llemarie’s weblog

Programming, tinkering – Lionel Lemarié

Archive for the ‘Remote Desktop’ Category

Tip: Connect to your iPhone using VNC and SSH

Posted by llemarie on September 5, 2009

VNC connection to iPhone

VNC connection to iPhone

After a short hiatus I thought I’d post something short and sweet to ease back into it.

There’s been quite a bit of news of people getting the location of their stolen iPhones via MobileMe. It’s also nice for your own peace of mind to be able to tell the phone to wipe itself so all your precious data doesn’t fall into thieving hands.

MobileMe is $99 a year though. Count me out.

Now I’ve previously talked about how to setup a tunnel to connect to a remote PC securely via Remote Desktop. In the same way it’s possible to connect to your iPhone securely, and, more importantly, wherever it has data access!

Here’s how to setup a persistent SSH tunnel from the iPhone to your home server that gives you SSH and VNC access to the phone.

You need:

– A home SSH server visible from the outside. If you want your phone to phone home, you need something to pick up.

– A jailbroken iPhone. If you don’t want to jailbreak it, there’s always MobileMe.

OpenSSH for iPhone. Install it via Cydia. Make sure you change the default passwd for both ‘root’ and ‘mobile’ users.

VNC server for iPhone. It’s called Veency, install it via Cydia. Go to the Settings and set a connection password.

Autossh. Install it via Cydia.

That’s it, now you just need a script to start the tunnel, another script to start the first script at load time, to register your phone ssh key on your home server and we’re done here.

The tunnel script, via the Terminal or a SFTP application (I recommend the free FileZilla), write it as /bin/autohome.sh:

#!/bin/sh
export HOME=/var/root
export AUTOSSH_GATETIME=0
autossh -M 20000 -f -2 -N -C -R *:50022:localhost:22 -R *:5901:localhost:5900 USERNAME@HOME

Set the permissions to 755 (chmod 755 /bin/autohome.sh, that’s read/write/execute as root, read/execute for others).

Easy enough. Set your USERNAME and HOME address to your public home SSH server. The only gotcha is the gatetime setting, it must be set to 0 to allow the connection to start at boot time: it will very likely fail a few times until the iPhone finds a data connection (3G or Wifi), but you want autossh to retry until it connects, which is not the default behaviour. Make sure that the file has the Linux end of lines.

The boot script, write it as /System/Library/LaunchDaemons/com.autohome.startup.plist:

<?xml version=”1.0″ encoding=”UTF-8″?>
<!DOCTYPE plist PUBLIC “-//Apple Computer//DTD PLIST 1.0//EN” “http://www.apple.com/DTDs/PropertyList-1.0.dtd”&gt;
<plist version=”1.0″>
<dict>
<key>Label</key>
<string>com.autohome.startup</string>
<key>Program</key>
<string>/bin/autohome.sh</string>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>

Set the permissions to 644 (read/write as root, read only for others).

Now you need to be able to login to your home server from the phone without typing your password. You also don’t want to compromise the security of your home machine, if it can be avoided. For that, you can add a new user specifically for the phone (for instance ‘mobilemoi’), set its login shell to /bin/false (using the chsh command) and remove its password from the /etc/passwd file. Give this user access to nothing. Don’t forget to use this user in the tunnel script.

Login onto the iPhone via SSH as root (using putty.exe for example), run ssh-keygen using the default settings. We’ll need the public key that was just created, so cat ~/.ssh/id_rsa.pub and copy the string in the clipboard.

Login onto the home server as root, go in the ‘mobilemoi’ directory, create a .ssh directory, in there create a file called authorized_keys and paste the public key in there. From the mobilemoi directory, run chown -R mobilemoi.mobilemoi .ssh to set the right permissions.

Test it. On the phone, as root, run autohome.sh. On the home server, run netstat -a. After a short while, you should see the phone’s connections, lines like these:

tcp        0      0 Unknown-xxxx:ssh        xxxx:62595              ESTABLISHED
tcp6       0      0 [::]:20000              [::]:*                  LISTEN
tcp6       0      0 [::]:50022              [::]:*                  LISTEN
tcp6       0      0 [::]:5901               [::]:*                  LISTEN

If the connections look like “localhost:5901” instead of “*:5901” or “[::]:5901” then that’s a problem in the sshd config file. Edit /etc/ssh/sshd_config and add “GatewayPorts yes”. Restart the ssh server.

