2008.07.07 – 15.50 UTC+08 (Singapore Time)
As I increasingly use and rely upon Unix-like operating systems such as FreeBSD (and GNU/Linux) on desktops, I tend to forget at times that I’m using a sophisticated server installed locally to generate my graphical environments, namely X11. And just as with any server I can call it up from another machine and use its services.
X11 was built specifically to serve graphical applications over networks, and can still be used in this way by employing SSH on the client, and installing the desired applications on the server. My primary desktop is a DIY running FreeBSD 7.0 (more on my debacle with Debian GNU/Linux in a later post!), and my primary mobile machine is an original generation MacBook Pro.
USELESS ASIDE: Given the fact it’s about time for my half-yearly move back to Adelaide, Australia I’ve been contemplating how best to access my desktop machines here in Singapore using my MacBook Pro which I’ll be taking with me. These are the things that keep my up at night.
To access desktop applications on a remote Unix-like machine on your Mac, fire up your Terminal and use the regular SSH command, but with the -X flag:
% ssh -X [USERNAME]@[HOST MACHINE]
% Password: [PASSWORD]
Provided you have installed X11.app from either your Tiger or Leopard install DVD; or better yet downloaded the latest community build of Xquartz from MacOSForge; you should now be able to enter in the name of a graphical application and have it appear!
Tunneled FreeBSD X11 apps running on Mac OS X through SSH
For example, I entered % xfce4-panel and used that to launch some of my favourite apps, as you can see above. Over my local home gigabit ethernet connection and even at Starbucks on the free Singapore public WiFi networks the applications felt like they were running on my local machine.
You may recognise the Xfce panel from my previous post on Xfce and Openbox. There’s a reason for that; I’m using the panel remotely from the same machine. Ain’t [computer] science wonderful?
Plus then you can do things like run local Mac applications and the remote X11 applications on the same screen:
Xfce’s Thunar file manager compared to Leopard’s Finder
2007.10.29 – 19.01 UTC+08 (Singapore Time)
Having used Mac OS X Leopard (Singapore, Australia) for the last few days on my MacBook Pro I’ve discovered many changes in security from OS X Tiger and earlier releases including some genuine surprises that threw me off guard! I’m posting what I’ve discovered here in the hopes it may be useful to other people.
- NetInfo Manager is gone
- A cursory glance at the Utilities folder will show NetInfo Manager has ceased to exist, like a certain Monty Python parrot. Some of the user specific features have been relegated to a very sneakily hidden menu in the Users panel of System Preferences.
If you want to change the UID or default shell assigned to a user for example, right click or CTRL click on the name of the user and click “Advanced Options” in the popup menu.
- Firewall has moved
- The Firewall has been moved in System Preferences from the “Sharing” panel to the “Security” panel. Reading comments on forums a lot of people are angry about this, but to me it makes perfect sense!
- Firewall has been dumbed down
- Aside from a crude menu that lets you add generic “.app” programs, there is no way now to create your own custom rules, port number assignments, UDP/TCP or anything whatsoever. I guess it’s back to the command line to configure these things.
- Higher SSH encryption by default
- If you open the
/private/etc/sshd_config configuration file, Leopard ships with level 2 SSH security and without the option of falling back to level 1 like previous versions. This is a welcome change.
- Graphically impossible to change your SSH port
- But therein lies a problem! If you change your SSH listening port in your aforementioned
sshd_config for obfuscation reasons, in the Leopard Firewall System Preferences pane there is no way whatsoever to open that SSH port because you’re limited to only creating generic rules based on .app’s and the Services you start in the “Sharing” panel; which will turn on port 22.
So some welcome security changes in Leopard, and you’ve got to hand it to Apple for trying to make configuring security more streamlined, but I’m disappointed that in doing so so much functionality has been lost. Hopefully Apple (or perhaps even a third party) will address the legitimate need to create custom Firewall permissions soon.
If I’ve made any mistakes or you have anything to add, please post a comment. Cheers ^^.
Related Posts
Post to del.icio.us
