 |
 |
What's the state of security with AFP now?
|
|
|
|
|
Professional Poster
Join Date: Sep 2000
Location: San Francisco
Status:
Offline
|
|
I would like to be able to access files on my work computer from home, but I'm paranoid in general. I'd like to use something easy (with a gui) like AFP, but I can't figure out if AFP is secure in Tiger. I've read about a thousand things on google talking about AFP over SSH and it seems to be a moving target in every version of Tiger. In 10.4.8, is this a secure method of accessing files? Does AFP use ssh by default now? I don't see any checkboxes in the Sharing prefs to turn this on.
Alternatively, should I just create an ssh tunnel manually and then forward the afp ports through the tunnel? I have setup a proper ssh configuration between client and host and I'm comfortable that it is secure. Or should I just give up and use sftp?
thanks,
kman
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Sep 2006
Status:
Offline
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2000
Location: in front of my Mac
Status:
Offline
|
|
It's very easy to use AFP securely. Just tunnel it through ssh.
Set up your ssh config file with a local forward to the Mac you want to access. This will look something like
Code:
Host remotemac
User yourname
Hostname remotemac.wherever.com
LocalForward 9548 remotemac.wherever.com:548
This basically tells ssh to forward all local traffic on port 9548 (you can chose this one as you like as long as it's not a privileged port) to the remote Mac's port 548 which is the AFP port.
In a shell open the ssh connection to the remote Mac
ssh yourname@remotemac
and then in the Finder mount the AFP shares with something like
afp://yourname@localhost:9548
Done. It's as simple as that. 
|
|
•
|
| |
|
|
|
|
|
|
|
Professional Poster
Join Date: Sep 2000
Location: San Francisco
Status:
Offline
|
|
Thanks, Simon. That was the other possibility I was considering. In the end I downloaded Fugu and used sftp to transfer some files. Worked great.
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2000
Location: in front of my Mac
Status:
Offline
|
|
Well, if you just want to upload/download a few files, scp is probably the easiest way to go. I use about two dozen times daily. 
|
|
•
|
| |
|
|
|
|
|
|
|
Professional Poster
Join Date: Sep 2000
Location: San Francisco
Status:
Offline
|
|
Yes. I was checking out scp, but I was having problems with directories with spaces in them. Any suggestions?
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2000
Location: in front of my Mac
Status:
Offline
|
|
Originally Posted by kman42
Yes. I was checking out scp, but I was having problems with directories with spaces in them. Any suggestions?
That's no problem at all, you just need a little trick.
Either you put file paths with spaces in quotes like
"/Volumes/Some Disk"
or
'/Volumes/Some Disk'
or you simply precede the spaces with a backslash like
/Volumes Some\ Disk
If you have a path with a space you can use tab completion in the shell and it will show you how the backslash thing works.
|
|
•
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
Top
