You don’t need to subscribe to MobileMe to access a Mac desktop remotely over the Internet from another Mac (“Back to My Mac”). You just need to do some setup. This description assumes (for simplicity) that you’re using Leopard (MacOS 10.5) on both Macs. If you’re still on Tiger (10.4) you’ll need a third-party VNC client like Chicken of the VNC; I haven’t tested that.
This setup runs the Apple Screen Sharing through an encrypted tunnel using SSH, for security.
- One-time setup on the Mac you’ll be connecting to, which we will call the “remote Mac”. In System Preferences>Sharing, turn on Remote Login (aka SSH). In System Preferences>Sharing, turn on Screen Sharing, and in Computer Settings, select “VNC viewers may control screen with password:”. Choose a password.
- One-time setup on the Internet router/firewall for the network your remote Mac is on. Forward TCP port 22 (SSH) from the Internet to your remote Mac’s internal/private IP address. You might find this option under something like “NAT Rules” on your firewall’s setup screens, which are web pages for most routers. If you haven’t assigned the remote Mac a static IP address, you might want to. Otherwise, find out the IP address that your router assigned it by looking in System Preferences>Network.
- One-time setup of a host name for your remote Mac’s Internet connection. It’s convenient to give your your firewall’s external IP address a host name, especially if its IP address is dynamically assigned by DHCP and subject to change without notice. The free service DynDNS.com allows you to create an account and choose a host name for your Internet connection in any of several domain names they control. To keep the DynDNS.com entry for your connection updated, you can use a free little program on your Mac called DynDNS Updater.
With a free DynDNS.com account, if your IP address doesn’t change for a month (so the updater doesn’t send any updates), DynDNS.com will send you an email saying your registration will expire unless you click on a link in the email to keep it running, so you’ll have to do that once a month. - One-time setup on your local Mac that you’ll be using to connect to the remote Mac. Allow Screen Sharing to connect to 127.0.0.1 (aka localhost); in Terminal run (all on one line):
sudo defaults write com.apple.ScreenSharing skipLocalAddressCheck -boolean YES
and type your password when prompted. - To access your remote Mac’s desktop over the Internet from the local Mac, in Terminal on your local Mac run (all on one line):
ssh -N -L 6900:127.0.0.1:5900 your_login_short_name@your.dyndns.host.name
If it asks if you want to add or trust the host key or something like that, respond yes. That should only happen once.
When prompted, type the password for your account on the remote Mac.
(your_login_short_name is the name of your home folder on the remote Mac; it will be lowercase with no spaces.)Run the Leopard Screen Sharing client; in Finder:
Go>Connect to Server (or Command-k)
In the Server Address box, type:
vnc://127.0.0.1:6900
A login box will pop up; enter your_login_short_name and your password for the remote Mac.
You can click the + to save this address as a favorite for the future.Your remote Mac’s desktop should appear!
In the Screen Sharing preferences, you might want to try the option “Show the screen at full quality (more detailed)” if needed and you have fast Internet connections at both ends.
