|
Related Reading 
Learning Unix for Mac OS X Panther |
Authors' note: A network lets computers communicate with each other, sharing files, email, and much more. Unix systems have been networked for more than 25 years, and Macintosh systems have always had networking as an integral part of the system design from the very first system released in 1984.
This chapter introduces Unix networking: remotely accessing your Mac from other computers and copying files between computers. It also shows you how the Connect to Server capability of Terminal can make common connections a breeze once you've set them up the first time.
There may be times when you need to access your Mac, but you can't get to the desk it's sitting on. If you're working on a different computer, you may not have the time or inclination to stop what you're doing, walk over to your Mac, and log in (laziness may not be the only reason for this: perhaps someone else is using your Mac when you need to get on it or perhaps your Mac is miles away). Mac OS X's file sharing (System Preferences → Sharing) can let you access your files, but there may be times you want to use the computer interactively, perhaps to move files around, search for a particular file, or perform a system maintenance task.
If you enable Remote Login under System Preferences -> Sharing, you can access your Mac's Unix shell from any networked computer that can run SSH (http://www.ssh.com/), OpenSSH (http://www.openssh.org/), or a compatible application such as PuTTY (a Windows implementation of SSH available at http://www.chiark.greenend.org.uk/~sgtatham/putty/). SSH and OpenSSH can be installed on many Unix systems, and OpenSSH is included with many Linux distributions, including Mac OS X.
Figure
8-1 shows how remote login programs such as ssh work. In a
local login, you interact directly with the shell program running on your local
system. In a remote login, you run a remote-access program on your local system;
that program lets you interact with a shell program on the remote system.
Figure 8-1. Local login, remote login
When you enable Remote Login, the Sharing panel will display instructions for logging into your Mac from another computer. This message is shown in Figure 8-2.
Figure 8-2. Instructions for remote access to your Mac
To log into your Mac from a remote Unix system, use the command displayed in the Sharing panel, as shown in the following sample session where a user on a Red Hat Linux system is connecting to a Mac OS X computer (the first time you connect, you'll be asked to vouch for your Mac's authenticity):
Red Hat: taylor $ ssh taylor@192.168.1.100
The authenticity of host '192.168.1.100 (192.168.1.100)' can't be established.
RSA key fingerprint is 86:f6:96:f9:22:50:ea:4c:02:0c:58:a7:e4:a8:10:67.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.100' (RSA) to the list of known hosts.
taylor@192.168.1.100's password:
Last login: Thu Sep 25 10:27:58 2003
Welcome to Darwin!
~ 452 $To log in to your Mac from a Windows machine using PuTTY, launch the PuTTY application, specify SSH (the default is to use the Telnet protocol described later), and type in your Mac OS X system's IP address as shown in the Mac's Sharing panel. PuTTY will prompt you for your Mac OS X username and password. Figure 8-3 shows a sample PuTTY session.
Figure 8-3. Connecting to Mac OS X with PuTTY
You can also use the Sharing preferences panel to enable your system's web and FTP server. Start Personal Web Sharing to enable the web server. Other users can access the main home page (located in /Library/WebServer/Documents) using http://address, where address is your machine's IP address or hostname (see the sidebar "Remote Access and the Outside World" if you are using an Airport Base Station or other router between your network and the Internet).
Start FTP Access to enable remote users to use FTP to connect to your system. Again, remote users should use your machine's IP address or hostname to connect.
You can also connect to other systems from Mac OS X. To do
so, launch the Terminal application. Then start a program that connects to the
remote computer. In addition to ssh, some typical programs for
connecting over a computer network are telnet, rsh (remote shell), or
rlogin (remote login). All of these are supported and included with
Mac OS X. In any case, when you log off the remote computer, the remote login
program quits and you get another shell prompt from your Mac.
