Luminoir

Tools for the remote editor

There are times you wish you could teleport to your office to make that small change and render the sequence, burn the dvd, or export to the ftp.
Or, you might have set the project to render and headed out for dinner hoping to return to see it done, only to realize the NLE crashed 2 minutes in, leaving you with another 2 hour wait before you can do what you wanted to do.

These days there are many tools which might be able to help you do those steps automatically upon completion but what if the program crashes, or someone shuts down your machine, and those steps do not complete?

Sometimes, you just need to be able to see that it went through alright so you can have a restful night of sleep knowing that the work is done, rather than anticipating a disaster waiting for you in the morning.

Essentially, there are times you need to do something at your edit station, but it’s such a minor step that the amount of time you would take to go back to the office just to do it seems like a huge waste of time.
This will help you do that so you can be more productive and not waste time waiting around watching a render bar or waiting for a long file transfer.

Either way, there are 2 very important acronyms you need to know about to make your life that much easier.

VPN (Virtual Private Network)

A Virtual Private Network is a computer network which adds an additional software layer over an existing network for the purposes of establishing a secure connection for communication across an insecure network.
In this case, the insecure network is the internet, and the Virtual Private Network we will be trying to establish between the VPN Host (The computer being controlled) and the VPN Client (The computer you will be using to control the VPN remote host).

By using a VPN, we will not only be able to connect to the office network securely as if we are physically there, but with the use of VNC, control the VNC Server with the keyboard and mouse on the VPN Client.

For the purposes of this article, we are using Hamachi, a zero-configuration VPN. It was originally open source before it was bought by LogMeIn. Since then, development for the Mac OSX, and linux versions have stopped.
There is an unofficial frontend for the Mac, which is HamachiX. I will demonstrate how you can use this, but also show you the command line interface as the frontend is buggy and sometimes crashes.

VNC (Virtual Network Computing)

Virtual Network Computing allows you to control the mouse and keyboard of a remote computer using your own keyboard and mouse, as if you were sitting at that machine.
This can be very useful within the large offices to allow you to control the machine in the server room or for the technical department to troubleshoot problems without physically having to be at the machine.

What a remote machine looks like in Mac OSX Leopard’s Screen Sharing app.

Why must we use VPN and VNC?

What we are trying to do is to extend the VNC functionality to computers which are not on the same network in the physical confines of the office.
A VPN is one of the means available to establish this connection, which allows computers which are not physically connected to the office network, to connect to the VNC Host as if they are, requiring only normal internet connectivity.

Configure your VNC server

This needs to be done on the machine which you want to control remotely.

Leopard/Snow Leopard has a VNC server built in.

Open System Preferences > Sharing.

Click Remote Management, then Computer Settings…

Select as shown.

Go back to the Remote Management page and Allow access for: Only these users

Add the users you want to give remote access privileges to with the + icon.

If you’re on Tiger, use Vine Server. It works in a similar fashion.

First, install Vine Server.
Then open the application.

Enter your desired password. You can leave the other values at their default.

When you start your server, this status screen will show you the IP Addresses and the port through which you can connect to the server.

If you want to ensure that you will be able to connect to your server, you should not allow the machine to sleep.

Allow multiple VNC connections so failed sessions do not tie up your machine from being controlled.

Click the System Server button to make Vine Server automatically start at boot.

This is the configuration menu for the System Server. Requiring SSH is a more secure option of controlling your server.

The Server is configured! Now how do I control it?

If you’re on Leopard/Snow Leopard, you have /System/Library/CoreServices/Screen Sharing.app.

If bonjour is functioning properly, you should also be able to see the server on the finder window and click Share Screen.

If not, just launch Screen Sharing and enter the Hamachi IP of the computer you want to control. Remember that it must have Sharing and Remote Management set up before you can control it.

If you’re on Tiger, use Chicken of the VNC.

It works as well, but Screening Sharing has a more efficient way of compressing the data stream and is much more responsive.

Be a Control Freak

Now you should be able to control your server within your own network by accessing its internal IP.

You can check this by opening /Applications/Utilities/System Profiler.app on your VNC Server.

Go to the network page and look at the column named IPv4 Addresses.

You should test if the VNC server works within your own network before trying to setup your VPN for external connections to the server.

Externalize your Control Urges

Firstly, it is much simpler to connect to your office network if you are using a static IP Address.
This means that your IP will never change and you can simply type this address into Screen Sharing.app from anywhere and it will connect to the server.

Static IP addresses normally cost more, most people are on dynamically assigned IP Addresses, which the Internet Service Providers rotate regularly, so you do not always have the same IP Address.

