Posted on

Enable regular VNC access to an OS X Server remotely

Mac OS X Server has pretty decent screen sharing and remote desktop features out of the box to manage you headles OS X Server remotely. This works great when you have a Mac OS X desktop or laptop, but I found out today requires some additional setup when you’re using a Microsoft windows client.

The tehcnology used by Apple is VNC, which is a very mature and generally available protocol for which multiple mature clients exists on different platforms. However, Apple has decided to use its own authentication model between the client and the server out of the box (for probably good reasons, not sure though which but they probably wanted to use GSSAPI again). However, the default VNC authentication is not enables out of the box and requires some additional setup to enable access from standard VNC clients.

Today  I found myself needing to do some administrative tasks I knew I could do easily through a remote desktop connection, but since I was a few thousand kilometers away and only had my (Windows 7) work laptop with me, could not do. It turned out I had to enable some settings to allow "classic" (actually standard) VNC clients to connect and authenticate with the Mac OS X remote desktop (VNC) server. Furtunately it turned out to be possible not only through the graphical interface but, as many times with OS X, there was also a command line way to make the necessary adjustments. Running the following command:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart  -configure -clientopts  -setvnclegacy -vnclegacy yes -setvncpw -vncpw PASSWORD

where PASSWORD is the password to be provided to authorize a standard VNC connection.

With the above command executed through an SSH connection over VPN I was able to enable standard VNC support on my Mac OS X Server and logged in (again though the VPN connection) on my server’s desktop remotely using a standard VNC client.

Just to be complete, the option to use a standard VNC client can be disabled using:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart  -configure -clientopts  -setvnclegacy -vnclegacy no

Posted on

Restoring Synology NAS Crashplan existing configuration

In addition to yesterday’s post about running Crashplan on a Synology Disk Station,I thought it was worth mentioning that the key advantage of using PC Load Letter‘s packages is that they nowadays also fully support Crashplan’s auto update feature. So once installed, there is no need to update the package anymore, Crashplan will update itself to the latest version automatically.

Unfortunately this is not visible in Synology’s Package Centre, which hapily shows an updated version of Crashplan is available whenever an updated package is available. Since it is always a good idea to have the latest package installes as it may resolve other issues (i.e. one day autoupdate support started to work now it also it seems to preserve its configuration upon reinstall), it is still a good idea to upgrade every now and then.

One of the key drawbacks of upgrading in the past was that de configuration was lost and the new installation would even become a fresh computer instead of retaining the existing configuration. I had to deal with this several times in the past, normally ending up copying back a backup of the config file manually through an SSH CLI. This did not really work like I wanted as it is manual wotk and felt like a hack, which made me look for the right way to do this. After some searching I found an article on the Crashplan support pages on reconnecting an Existing Backup, which desribes how the GUID of a Crashplan installation (the unique ID that identifies the Crashplan network) can be changes to that of the previous installation so that identity and configuration settings of the previous installation are restored. fo this semi-manual approach. To lookup the GUID of the installation to be restored, one can lookup the GUID from your Crashplan account’s computer overview and selecting the name of the computer, which will also display the GIUD. Follow the instructions to reconnect an Existing Backup.

Recently Crashplan as automated the semi-manual process for Adopting Another Computer  so that the semi-manual process is no longer needed. As described in the Crashplan support page, there is now an option available to adopt another computer after re-installation of the Crashplan client (which is exactly what will happen in case a new version of PC Load Letter‘s package is installed). With this option, restoring all settings has become very easy and since all files are still there, and since all files are still there (no need to restore any files) it only requires a check with the remote systems to ensure everything have already been backed up.
 

Posted on

Crashplan packages for Synology Disk Station

For quite some time I am a very happy user of Crashplan, backup service and tool that offers reasonably prices backup storage and can can also be used without their service to backup to another computer running the Crashplan client. I am using it both to backup some of my data to Crashplan’s servers as well as to backup to a few friends of mine and provide backup services to my family. So far this works fine, especially since I have it running on my Synology Disk Station (a DS1010+) with plenty of storage. The neat thing is that my NAS is automatically backed up externally and I do not require a PC to provide secure backup services for some friends and within my family.

The easiest way to install Crashplan on your Synology Disk Station is by installing the package provided by PC Load Letter, I used to do install the Linux version manually before which was not difficult at all either, but since the autoupdate did not work then, using the package really is a better solution. Furthermore, it does not require any hacking or tweaking of the box, so everybody can do this (actually it’s so simple, there’s not excuse anymore not to backup your NAS).

To make the package available you need to add the PCLoadLetter repository with URL http://packages.pcloadletter.co.uk as a source for 3rd party applications. See the Synology Support site on how to install 3rd party applications. Next you can select the Crasplan package from the packages available from the Community section, please note that you need to select the correct package (which is the plan version unless you have a PRO or PROe subscription). Please note that Crashplan requires Java installed, so you may need to install that dependency as well (the package installer will tell you).

Once Crashplan has been installed and is running, it is time to configure Crashplan on the Synology Disk Station. For this, you need Crashplan also installed on a (PC/Mac/Linux) desktop that is supported by Crashplan and can run it’s graphical interface. Download the application from Crashplan’s download page and install it. There is no need to run it locally (but you may opt to do so later to use Crashplan to make backups to your NAS). However, some things need some tweaking to use the client to setup the headless Crashplan installation on the NAS.

The Crashplan support site has an excellent guide on how to Connect to a Headless CrashPlan Desktop that one can use to manage everything from a remote computer using using their client (please note that this assumes you have SSH enabled). I opted for a slightly different approach for my two use cases:

  • On my work laptop (Windows 7) I have Crashplan installed but disabled the service as my employer’s policies do not allow it. There I have simply setup PuTTY to forward local port 4243 to localhost:4243 when I connect to my NAS using SSH. This allows me to simply launch the Crashplan client without any modifications that can reach the service on my Synology disk station as long as I have an SSH connection open.
  • On my private laptop (Max OS X) I have Crashplan installed and use it as well to backup to my NAS. There  I use iTerm to manage my SSH connections, but basically all that does is store the exact ssh commands and parameters used, so that is no difference from what Synology’s guide describes. On that system I change the ui.parameter settings whenever needed to switch between local service running on its standard port and the remote one forwarded using ssh running on another port.

Through the client, you can either associate Crashplan running on your NAS with your existing account (if you have that already setup) or register for a new account. After this you can setup remote backup destinations as well as allow others to backup to your NAS as well as setup your NAS as a destination for your other computers (under the same account). Crashplan has documented this all on their support website.

Posted on

Back online

The last 7 months I have not been able to spend any time on this blog, which has not just resulted in no updates, but also in an awful lot of spam in the comments (which was not visible as I have to approve commentes anyway). I found over 12.500 spam messages in the comments, of which 11.000 in one article. The bad thing of this was that this large amount of comments killed the performance of my blog, so I had to do something.

The good thing about Pebble (the blog software I use) is that is has a very simple XML file-based structure to store articles and comments, so this was very easy to cleanup. All  I had to do was

  1. Shutdown the blog system (only shutting down the webapp in Glassfish sufficed
  2. Locate the XML files that were huge
  3. Edit the large XML file using vi on the command line, removing anything between <comments>…</comments>
  4. Restart the Pebble webapp in Glassfish.

And the spam was removed, which also resolved the performance issue

Now the good news, not being able to post anything does not mean I did not have any spare time to experiment with things so I do have a number of items to complete and document the coming weeks (I’m having some time off now) . Expect some posts frequently during the summer period…