The syntax for most remote login programs is:
program-name remote-hostnameFor example, when Dr. Nelson wants to connect to the remote computer named
biolab.medu.edu, she'd first make a local login to her Mac named
fuzzy by launching Terminal. Next, she'd use the telnet
program to reach the remote computer. Her session would look something like
this:
Welcome to Darwin!
~ 452 $ telnet biolab.medu.edu
Medical University Biology Laboratory
biolab.medu.edu login: jdnelson
Password:
biolab$
.
.
.
biolab$ exit
Connection closed by foreign host.
~ 453 $Her accounts have shell prompts that include the hostname. This reminds her when she's logged in remotely. If you use more than one system but don't have the hostname in your prompt, see Section 1.3.1 in Chapter 1 or Section 10.1 in Chapter 10 to find out how to add it.
WARNING: Actually, Dr. Nelson would be unwise to use
telnetto connect to the remote system, becausesshis a much more secure alternative and is highly preferred. However, some remote sites still stick withtelnet, and while it's important to encourage them to switch tossh-only access, you will still sometimes find yourself usingtelnet, as shown here.
Also, when you're logged on to a remote system, keep in mind that the
commands you type will take effect on the remote system, not your local one! For
instance, if you use lpr to print a file, the printer it comes out
of may be very far away.
The programs rsh (also called
rlogin) and ssh generally don't give you a
login: prompt. These programs assume that your remote username is
the same as your local username. If they're different, give your remote username
on the command line of the remote login program, as shown in the next
example.
You may be able to log in without typing your remote password or passphrase.[1] Otherwise, you'll be prompted after entering the command line.
Following are four sample ssh and rsh command
lines. The first pair shows how to log in to the remote system,
biolab.medu.edu, when your username is the same on both the local and
remote systems. The second pair shows how to log in if your remote username is
different (in this case, jdnelson); note that the Mac OS X versions of
ssh and rsh may support both syntaxes shown depending
on how the remote host is configured:
$ ssh biolab.medu.edu
$ rsh biolab.medu.edu
$ ssh jdnelson@biolab.medu.edu
$ rsh -l jdnelson biolab.medu.edu
About Security
Today's Internet and other public networks have users who try to break into computers and snoop on other network users. While the popular media calls these people hackers, most hackers are self-respecting programmers who enjoy pushing the envelope of technology. The evildoers are better known as crackers. Most remote login programs (and file transfer programs, which we cover later in this chapter) were designed 20 years ago or more, when networks were friendly places with cooperative users. Those programs (many versions of
telnetandrsh, for instance) make a cracker's job easy. They transmit your data, including your password, across the network in a way that allows even the most inexperienced crackers to read it. Worse, some of these utilities can be configured to allow access without passwords.SSH is different; it was designed with security in mind. It sends your password (and everything else transmitted or received during your SSH session) in a secure way. A good place to get more details on SSH is the book SSH: The Secure Shell, by Daniel J. Barrett and Richard Silverman (O'Reilly).
|
You may need to copy files between
computers. For instance, you can put a backup copy of an important file you're
editing onto an account at a computer in another building or another city. Or,
Dr. Nelson could put a copy of a data file from her local computer onto a
central computer, where her colleagues can access it. Or you might want to
download 20 files from an FTP server, but not want to go through the tedious
process of clicking on them one by one in a web browser window. If you need to
do this sort of thing often, you may be able to set up a networked filesystem
connection; then you'll be able to use the Finder or local programs such as
cp and mv. But Unix systems also have command-line
tools for transferring files between computers. These often work more quickly
than graphical tools. We explore them later in this section.
Mac OS X includes both
scp (secure copy) and rcp (remote copy) programs for
copying files between two computers. In general, you must have accounts on both
computers to use these. The syntax of scp and rcp are
similar to cp, but also let you add the remote hostname to the
start of a file or directory pathname. The syntax of each argument is:
hostname:pathnamehostname: is needed only for remote files. You can copy from a remote computer to the local computer, from the local computer to a remote computer, or between two remote computers.