How do I check my IP?

You can find the external IP assigned to you by your ISP by using this online IP detection tool.
Use the java applet to find your real IP address, the initial result may give you your ISP’s proxy server address instead.

Loopware also provides a useful tool which resides in your Server’s Menubar.

This shows you all the IPs your computer is assigned, including the hamachi IP which you will need to know to remotely access your server via the hamachi VPN.

How do I know if my IP is dynamically assigned?

The most definitive way is to ask your ISP. The more cumbersome way would be to first take note of your current external IP, reset your ADSL/Cable modem and reconnect it a few minutes later.
Check your external IP again to see if it is different. If it is, you are probably on a dynamically assigned IP.

However, do not take it for granted that you are on a static IP, checking with your ISP is the more accurate way of ascertaining that.

My IP is dynamically assigned, so how do I connect to my server if the IP keeps changing?

There are a number of VPN solutions on the market. I use hamachi because it runs on Mac OSX, windows and linux, and is free.
I cannot vouch for the effectiveness of other solutions.

The role that hamachi provides is Network Address Traversal, which allows it to tunnel through routers and firewalls, as well as its mediation server, which determines the respective IPs of the server and client.

To install hamachi on the Mac, download HamachiX.

It is not the official release, but it comes with a graphical frontend that makes it more user friendly for non commandline users.

I use the commandline with hamachi but HamachiX makes installing the tap/tun drivers easier, so this is my recommendation for users who are not comfortable with the command line interface.

HamachiX installation instructions

After installing HamachiX, open the application.

You will not be able to connect to any networks yet because the system components which operate behind Hamachix’s graphical interface have not been installed yet.

To install those, click Help > System Support > Install system components.

Then, click Help > System Support > Reset hamachi background process

Quit HamachiX and start the application again.

Configure Hamachi Network

If you have a windows machine available, use this machine to create your hamachi networks.
The windows version of hamachi has more features and allows you to manage your networks and the members of those networks through a web interface.
Update: Hamachi version 2 has been inconsistent with its ability to connect to linux and mac clients. Use the old version of hamachi instead.

This is the hamachi windows interface, very similar to an IM client. The clients are categorized by their network names.

To join or create networks, use the Network drop down menu.

This is the interface through which you create your network. Do not forget your password. There is no password recovery tool. Managed networks are a new feature in Hamachi V2 which allow for web-based administration. Your mileage might vary on their interoperability with Mac and linux clients.

Network names are case-sensitive, so bear that in mind when you create and distribute the details.

This is the context menu available when you right click on a user’s name.

The mac and linux versions of hamachi are v 0.9xx and are unable to re-assign network ownership to other users.
This becomes problematic if the computer which created the network is damaged/reinstalled/formatted/sold/stolen.

What would happen is that you would have a network where people can join (if they know the password), but you would be unable to evict or ban users as you would not have ownership of the network.
This can be a security risk if you give your password out freely to part-timers, freelancers or vengeful ex employees.

This is the reason I recommend you create your networks on a windows machine. I have a VMware Fusion Virtual machine exclusively for this purpose.

Instructions for setting up your networks using HamachiX (if you do not have a windows machine)

To set up your user account on the hamachi network, first login to the Hamachi network.

Then, open your preferences and set up your Nickname.

Click the Add icon to add a new network.

After this, create a unique Network Name. This is case-sensitive so remember to take note of that when distributing the details to users.

I recommend you setup one network for employee access only, and another for clients.
You might also want another for external vendors or tech support, or another for directors of the company depending on how many tiers of security you have.

My recommendation is to keep it simple and have as many as you need but no more than that.
Administration becomes increasingly complex once you add too many layers of complexity and hierarchy that are unnecessary.

The reason you might want to configure hamachi networks for external parties like clients and vendors is that if you configure your client’s computers, you can remotely access their computer with their permission to show them how to fix a problem like installing codecs or upgrading their version of quicktime if they don’t know how to do it themselves.

A separate network for your tech support allows them to remotely help you troubleshoot your systems or make qualitative assessments before they decide if they need to be onsite & save yourself from incurring unnecessary transport charges.

Obviously, the reason these networks are separate is for security. Be judicious about the clients you connect on the same network.
If they are competitors, don’t put them together, otherwise you could well be facilitating industrial espionage.

Generally, I recommend adding only your absolutely most important clients, the ones that represent more than 40% of your business and whom you trust implicitly.
I don’t want to have to start Hamachi manually. Can I make this do it automatically when OS X boots?

To install the hamachi boot scripts, download this file.

This file is provided by faib who re-wrote this hamachi daemon installation tutorial by SilveRo. Feel free to make a donation to him if this script is useful to you, it certainly was for me!

