I started working in an office again last Fall and found myself wanting to access my home machine often. It was time to finally set up some sort of VPN. My home machine is a Mac mini attached to a projector and a Drobo. I have an iPad, phone, and work laptop, but that’s the extent of the computing devices I use at home. I use the mac mini essentially headless, accessing it via OSX’s built in Screen Sharing and file sharing. I wanted to recreate that experience remotely.
I’d looked at GUI SSH tunnel management on OSX before but was never really happy with it. CocTunnel is a brand new project though and super solidÂ¹. I am a bit paranoid about opening ports on my router so the first thing I did was turn off password SSH access. sshd will drop anything that isn’t public key now. I also associated it with a non-standard port on my router. When CocTunnel connects to my home machine it forwards the ports from the three services I regularly use: 3689 for iTunes library sharing (daap), 548 for Apple File Protocol (afp), and 5900 for Screen Sharing (remote frame buffer, rfb).
The final piece to make the experience seamless is Network Beacon. Network Beacon lets you advertise any arbitrary Bonjour service. I created a beacon for each of the three services and their ports named the same way they appear on my home network (pictured above). Now if I open Finder, my server appears just like it does at home. I can mount filesystems, share screens, or stream the iTunes library.
Keep in mind: the amount of fun you have with any of these solutions is entirely dependent on your home connection’s upload speed.
Footnote 1: The developer says it’s pronounced “Ci Oh Ci Tunnel”. It gets it’s name because it’s built Cocoa, so you could say “Coke Tunnel”. I’m a sporting man myself and say “Cock Tunnel” like an adult.