MacOS – How to remotely connect Macs across different networks

command linemacosremote controlremote desktopssh

I'm trying to connect two Macs that are not in the same Wi-Fi network.
I'd like to use terminal instead of available Remote Desktop programs.

My remote Mac had already all the preferences active in "sharing" prefs.
Problem is… while I can do that from the same network using

open vnc://name.IpAddress

But I have no idea how to do that from different networks. I'd like to be able not only to enter the remote Mac, but also see the screen.

I do have full control over the hardware and software from beginning to end. The Mac will never have a monitor attached and runs my scripts and my software only. I buy the hardware, install my software, and ship. I am able to have the machine connect to their Wi-Fi so that I have all the system info needed uploaded to the database. Like local IP address… and basically everything I tell the script to do.

How can I remotely connect to the Mac from a different network ?

Best Answer

Assuming you have a central and stationary management unit (a Mac) and several remote Macs (1:n relationship), I would choose an inverted VPN-approach:

Set up a VPN-server on your central Mac. The network address of the VPN-net mustn't collide with local network addresses. Port-forward all necessary ports to your Mac on your local router. Depending on your Internet service provider and your Internet connection get a dynamic DNS-address.
Set up VPN-clients on the remote Macs and connect them to your central VPN-server. The clients mustn't route all traffic via the VPN-connection.
Enable Screen Sharing on the clients
Connect "locally" with your VNC-app.

Since the question misses some details (e.g. macOS versions/number of remote Macs/safety rules in the remote networks/24-7 service/Internet & network stability locally and remote etc.), I can't answer the question in all its particulars.

Related Solutions

Control Mac Remotely From Multiple Different Networks using only Apple Software

In order to control another Mac you'll need to go to 'Apple Menu -> System Preferences...' on the Mac you want to control and enable 'Remote Management'.

In the 'Allow access for' section of 'Remote Mangement' you can leave the default selection of 'All Users', which will allow any account on the controlled Mac to be used to login for remote management or you can select 'Only these users' and define specific accounts that can be used.

Click 'Options...' to define what remote management actions are allowed. You'll probably only need to select 'Observe' and 'Control'.

If you're both on the same network then you can do a Command + K from the controller Mac and type vnc://mygirlfriendsmac or vnc://ipaddress to connect to the Mac you want to control.

Regarding the issue with controlling a Mac on a different network, this is where things can get complicated since there are a lot of variables depending on what network the Mac you want to control is on. This is one possible solution:

First, you'll need to know if port 5900 is open on the network the Mac to be controlled is on. A lot of firewalls block this port. (You can do a VNC tunnel on port 80, but that's probably beyond the scope of this question.)

If port 5900 is open then you'll need to know the publicly accessible IP address of the Mac to be controlled. One way to do this is to use http://DynDNS.com.

This is how DynDNS works:

You can signup for a free account that allows you to create a DNS entry that you define (ie- mygirlfriendsmac.dyndns-ip.com). You'll then need to install the DynDNS app on the Mac you want to control. This app will send the public IP address to DynDNS every few minutes so that you'll be able to do a Command-K on your Mac and connect to the DNS entry you defined (mygirlfriendsmac.dyndns-ip.com) and you can be assured it will be mapped to the current IP address of the Mac you want to control.

MacOS – How Do I Disable Remote Management and Enable Screen Sharing

I found the following code in a file I didn't open for a long time. It enables Remote Login on a remote device. Save the script somewhere (from now on referred to as /path/to/script/). Copy the script to the other device.

tell application "System Preferences" to set current pane to pane "com.apple.preferences.sharing"
tell application "System Events" to tell process "System Preferences"
    click checkbox 1 of row 6 of table 1 of scroll area 1 of group 1 of window "Sharing"
end tell

This enables remote login. Now, to disable remote management and enable screen sharing, use the same script, but remove the 3rd line and add these 2 lines:

tell application "System Preferences" to set current pane to pane "com.apple.preferences.sharing"
tell application "System Events" to tell process "System Preferences"
    click checkbox 1 of row 7 of table 1 of scroll area 1 of group 1 of window "Sharing"
    click checkbox 1 of row 2 of table 1 of scroll area 1 of group 1 of window "Sharing"
end tell

To copy this script on the remote device, use scp (secure copy). To use scp type
scp /path/to/script username@IP.of.other.device:/some/path
OR
scp username@hostnameOfDevice:/some/path/
The second option (using the device hostname) requires that the devices are on a computer-to-computer network, so it will not work on a normal wifi network. You will see a prompt requesting the password of username. When you type the password, you will not see any text appear (obviously to prevent people from seeing the password).

Once it is copied, remotely log into the device:
ssh username@IP.of.other.device
OR
ssh username@hostnameOfDevice
Again, the use of the hostname requires computer-to-computer network. Once logged in, run the script using osascript /some/path/theScript.scpt (remember that using scp we copied the script to /some/path, this will be different on your device). This will disable remote management and enable screen sharing.
Good luck!

Best Answer

Related Solutions

Control Mac Remotely From Multiple Different Networks using only Apple Software

MacOS – How Do I Disable Remote Management and Enable Screen Sharing

Related Question