This to bypass the rules that are in place. Students connecting school devices to their cell phone hot spots, and using Over the past month, we have started to have trouble with Bypassing School Wi-Fi and Using Cell Phone Hot Spot Industry-Specific IT.I am now either just using TeamViewer or LMI Hamachi and I have secure access to all I need. I did actually have the "VNC viewers may control screen with password" option checked, and once I UNchecked it, I could not connect anymore from outside my home (which is good since that was not secure). I used to use LogMeIn Free and the Ignition client on my iPad, but since LogMeIn killed that I went to Jump Desktop for equivalent functionality. Jump has a Windows client as well I guess, but I've never used it. Personally, I use Jump Desktop Opens a new window to connect back to my Mac and Windows computers as I can do so from my Mac or iOS devices. The closest I can find is Apple Remote Desktop, which is related to Screen Sharing but isn't the same thing: Opens a new window Allowing Mac to Mac screen sharing is supposivly secure but I honestly cannot find anything documenting the security of that feature. If you click on Computer Settings, then click "VNC viewers may control screen with password" then you have enabled unencrypted VNC access.Īllowing VNC viewers would be bad security wise. If you go to System Preferences > Sharing > Screen Sharing and enable it, you will only be able to connect from another Mac. I mostly just remote in to my Mac to check the web cam and make sure my dog isn't eating the couch! haha Settting up a VPN would also be more trouble that this is worth. I did do with with normal VNC thru a SSH tunnel as you described, but found it was more of pain that it was worth and switched to TeamViewer. Personally I feel that two layers of encryption is better than one, and an SSH tunnel removes requirements for port forwarding so increases security there too. (tip: if doing this limit your vnc server application to only accept connections from localhost, or at least disable port forwarding for port 5900 on your router) Once the SSH connection is established you then connect your viewer to localhost, presto, SSH tunnel encrypted connection. If encryption is an issue then you can always add an extra layer by enabling SSH on your machine, port forwarding it, and then connect in with the extra parameter "-L 5900:localhost:5900". If you have SSH to the mac enabled them some versions will support encryption by transparently creating an SSH tunnel for some of the traffic. ARD uses the same technology as VNC for the heavy lifting.
0 Comments
Leave a Reply. |