Now to connect to the iPhone and control it from any PC, install VNC, start the viewer, connect to the VNC server using your home SSH server address (likely on the internal IP) on port 1.

For example:

VNC Viewer settings

VNC Viewer settings

You can also use an SSH client to connect to the iPhone via the tunnel. Point the client to your home server (again the internal IP), on port 50022.

Right. Reboot your iPhone, make sure that the tunnels are created. You’re done.

Now every time you boot your iPhone, a tunnel is created to your home server. This gives you the IP of the phone (via the server logs), SSH access to the phone and VNC control of the phone. The possibilities are limitless!

WARNING:

As of the time of writing, I have not fully verified the drain on the battery that results from the permanent connection. I believe that it should be minimal, but it has yet to be observed. I will update the post with more information when I know for sure one way or the other. The connection parameters may need to be tweaked to minimise the impact on the battery life.

EDIT: After some experimentation, it appears that there is a toll on the battery life after all. I will continue to investigate.

Ideally the connection would start on demand. It would be nice to send a push message to the phone that would trigger the start of autossh. This would essentially be free (or no more costly than push notifications are) and offer the same functionality.

Thanks to Saurik for the most of the software needed for this feature.

Posted in Blogroll, iPhone, Remote Desktop, Tips | 28 Comments »

Tip: Updated: Use a higher resolution desktop than your monitor can support

Posted by llemarie on March 8, 2008

With the Asus Eee PC being so popular, there’s a lot of people looking to improve the real estate of their small computers. Here’s an update to my previous post to get fullscreen higher resolution on your monitor, be it small or big.

To make it clear: even though this technique uses Remote Desktop, it connects to the local machine only, there are no remote computers involved, no internet connections required.

There were a number of drawbacks with the technique described previously. The most annoying problems were:

  • the Remote Desktop window was not fullscreen, you could see the titlebar constantly,
  • the need for a port forwarder.

Enterprising users found solutions to both problems, so I think it’s time for an update!

1. How to allow multiple users to connect at once on Windows XP.

Get the Terminal Patch and install it. It’s really easy, just run the installer, there’s nothing to it. You need to reboot.

You can now login into your machine using multiple accounts at once, locally and using Remote Desktop.

2. Create a new user account and enable Fast User Switching

Add a new user whose sole purpose will be to Remote Desktop to localhost. Log-in as the new user for the remaining steps. No need to set the theme or anything.

To add a new user, open the Control Panel, open User Accounts, click “Create a new account”. Then enable Fast User Switching by clicking “Change the way users log on or off”.

3. Create a saved RDP session with scaled settings

Follow the instructions from here to create a .rdp file and add “smart sizing” to it.

Set the server to “127.0.0.2”. Note that normally the local computer is 127.0.0.1 but Remote Desktop will not let you connect to that address. Connecting to 127.0.0.2 works however, which is strange but convenient!

Set the username as your normal username, not the new one.

4. Make it fullscreen

Update: Paul in the comments mentioned that the CTRL-ALT-PAUSE/BREAK key combination makes the remote desktop window fullscreen. It works great! No need for additional software.

Download one of those applications (Desktop Enhancers) that make any window fullscreen. I use the shareware FullScreen 2.5, but if you find a good one as freeware please do post it in the comments. I might write one at some point if there’s a demand for it.


That’s it! When you want high-res, simply log-in with your new account, start the connection by double-clicking on the .rdp : you’re connected as your usual user, ctrl-right click on the title bar to go fullscreen and voila.

Posted in Blogroll, Remote Desktop, Tips | Tagged: , , | 5 Comments »

Tip: Use a higher resolution desktop than your monitor can support

Posted by llemarie on November 3, 2007

Note: This post has been superceded. Please see this update for a better way to do this. 

As a follow up from my previous post about scaling the screen for a remote session, here’s a new hack that allows you to scale the screen of your local session! Using this trick you can set the desktop to a resolution that is not supported by your monitor and it will be scaled down nicely to fit. There is of course a performance hit, but depending on your usage this could be very useful. For example I am writing this post in a comfortable Firefox window in 1600×1200 on a monitor that supports only 1280×1024.