The scp program is much more secure than rcp, so we
suggest using scp to transfer private files over insecure networks
such as the Internet. For privacy, scp encrypts the file and your
passphrase.
For example, let's copy the files report.may and
report.june from your home directory on the computer named
giraffe.intuitive.com and put the copies into your working directory
(.) on the machine you're presently logged in to. If you haven't set up the SSH
agent that lets you use scp without typing your passphrase,
scp will ask you:
$ scp giraffe.intuitive.com:report.may giraffe.intuitive.com:report.june .
Enter passphrase for RSA key 'taylor@mac':To use wildcards in the remote filenames, put quotation marks ("name") around each remote name.[2] You can use absolute or relative pathnames; if you use relative pathnames, they start from your home directory on the remote system. For example, to copy all files from your food/lunch subdirectory on your giraffe account into your working directory (.) on the local account, enter:
$ scp "giraffe.intuitive.com:food/lunch/*" .Unlike cp, the Mac OS X versions of scp and
rcp don't have an -i safety option. If the files
you're copying already exist on the destination system (in the previous example,
that's your local machine), those files are overwritten.
If your system has rcp, your system administrator may not want
you to use it for system security reasons. Another program, ftp, is
more flexible and secure than rcp (but much less secure than
scp).
FTP, or file transfer protocol, is a standard way to transfer files between two computers. Many users of earlier Mac OS versions are familiar with Fetch (http://fetchsoftworks.com/), a shareware graphical FTP client that runs on Mac OS X as well as earlier versions.
The Unix ftp program does FTP transfers from the command line.
There are also a number of easy-to-use graphical FTP tools available from the
Apple web site (go to "Get Mac OS X Software . . . " from the Apple menu and
click on Internet Utilities). But we cover the standard ftp program
here. The computers on either end of the FTP connection must be connected by a
network (such as the Internet).
To start FTP, identify yourself to the remote computer by giving the username and password for your account on that remote system. Unfortunately, sending your username and password over a public network means that snoopers might see them—and use them to log into your account on that system.
A special kind of FTP, anonymous FTP, happens if you log into the remote server with the username anonymous. The password is your email address, such as alex@foo.co.uk. (The password isn't usually required; it's a courtesy to the remote server.) Anonymous FTP lets anyone log into a remote system and download publicly accessible files to their local systems. Here's how that might look:
$ ftp ftp.apple.com
Trying 17.254.16.11...
Connected to ftp.apple.com.
220 ProFTPD 1.2.8 Server (Apple Anonymous FTP Server) [ftp02.apple.com]
Name (ftp.apple.com:taylor): ftp
331 Anonymous login ok, send your complete email address as your password.
Password:
230 Anonymous access granted, restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
500 EPSV not understood
227 Entering Passive Mode (17,254,16,11,223,250).
150 Opening ASCII mode data connection for file list
drwxrwxrwx 3 ftpprod ftpprod 102 May 7 19:11 Apple_Support_Area
drwxrwxr-x 20 ftpprod ftpprod 680 Aug 28 22:07 developer
drwxrwxr-x 30 ftpprod ftpprod 1020 Sep 15 13:44 emagic
drwxrwxr-x 10 ftpprod ftpprod 340 Sep 3 16:23 filemaker
drwxrwxrwx 10 ftpprod ftpprod 340 Apr 7 16:50 research
226 Transfer complete.
ftp> quit
221 Goodbye.
$To start the standard Unix ftp program, provide
the remote computer's hostname:
ftp hostnameftp prompts for your username and password on the remote
computer. This is something like a remote login (see Section
8.1, earlier in this chapter), but ftp doesn't start your usual
shell. Instead, ftp prints its own prompt and uses a special set of
commands for transferring files. Table
8-1 lists the most important ftp commands.
