multiple ways to connect home securely. I will show you a couple of different ways to do it.
From here on out, this post will reference a Mac system that is connected directly to the Internet without any sort of firewall in the middle. Next week, I'll do a similar post for those of you gutsy enough to connect your Windows system directly to your external connection.
On my home system, I have configured the SSH server to allow traffic from my internet connection. I can then connect to that from a Windows, Mac, or *nix system. When making the SSH connection, I choose the options to allow tunneling. This allows me to then connect to my home system while "tunneling" through the secure SSH connection.
From the Mac system that you are currently sitting at, the command you would use to do this is (all one line):
ssh -L 5931:localhost:5900 username_on_home_system@my_home_system.dyndns.org
By running this command, you are attempting to login to your system at home using an account named "username_on_home_system". Once you authenticate successfully, you instruct SSH to connect port 5931 on the system sitting in front of you to port 5900 on your home system.
Once you have successfully made this connection, then you can use a remote desktop application like RDP (for Windows) or VNC (for Windows, Mac, and lots of other systems). I use VNC on my home system, so that is why I chose the port number 5900 when connecting SSH. To connect to my home system, I use a VNC client like Chicken of the VNC and configure it to connect to the local systems sitting in front of me.
It may seem odd to be trying to connect VNC to the system that you are currently sitting at, but keep in mind that the SSH program is going to forward anything you send to your local port 5931 to the port 5900 on your system at home. If you've done everything correctly, you should be looking at your home desktop, and it will be completely encrypted while doing so! Now, you can launch programs on your home system just as if you were sitting there.
I hope you find this helpful. It can be complicated, but your privacy and security are well worth taking the time to figure it out. If you have questions, leave a comment for me and I'll do my best to help you out.
1 comment:
Hello, I do not agree with the previous commentator - not so simple
Post a Comment