There have been a number of hurdles to overcome: I needed to connect Remote Desktop to the machine I was currently using, and Windows does not make it easy for the user to do that. Windows XP does not allow multiple interactive users to log on at the same time normally, and Remote Desktop refuses to connect to localhost on port 3389. Now this simple tutorial will take you past those problems in no time.

Here’s how you do it:

1. How to allow multiple users to connect at once on Windows XP.

Get the Terminal Patch and install it. It’s really easy, just run the installer, there’s nothing to it. You need to reboot.

You can now login into your machine using multiple accounts at once, locally and using Remote Desktop.

2. Create a new user account and enable Fast User Switching

Add a new user whose sole purpose will be to Remote Desktop to localhost. Log-in as the new user for the remaining steps. No need to set the theme or anything.

To add a new user, open the Control Panel, open User Accounts, click “Create a new account”. Then enable Fast User Switching by clicking “Change the way users log on or off”.

3. Trick Remote Desktop into letting you connect to localhost

By default Remote Desktop will not let you connect to the local computer (even using another account) saying that you are already using it. That’s dumb because you can use Remote Desktop from another machine to connect to your computer fine.

Download a port forwarder and create a shortcut for it. Open the shortcut properties and change it like this:

From:

"C:\Documents and Settings\Lionel\Desktop\portforward.exe"

To:

"C:\Documents and Settings\Lionel\Desktop\portforward.exe" 5000 127.0.0.1 3389

Run it, this redirects all connections to port 5000 to port 3389 which is used normally by Remote Desktop. Now when you connect, use 5000 instead of the default port and you will get connected fine.

4. Create a saved RDP session with scaled settings

Follow the instructions from the previous post to create a .rdp file and add “smart sizing” to it.

Set the server to “localhost:5000” as we setup in the previous step.

Set the username as your normal username, not the new one.


That’s it! When you want high-res, simply log-in with your new account, start the port forwarder with the shortcut, start the connection by double-clicking on the .rdp and you’re connected as your usual user.

Posted in Blogroll, Remote Desktop, Tips | Tagged: , | 1 Comment »

Tip: Scaling your Remote Desktop session

Posted by llemarie on November 1, 2007

No matter whether you’re a Windows lover or hater, there’s no denying that Remote Desktop is one of the greatest features of the system. It beats VNC and many other remote control solutions by far for its sheer speed and picture quality (although of course VNC is genius for the fact that it works on Linux and Mac).

One gripe I have had with Remote Destop for years though is that I want to be able to connect to my desktop machine at its native high resolution from my laptop which has a lower resolution. Scaling isn’t that hard! Don’t give me those scrollbars, they are just useless. Both TightVNC and MaxiVista (and many others) support scaling the remote screen and it looks very good, so it’s been frustrating not to have the feature in RDP.

This morning I found that RDP does indeed support nice and efficient scaling, just not from the GUI settings. Here’s how:

  • Configure your remote connection from the GUI as usual.
  • In “Local Resources, make sure that “Apply Windows key combinations” is set to “On the remote computer”.
  • Save the connections settings to a file in a sensible directory. Call it for example “Remote.rdp”.
  • Open Notepad and edit that file “Remote.rdp”, it’s just a text file that looks like this (short version):
screen mode id:i:1
desktopwidth:i:1280
desktopheight:i:800
session bpp:i:16
winposstr:s:0,3,0,0,800,600
compression:i:1
keyboardhook:i:1
  • Add a new line with this text: “smart sizing:i:1”
  • Change the desktop width and height to what you want (for example 1600 and 960 to keep the aspect ratio).
  • You’re done! Save and quit Notepad. Double click on Remote.rdp, you’re connected at high resolution!

Using this extremely simple tip (hacking with notepad! where have the hex editor days gone ?) you can crank up your resolution to 4096×2048, if you don’t mind not being able not to read anything. I find that a factor of roughly 1.25 is sensible.

Posted in Blogroll, Remote Desktop, Tips | Tagged: , , | 29 Comments »