Luminoir

Tools for the remote editor - Use VPN and VNC to save time!

There are times you wish you could teleport to your office to make that small change and render the sequence/burn the dvd/export to the ftp.
Or, you might have set the project to render and headed out for dinner hoping to return to see it done, only to realize the NLE crashed 2 minutes in, leaving you with another 2 hour wait before you can do what you wanted to do.

Either way, there are 2 very important acronyms you need to know about to make your life that much easier.

VPN (Virtual Private Network)
VNC (Virtual Networked Computing)

Please read the links if you want a technical definition of the terms, what I will do here is a massive oversimplification of what they mean and how they make your life better.

Why do I need VPN?

First, if the computer you need to gain control of has a static IP, it is significantly easier for you to control it.

This is because the address you connect to will never change and you
can save profiles to connect to this IP, making it as simple as a
single click process to control your computer remotely.

However, static lines do come with a price premium, and a majority of users will
have their computers connected to a dynamically assigned IP.

If the computer you wish to access has a dynamically assigned IP, you need a VPN to gain access to it if you are not connected to the same physical network it is on.

How do I check my IP?

You can check your IP by opening /Applications/Utlilities/Terminal.app and entering the following command.

The output it returns will look something like this.

There are many other devices listed but I will narrow it down to the one that matters, the ethernet interface, denoted here as en0.

The part highlighted in orange is your IP. Generally, if your IP starts with 192.168.xxx.xxx, 172.xxx.xxx.xxx or 10.10.xxx.xxx, this is not your true IP assigned to you by your ISP, but one that your router has assigned to you.
These are private addresses reserved by IANA for use in private networks. Read here for more details.

You can find the external IP assigned to you by your ISP by using this online IP detection tool.

How do I know if my IP is dynamically assigned?

The most definitive way is to ask your ISP. The more cumbersome way would be to first take note of your current external IP, reset your ADSL/Cable modem and reconnect it a few minutes later.
Check your external IP again to see if it is different. If it is, you are probably on a dynamically assigned IP.

However, do not take it for granted that you are on a static IP, if your IP is still the same after resetting your modem, checking with your ISP is the more accurate way of ascertaining that.

My IP is dynamically assigned, so how do I connect to my server if the IP keeps changing?

There are a number of VPN solutions on the market. I use hamachi because it runs on Mac OSX, windows and linux, and is free.
I cannot vouch for the effectiveness of other solutions.

The role that hamachi provides is Network Address Traversal, which allows it to tunnel through routers and firewalls, as well as its mediation server, which determines the respective IPs of the server and client.

To install hamachi on the Mac, download HamachiX.

It is not the official release, but it comes with a graphical frontend that makes it more user friendly for non commandline users.

I use the commandline with hamachi but HamachiX makes installing the tap/tun drivers easier, so this is my recommendation.

HamachiX installation instructions

After installing HamachiX, open the application.

You will not be able to connect to any networks yet because the system components which operate behind Hamachix’s graphical interface have not been installed yet.

To install those, click Help > System Support > Install system components.

Then, click Help > System Support > Reset hamachi background process

Quit HamachiX and start the application again.

Configure Hamachi Network

Check the hamachi website for information on the maximum amount of networks and users it will support.

If you have a windows machine available, use this machine to create your hamachi networks.
The windows version of hamachi has more features and allows you to manage your networks and the members of those networks through a web interface.

The mac and linux versions of hamachi are v 0.9xx and are unable to re-assign network ownership to other users.
This becomes problematic if the computer which created the network is damaged/reinstalled/formatted/sold/stolen.

What would happen is that you would have a network where people can join (if they know the password), but you would be unable to evict or ban users as you would not have ownership of the network.
This can be a security risk if you give your password out freely to part-timers, freelancers or vengeful ex employees.

For more information on configuring hamachi networks using HamachiX, check this tutorial.

I recommend you setup one network for employee access only, and another for clients.

Another useful thing about VPN and VNC is that if you configure your client’s computers, you can remotely access their computer with their permission to show them how to fix a problem like installing codecs or upgrading their version of quicktime if they don’t know how to do it themselves.

You could also setup a separate network for your tech support to remotely help you troubleshoot your systems before they decide if they need to be onsite & save yourself from incurring unnecessary transport charges.

