Extra88

Tunnelling AppleShare over SSH

This is really just refinement and update to information found elsewhere.

Say you're somehwere with your 'Book (named "rover") running OS X and you'd like to edit some files on your OS X machine (named "bone") at home. You're accustomed to this because you've got your home router set to forward the SSH port to your Mac and you use a dynamic DNS service to have a home hostname (named "doghouse.dyndns.org") so you don't have to figure out what your broadband IP du jour is.

If you were to SSH to your home computer (to edit text files with pico or vi), you'd enter something like "ssh -l flea doghouse.dyndns.org" where "flea" is your username on doghouse (That's a lowercase "ell" after ssh and before "flea"). Note that your home Mac "bone" is called "doghouse.dyndns.org" because that's the public hostname assigned to your IP. You could also use Fugu to transfer whatever files you want to the laptop using SFTP. But gee, it's so much easier when you're using the 'Book at home because you just mount your home directory using AppleShare ("afp:://bone.local"). Fortunately, you can tunnel an AppleShare connection over SSH.

ssh -l flea -L 10548:doghouse.dyndns.org:548 -N doghouse.dyndns.org

You'll be prompted for your password on your home computer as usual and then nothing will happen in the Terminal window. So what's going on here? The beginning and end of the command is like a normal SSH session but in-between you're telling SSH to create a local port ( -L ) numbered 10548 and to connect that local port to port 548 (which is the port used by AppleShare) on doghouse.dyndns.org. Putting -N in front of the second hostname tells ssh that you don't want to open a command prompt on the remote computer because you're only interested in using this encrypted tunnel you've created. "10548" was a fairly arbitrary choice, you could pick any number between 1024 and 32768 but adding "10" to the front of the AppleShare port is a bit easier to remember.

Now you're ready to give it a try. Go to the Finder, Connect to Server and enter afp://localhost:10548" as the server address. "localhost" refers to your own machine, in this case "rover" the 'Book. The AppleShare password prompt will appear asking for login information for the machine "bone," just as if you were using the laptop at home. That's it, you can connect to the share you want and use it just as you would at home (though probably slower due to the slower network connection). When you're done with the share you disconnect as usual then go back to the terminal window used to create the tunnel and press Ctrl-c to close the tunnel.

But wait, there's more! What if the files you wanted to edit weren't on the Mac called "bone" but on another Mac at home (named "hydrant")? No problem, because the tunnel you create doesn't have to be on the same computer as the SSH session.

ssh -l flea -L 10548:hydrant.local:548 -N doghouse.dyndns.org

Everything is the same but instead of "10548" on rover pointing to the AppleShare port on "bone" it's now pointing to the AppleShare port on "hydrant" (you can use the Rendezvous hostname "hydrant.local" because it's bone's job to figure out where hydrant is). When SSH prompts you for the password for user "flea" you're still dealing with an account on bone (aka doghouse.dyndns.org). When you make the AppleShare connection to afp://localhost:10548 you'll now be prompted for a username and password on hydrant.

If you wanted to use AppleShare on both bone and hydrant you could, you'd just have to specify different local ports for each (perhaps "10548" and "11548").

And if you wanted to use SSH to get to hydrant, you can use tunnelling for that too.
ssh -l flea -L 10022:hydrant.local:22 -N doghouse.dyndns.org
All I changed was the port on hydrant to 22 (the SSH port) and the local port to 10022. I didn't have to change the local port number but it can be easier to keep track of the local ports if you use such a numbering system, espcially if you have multiple SSH tunnels going at once.

Mrowr

I just installed Panther at home. The actual install took about an hour, which I figure is pretty good considering this is only a 400MHz G4 with 576MB of RAM. I did an upgrade rather than a clean install or archive & install. I know some have had problems so I backed up my hard drive with CCC (took for freakin' ever. 3 hours I think). Here are some first impressions:

All my stuff seemed to survive, my data, my menulets, my startup apps & Safari 1.1 has added a feature important to me. OS 9 labels seem to be displayed now. I was surprised to browse my Documents directory and to see some things highlighted in colors. I think it's too early to say what I think about the new Finder sidebars. I've only tried Expose a little bit but it's awesome, even with my puny Rage 128 Pro video card (16MB VRAM). If I had a better video card, would I still be able to read the text? Fast User Switching works but on my machine it doesn't do the cool animation (presumably because of my puny video card). Switching to another user left all my programs running but paused iTunes & knocked me offline in iChat (makes sense). I really hope Fast User Switching works with domain accounts (unlike the feature in XP).

I think I like the new application switching function. iChat AV won't start up when my USB 3com HomeConnect webcam is connected. The software I previously installed to make this camera work in most OS X apps must be causing the problem. I'll try re-installing it but my guess is I'll have to wait for a Panther compatibility update to it. I'm not going to mess with FileVault at this point, I just don't need it. Some stuff will be more interesting to try on a computer at work. I guess that will have to wait :) Using Internet Connect to connect to the work VPN server still works. It seems like things are a little snappier but that might not actually be the case.

I like the new sidebar layout for System Profiler and it seems snappier. Holy crap, the search field built into the Finder windows searches the local disks by default and is still wicked fast! When you do a search the first column is filename but the second column is "Parent," referring to parent folder, which I think it very nice. Highlighting a file shows the full path in a pane below the search pane. The Network preference pane now has an interface for setting Ethernet speed, duplexing & MTU. There's also a "Configure IPv6" button which is enticing but I still don't have any use for it :) Oooh, there's a "Renew DHCP Lease" button! Yea! Classic now has a "Show Classic status in menu bar" option.

