Don't forward local port 3389, various versions of Remote Desktop are too smart for their own good.
My usual steps involve forwarding local 3390 to remote 3389. Then, in MacRDC I use: localhost:3390
as the address to connect too.
I don't know if you're using anything to assist in the ssh connection setup, but from the command line, it would be something like:
ssh -L 3390:172.16.5.32:3389 jason@remote.net
Where;
- 3390
is the local forwarding port on my box.
- 172.16.5.32
is the remote windows host. and;
- 3389
is the Remote Desktop Port (obviously).
On Reusing Your Windows key.ppk
File
The PPK file is a PuTTY-specific private key. It's not a portable private key that works with any ssh-based application. It just works with PuTTY. You need to convert it first. I've found some instructions for converting it to a proper public/private key pair here. You'll need to do this from your Windows machine.
That will give you a private key, key.ssh
, that will work with ssh on your Mac. Put the key.ssh
file in your ~/.ssh/
directory. Make sure the permissions are correct:
% chmod 400 ~/.ssh/key.ssh
And then you can use it with your ~/.ssh/config
file like so:
Host domain.com
IdentityFile ~/.ssh/key.ssh
User username
If you no longer have access to your Windows machine you'll need to generate a fresh public/private key pair to use with your web server.
On Generating a Fresh Keypair To Use With Your Mac
Honestly, this is the best way to go here.
Password-less authentication with shared keys requires that both machines have a piece of the shared/public key pieces. Here's a complete recipe for setting up a shared key authentication scheme with two servers. It's not really OS X-specific. It's ssh-specific.
These instructions assume host1 is your Mac and host2 is your web server.
Generate a shared key on host1 (the shared key will be /Users/you/.ssh/webserver.pub
and the private key will be /Users/you/.ssh/webserver
):
% ssh-keygen -t rsa -b 2048 -f ~/.ssh/webserver
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in webserver.
Your public key has been saved in webserver.pub.
The key fingerprint is:
98:b7:fa:0f:0d:e7:7f:50:cc:9b:b4:57:db:8d:b4:03 ian@Ian-Chesals-iMac.local
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| o |
| o E * .|
| o S . = *=|
| . * . B.+|
| o o . o |
| . . . . |
| ..... .. |
+-----------------+
Note: I didn't enter a password for the key because I don't want to have to use a password when I use the use.
Now you need to append the ~/.ssh/webserver.pub
public key to the ~user/.ssh/authorized_keys
file on host2, your webserver.
% ssh user@host2 'mkdir ~/.ssh;echo '`cat ~/.ssh/webserver.pub`' >> ~/.ssh/authorized_keys'
For this to work you will need password access to the remote host. If you don't have this you can give ~/.ssh/webserver.pub
to someone who does have access to the box and ask them to append it to the authorized_keys
file for you perhaps. Or do it from your windows machine where you still have access.
Now make sure your private key is safe on your Mac:
% chmod 400 ~/.ssh/webserver*
ssh can get complain-y if your private/public keypairs are world readable or writeable.
Finally, you can add the following to your ~/.ssh/config
file to invoke the right key combination when you try to ssh in to your web server:
Host domain.com
IdentityFile ~/.ssh/webserver
User username
This will get you the password-less, keypair-based authentication you desire.
Best Answer
As per this page, X11/XQuartz is deprecated from OS X now, and you will need to install it seperately in order to get any X-Windows display manager type stuff working:
http://support.apple.com/kb/HT5293
There seems to be another X11 download here which may also be useful.
http://support.apple.com/downloads/X11_for_Mac_OS_X_1_0