OK! The VPN is set up. I can see the server as if I’m in the office even if I’m at home or leeching Starbucks’ wireless. Now what?

Now you need to configure your VNC server. Leopard/Snow Leopard has a VNC server built in. If you’re on Tiger, use Vine Server.

Open System Preferences > Sharing.

Click Remote Management.

Click Computer Settings…

Select as shown.

Go back to the Remote Management page and Allow acces for: Only these users

Add the users you want to give remote access privileges to with the + icon.

The Server is configured! Now how do I control it?

If you’re on Leopard/Snow Leopard, you have /System/Library/CoreServices/Screen Sharing.app.
You should be able to see the server on the finder window and click Share Screen.

If not, just launch Screen Sharing and enter the Hamachi IP of the computer you want to control. Remember that it must have Sharing and Remote Management set up before you can control it.

If you’re on Tiger, use Chicken of the VNC.

I don’t want to have to start Hamachi manually. Can I make this do it automatically when OS X boots?

To install the hamachi boot scripts, download this file.

This file is provided by the original author who wrote this hamachi daemon installation tutorial. I would love to credit him but I cannot find the page I originally found it from.

Open Terminal.

Navigate to the directory where you downloaded the file.

To do this, type

cd

Put a space at the end of the ‘cd’ and click and drag the folder the file is located in on the Finder into the Terminal window then hit enter. From here you can enter the rest of these commands by copying and pasting them into the terminal.

sudo cp hamachi-boot-macosx.tar.gz /Library/StartupItems
cd /Library/StartupItems
sudo tar zxvf hamachi-boot-macosx.tar.gz
sudo chown -R root:wheel hamachi

This should result in a directory
/Library/StartupItems/hamachi/

Containing the files
/Library/StartupItems/hamachi/hamachi
/Library/StartupItems/hamachi/hamachi_helper
/Library/StartupItems/hamachi/hamachi_networks.conf
/Library/StartupItems/hamachi/StartupParameters.plist
/Library/StartupItems/hamachi/README

Next edit the beginning of hamachi_helper to reflect which account you used to install Hamachi by replacing “hamachi_account” with the appropriate account name.

It is best to copy the files you are editing to the desktop or another folder, as you will be unable to save the file if you edit it directly. This is because the /Library/StartupItems/ folder has permissions set which prevent you from modifying files directly. The workaround is to copy them to a folder you have permissions for, making the changes, then moving them into /Library/StartupItems/hamachi/. OS X will then prompt you for your password and allow you to overwrite the file.

If you installed Hamachi as root, I believe the script will work if you set HAMACHI_OWNER=root and HAMACHI_DIR=/var/root/.hamachi.

After hamachi_helper works, change hamachi_networks.conf to contain the names of the networks you would like to sign on to. One network name per line, as many lines as you want. As far as I know there is no hard limit.

This package is designed to be run by SystemStarter during the boot process. However, you can test it manually by entering commands of the form:
sudo SystemStarter start hamachi
sudo SystemStarter restart hamachi
sudo SystemStarter stop hamachi

Test if this works by pinging the server’s hamachi IP, then restarting your server.

You can do this by opening Terminal and entering the following command. (All hamachi IP start with 5, replace xxx with the correct numbers)

ping 5.xxx.xxx.xxx.xxx

Can I control it from my iPhone?

At the moment, not through hamachi. Hamachi was originally freeware before they were bought by logmein.

Logmein has done very little to upgrade hamachi for the mac/linux clients which are still at v 0.9xx.
The windows version however has recently been upgraded to v2.

Logmein has a product which runs on the iPhone called logmein ignition, but this is not compatible with hamachi.
You need to install a different type of software to be able to access your server through the iPhone.

I don’t know if this will serve any purpose, but I have written to logmein to ask for the mac & linux versions to be updated so they can perform network ownership commands that the v1.xx versions of hamachi can.
I am writing another to ask that they develop a version that allows the iPhone to connect to hamachi networks.

If this tutorial was of any help to you, please take a couple of minutes of the time you WILL save and write to logmein asking them to provide updates to the mac & linux versions of hamachi and to develop the iPhone version.

If there are any questions I haven’t covered in this tutorial or in the links provided, leave me a comment and I will respond when I can.