|
Command |
Description |
|---|---|
|
|
Copies the file filename from your local computer to the remote computer. If you give a second argument, the remote copy will have that name. |
|
|
Copies the named files (you can use wildcards) from the local computer to the remote computer. |
|
|
Copies the file filename from the remote computer to your local computer. If you give a second argument, the local copy will have that name. |
|
|
Copies the named files (you can use wildcards) from the remote computer to the local computer. |
|
|
A "toggle" command that turns prompting on or off during transfers with
the |
|
|
Displays progress marks on file uploads and downloads so you can gauge progress. Particularly helpful with large transfers. |
|
|
Changes the working directory on the remote machine to pathname ( |
|
|
Changes |
|
|
Lists the remote directory (like |
|
|
Tells |
|
|
Transfers plain-text files, translating data if needed. For instance,
during transfers between a Microsoft Windows system (which adds Control-M
to the end of each line of text) and a Unix system (which doesn't), an
|
|
Toggles the setting of passive mode. This may help ftp to run correctly
if you are behind a firewall. If you put the command |
|
|
Ends the |
Here's an example. Carol moves into the local directory she wants to use as a
starting point (a good idea whether you're uploading or downloading), then uses
ftp to copy the file todo from her work
subdirectory on her account on the remote computer rhino:
$ cd uploads
$ ls
afile ch2 somefile
$ ftp rhino.zoo.edu
Connected to rhino.zoo.edu.
Name (rhino:carol): csmith
Password:
ftp> cd work
ftp> dir
total 3
-rw-r--r-- 1 csmith mgmt 47 Feb 5 2001 for.ed
-rw-r--r-- 1 csmith mgmt 264 Oct 11 12:18 message
-rw-r--r-- 1 csmith mgmt 724 Nov 20 14:53 todo
ftp> get todo
local: todo remote: todo
227 Entering Passive Mode (17,254,16,11,224,18).
150 Opening BINARY mode data connection for todo (724 bytes)
226 Transfer complete.
724 bytes received in 00:00 (94.06 KB/s)
ftp> quit
$ ls
afile ch2 somefile todoWe've explored the most basic ftp commands here. Entering help at an ftp> prompt gives a list
of all commands; entering help followed by an ftp
command name gives a one-line summary of that command.
|
If you can only use ssh to connect to a remote
site, chances are it won't support regular FTP transactions either, probably due
to higher security. Mac OS X also includes a version of ftp that is
compatible with the standard SSH server programs and works identically to
regular FTP. Just type sftp at the command line. Here's an
example:
$ cd downloads
$ sftp taylor@intuitive.com
Connecting to intuitive.com...
The authenticity of host 'intuitive.com (128.121.96.234)' can't be
established.
RSA key fingerprint is d0:db:8a:cb:74:c8:37:e4:9e:71:fc:7a:eb:d6:40:81.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'intuitive.com,128.121.96.234' (RSA) to the list
of known hosts.
taylor@intuitive.com's password:
sftp> cd mybin
sftp> dir -l
drwxr-xr-x 0 24810 100 1024 Jun 26 20:18 .
drwxr-xr-x 0 24810 100 1536 Sep 16 18:59 ..
-rw-r--r-- 0 24810 100 140 Jan 17 2003 .library.account.
info
-rwxr-xr-x 0 24810 100 3312 Jan 27 2003 addvirtual
...
-rw-r--r-- 0 24810 100 406 Jan 24 2003 trimmailbox.sh
-rwxr-xr-x 0 24810 100 1841 Jan 24 2003 unpacker
-rwxr-xr-x 0 24810 100 946 Jan 22 2003
webspell
sftp> get webspell
webspell 100% 946 4.7KB/s 00:00
sftp> quit
$ ls -l webspell
-rwxr-xr-x 1 taylor taylor 946 25 Sep 11:28 webspellIf you need a file from a remote site, and
you don't need all the control that you get with the ftp program,
you can use a web browser to download files using anonymous FTP. To do that,
make a URL (location) with this syntax:
ftp://hostname/pathnameFor instance, ftp://somecorp.za/pub/reports/2001.pdf specifies the file 2001.pdf from the directory /pub/reports on the host somecorp.za. In most cases, you can also start with just the first part of the URL—such as ftp://somecorp.za—and browse your way through the FTP directory tree to find what you want. If your web browser doesn't prompt you to save a file, use its Save menu command.