Software Update has an option to download "important" updates automatically and to let you know when they're ready to install. It also lets you "ignore" updates so if, for example, you don't have an iPod, you don't have to see any of the iPod updates listed. That's nice. My shell is still tcsh, it was not switched to the new default, bash. However, when I ssh to servers now, Terminal reports my term as being "xterm-color" now and mail.rochester.edu doesn't recognize that. I can type in "xterm" and it works but I shouldn't have to do that.

Why I'm not switching to Safari

It’s a little thing but I do it all the time in Mozilla. In Safari, I can’t load a URL by dragging it onto a tab. In Safari I have to either right-click then choose New Tab from the menu or command-click the link, which requires two hands. Then I still have to click on the tab to bring it to the front (there are keyboard commands for tab switching but they’re also two-handers - shift-command-right arrow and left arrow). When I’m done with the page, I have to close the tab because it’s not much good for anything else.

In Mozilla, I can drag a URL onto an existing tab or even drag to a blank part of the tab bar to create a new tab. Since I’m using the mouse for the action, the cursor is already in position to bring the tab to the front, if that's what I want. I don’t need to close the tab again because I can re-use it for a different URL.

Another important factor is I use Windows at work but OS X at home and having the same browser on both is helpful.

In general, Safari is a nice browser. It's fast, seems to render pages well, and I like the Bookmarks interface. I like the "Block pop-up windows" option is right in the Safari menu and has a keyboard command. I always leave mine on but I can imagine people making use of that, possibly on a public computer. I also like being able to access the browser history from a menu in Safari. Mozilla makes you open a History window. Of course Mozilla lets you access your bookmarks from a menu while Safari make you open a window so they're reversed on that point. I've never used SnapBack so I guess it doesn't mean much to me. The Aqua styled web form elements are nice but you still can't use the keyboard to operate them.

Aaaaah! Webcam!

I just found an open source webcam driver which supports my USB 3com HomeConnect (aka Vicam) in OS X, macam.

I don't care to take pictures of myself but thanks to a QuickTime component, the camera is supposed to work with many webcam apps, including the iChat AV beta (using another bit of software called iChatUSBCam which enables the use of USB cams with it). I'll probably use it when my sweetie goes back to school. I'll hold the cat up to it.

The picture quality isn't great at some resolutions but it's surprisingly good at 640x480 and the framerate is quite good. This picture of my eye is from the webcam but the blue cast to it was an effect I added. The framerate is better than it was using the official Vicam software under OS 9 (it was always good under Windows). Supporting this camera was quite a feat, considering it had to be completely reverse engineered. They even got the little snapshot button on the top to work!

The camera a too bulky to strap to the back of the cat and the USB cable would cramp his style but I hope to use some motion detection + video capture software to get some living room Mutual of Omaha footage while I'm at work.

OS X command for CPU, RAM info

From Terminal, try the command "sysctl hw." You'll get information about your CPU, cache, bus, and RAM. "Sysctl -a" will give you a lot more information but very little will make sense to you.

OS X 10.2 has the command "system_profiler" which is the commandline version of the Apple System Profiler and is, overall, better than the above command. However, one thing system_profiler can't do is tell you have much RAM the Mac has if it'a "pre-New World" Mac such as a beige G3. "Sysctl hw" will make you do the math yourself to convert the RAM figure from bytes to megabytes but its a quick way to find out more about the machine, particularly when used remotely.

SMS vis iChat

Does your phone use SMS? Apparently you can send messages via iChat or the latest AIM client.

Metadata Hootenanny

Metadata Hootenanny lets you easily read/write all the metadata in a QuickTime .mov file, stuff like title, copyright info, etc. It also lets you create chapter tracks which allow your movie to have a menu for jumping to particular points. The normal Quicktime Pro way of setting them it to enter them in a text file and import it. This could be a nice for making QuickTime movies appear a little more professional.

Enabling Sendmail as send-only

This is something I've been wondering about for a while but never got around to hunting down. This Mac OS X hint explains how to set up Sendmail to start automatically at boot but to only be available locally on the machine. This is very good for setting up automated functions to email updates to you or to use it as a quick 'n dirty way of sending info or files by email from the command line. These instructions were written for OS X but I'm sure can be adapted for any UNIX.

5-User Max in iTunes4 Sharing

I had read in a couple of places that iTunes 4's playlist sharing had a limit of 5 simultaneous clients but I hadn't seen anything definitive. Now I have.

iTunes 4: Idle Users of Shared Music May Be Automatically Disconnected

Problem between MT & WebDAV?

I followed some basic instructions for enabling WebDAV on this server. In the httpd.conf I uncommented the modules and I added a new directory with access controlled by an htpasswd file. I created the directory, created the htpasswd file and when I tried it (using iCal publishing) it worked. Browsing the blog worked just fine but I ran into trouble once I tried to save a blog entry. I could create, edit, preview entries but when I tried to save, the browser just spun its wheels. I couldn't save an entry again until I went into the httpd.conf, commented out all the stuff I added, and restarted the web server. I'll have to look into this some more, I'm sure at some point I'll want to use WebDAV. I noticed other problems related to the order in which Apache modules loaded, perhaps there's an order issue between mod_dav and mod_perl.

iTunes-BPM script

iTunes 4 added a "BPM" (Beats Per Minute) field to its ID3 tag choices. Of course CDDB and it's ilk don't include BPM in their information so you have to fill this in yourself. The standard solution is to use a program which has you tap (the mouse or keyboard) to the beat of a song and displays the BPM of your tapping. Assuming you're not totally rhythmically impaired, the BPM of your tapping should match the the BPM of the song. Here's a JavaScript Beats per minute Calculator which you can use at this page or download the source to run locally off your hard drive. