SSH to Your Mac From (Almost) Anywhere

13 Feb 2013

Some time last year I was sitting at a coffee shop hackin’ away on my work laptop. I noticed that my other laptop, which was sitting at home, was showing up in the Finder sidebar. I assumed it was just cached from when I was at home, but when I clicked on it I was amazed to discover that after a brief delay I was connected to my Mac at home.

It occurred to me that this was probably Back to My Mac at work, and I got curious about how BtMM works. In the process of investigating, I learned enabling BtMM on a Mac causes that machine to be advertised via mDNS on any other Mac that is attached to your iCloud account and has BtMM enabled. What’s more, you can SSH to that host and be connected to your Mac. It’s trivial to enable this and pretty easy to use.

Prerequisites

There are a few things you’ll need first. You’ll need two Macs running Lion or newer. You’ll need an iCloud account. You don’t need a router that supports UPnP, but you’ll be much happier if you have one.

Update: Thanks to Eric Hodel who pointed out that it’s not actually a public DNS entry, rather it’s published via mDNS on hosts that have BtMM enabled. This means that you can only access your remote Mac from another Mac, but that’s okay.

Enabling Back to My Mac and SSH

Crack open System Preferences and open the iCloud prefpane. Ensure that Back to My Mac is checked:

Back to My Mac enabled in the iCloud prefpane

Next, go to the Sharing prefpane and enable Remote Login:

Remote Login enabled in the Sharing prefpane

Finding Your Dynamic Hostname

This is the magical part.

$ dns-sd -E
Looking for recommended registration domains:
DATE: ---Wed 13 Feb 2013---
10:42:05.550  ...STARTING...
Timestamp     Recommended Registration domain
10:42:05.551  Added     (More)               local
10:42:05.551  Added                          icloud.com
                                             - > btmm
                                             - - > members
                                             - - - > 12345678

This will keep running for a while, but once you see the number on the bottom line there, you can safely ctrl-c it. That number is your iCloud member number, and is the key to all of this.

Say your machine is named chrono. You can now ssh chrono.12345678.members.btmm.icloud.com and be connected to that machine.

Freaking sweet, right? Okay, let’s do one better.

The Magic of `~/.ssh/config`

Remembering that hostname is… not easy. Instead, let’s just set up some aliases in our SSH config.

cat ~/.ssh/config
Host chrono.home
    HostName chrono.1234578.members.btmm.icloud.com

Host marle.btmm
    HostName marle.12345678.members.btmm.icloud.com

Host lavos.btmm
    HostName lavos.12345678.members.btmm.icloud.com

Now you can simply ssh lavos.btmm and be connected to lavos, wherever it might happen to be.

« go back