Open Terminal.

Navigate to the directory where you downloaded the file.

To do this, type cd

Put a space at the end of the ‘cd’ and click and drag the folder the file is located in on the Finder into the Terminal window then hit enter.

From here you can enter the rest of these commands by copying and pasting them into the terminal.

sudo cp hamachi-boot-macosx.tar.gz /Library/StartupItems
cd /Library/StartupItems
sudo tar zxvf hamachi-boot-macosx.tar.gz
sudo chown -R root:wheel hamachi

This should result in a directory

Containing the files

The files you need to edit are

/Library/StartupItems/hamachi/hamachi_helper

/Library/StartupItems/hamachi/hamachi_networks.conf

It is best to copy the files you are editing to the desktop or another folder, as you will be unable to save the file if you edit it directly. This is because the /Library/StartupItems/ folder has permissions set which prevent you from modifying files directly. The workaround is to copy them to a folder you have permissions for, making the changes, then moving them into /Library/StartupItems/hamachi/.

So copy these files to your desktop, so you can make changes to them, then when you’ve made the changes and saved them, copy these files back into /Library/StartupItems/hamachi/, OS X will then prompt you for your password and allow you to overwrite the file. If you make any mistakes, just delete the folder /Library/StartupItems/hamachi/ and start over.

The changes to make

Open hamachi_helper with TextEdit, and edit the beginning of hamachi_helper, replacing “hamachi_account” with the User Account Hamachi was installed to.

You can check by clicking the Apple Icon on the top left of your menu bar and checking the User Account after the words Log Out.

If you installed Hamachi as root, I believe the script will work if you set HAMACHI_OWNER=root and HAMACHI_DIR=/var/root/.hamachi.

After hamachi_helper works, change hamachi_networks.conf to contain the names of the networks you would like to sign on to. One network name per line, as many lines as you want. As far as I know there is no hard limit.

This package is designed to be run by SystemStarter during the boot process. However, you can test it manually by entering commands in the Terminal:

sudo SystemStarter start hamachi
sudo SystemStarter restart hamachi
sudo SystemStarter stop hamachi

Test if this works by pinging the server’s hamachi IP, then restarting your server.

You can do this by opening Terminal and entering the following command. (All hamachi IP start with 5, replace xxx with the correct numbers)

ping 5.xxx.xxx.xxx.xxx

Can I control it from my iPhone?

Now you can!

Jaadu VNC app has been my favorite iPhone VNC app since it was released and v3.0 ups the ante by allowing you to connect to your server even if you are not connected to the same wireless network.

You need to install the Jaadu VNC connect software on your Server.

Allow Jaadu VNC Connect to run as a service so it will automatically start on boot.

Enter your google credentials on the Jaadu VNC Connect dialog.

This is what the drop down menu from the MenuBar should look like if you’ve connected successfully.

Jaadu VNC Connect uses google as a DNS updater to negotiate a connection between your iPhone and your server.

Whenever you are logged into your gmail on 2 different computers, you will see a notification on the bottom of the screen indicating other computers have this same account open, listing the IP Addresses of the other computers.
This is likely to be the API facilitating the connection.

Show me the money! How do you control it from the iPhone?

Install Jaadu VNC Version 3.

This is what the application looks like. This is the Manual Connection Tab. You can manually add IP Addresses or DNS names here.

The Discovered Tab shows servers automatically discovered by Bonjour.

This is the Internet Tab. All servers with Jaadu VNC Connect installed and logged in to the same google account are available here.

The tab will list all online servers logged in to the google account.

Screen is loading. Take note that I am on 3G, so the loading is significantly slower than on Wireless G.

These are the soft keyboards available on Jaadu VNC.

These are the connection settings.

Hamachi did not work for me! Is there another way?

You need to be setup your server to update your IP to a dynamic DNS server. This server resolves your dynamic IP to an address that you choose.

This allows the client to make a connection to your dynamically assigned IP. However, if you have a router, you need to configure it to forward the connection to the correct computer in the office.
This might involve configuring a custom port on your Server and setting your router to forward requests to that specific port to the Server.

This method allows you to connect to your server even if you have a dynamic IP, but is less secure than an end to end VPN connection, due to the open nature of the connection.

I will not go into detail about how to setup vnc using a dynamic dns service and router port forwarding.
If you do not know how to configure custom ports for your servers and forward ports in your router, you probably also do not understand the security implications of allowing vnc access over an unsecured WAN connection.

I hope this tutorial has released you from the shackles of the edit bay and you no longer need to spend wasted hours watching a render bar.