Not Funny Ha-HaTim Hammerquist June 06, 2007 #macos #network #security #ssh
In my never-ending struggle to further my laziness, finding the best ways to accomplish more with less effort, I've been playing with Apple's Remote Desktop, hoping it would make my life easier.
Well, it's far from ideal. But the ARD manual surprised me when it offered a plain, 1-line (stock) shell command that would accomplish one of the several tasks this US$250+ product advertises. Not the kind of helpfulness you find in Redmondware.
It surprised me again when it used an ssh tunnel to encrypt all traffic the protocol didn't already encrypt (desktop images, some file copying). (You knew that OS X ships with OpenSSH 4.x now, right?) Anyway, cool. >click<
Connection failed because Remote Login is not enabled.
("Remote Login" is Mac-speak for SSH.)
Huh? I have an active ssh session with the remote box right now. And here's tshark saying an ssh DH key exchange happened, which would be difficult without a remote sshd. wtf?
A quick googling reveals no one else seems to have this issue, so I decided to see what customizations I might have made to my ssh config that could break this.
[ snip std debug techniques ]
Several extra #'s in my
~/.ssh/config later, I discover that Apple
Remote Desktop doesn't play well with OpenSSH's new session
multiplexing, and I have "ControlMaster auto" as default.
That said, as a remote administration tool, Remote Desktop.app is lacklustre. It is, however, one of the nicer VNC clients I've used. A bit steep for the price, mind you.