NOTE: If you are using the Safari browser, it will open ftp: directories by mounting them in the Finder.
An even faster way to download a file is with the
curl (copy from URL) command. For example, to save a copy of the
report in the current directory, simply enter:
$ curl -O ftp://somecorp.za/pub/reports/2001.pdfWithout the -O option, curl will display the file
in the Terminal window. If you want to read a text file from an Internet server,
you can combine curl and less:
$ curl ftp://ftp.oreilly.com/pub/README.ftp | lessYou can also use curl with web pages, but this will bring the
page up in HTML source view:
$ curl http://www.oreilly.com | lessOne of the pleasures of working with Unix within the Mac OS X environment is that there are a wealth of great Aqua applications. In the world of FTP-based file transfer, the choices are all uniformly excellent, starting with Fetch, NetFinder, Transmit, FTPeel, rbrowser, and Anarchie, and encompassing many other possibilities. Either open the Apple menu and select "Get Mac OS X Software . . . ", or try VersionTracker (see http://www.versiontracker.com/), Mac OS X Apps (see http://www.macosxapps.com/), MacUpdate (see http://macupdate.com/), or the shareware archive site Download.com (see http://www.download.com/).
The Terminal application has a
very helpful feature that can make connecting to remote systems via
telnet, ssh, ftp, or sftp a
breeze, once it's set up. Connect To Server is available off the File menu and
is shown in Figure
8-4.
Figure 8-4. Connect to Server offers simple shortcuts
To add a service, click on the + icon on the left side of the window. More commonly, you'll add servers, which you can do by clicking on the + icon on the right side of the window. It produces a window that asks for the hostname or host IP address, which is easily entered, as shown in Figure 8-5.
Figure 8-5. Adding a New Server to Connect to Server
Once added in one area, the new server is available for all services, so to
connect to Apple's anonymous FTP archive site, choose ftp, then the
new server name, and then enter ftp into the User box, as
shown in Figure
8-6.
Figure 8-6. Specifying user ftp on ftp connections to
ftp.apple.com
Finally, the connection to Apple's server is a breeze: specify the server, specify the user, and click on Connect. The results are shown in Figure 8-7.
Figure 8-7. Instant connection to Apple's ftp server
You can practice your ftp skills by connecting to the public FTP
archive ftp.apple.com. Log in as ftp with your email address
as the password, then look around. Try downloading a research paper or document.
If you have an account on a remote system, try using rcp and
scp to copy files back and forth.
[1] In
ssh, you can run an agent program, such asssh-agent, that asks for your passphrase once, then handles authentication every time you runsshorscpafterward.[2] Quotes tell the local shell not to interpret special characters, such as wildcards, in the filename. The wildcards are passed, unquoted, to the remote shell, which interprets them there.
Dave Taylor is a popular writer, teacher and speaker of business and technology issues. The founder of The Internet Mall and iTrack.com, he's been involved with UNIX and the Internet since 1980. He's also been a Mac fan since the year it was released.
Brian Jepson is an O'Reilly editor, programmer, and co-author of Mac OS X Panther for Unix Geeks and Learning Unix for Mac OS X Panther. He's also a volunteer system administrator and all-around geek for AS220, a non-profit arts center in Providence, Rhode Island. AS220 gives Rhode Island artists uncensored and unjuried forums for their work. These forums include galleries, performance space, and publications. Brian sees to it that technology, especially free software, supports that mission. You can follow Brian's blog here.
Return to Mac DevCenter
Copyright © 2009 O'Reilly Media, Inc.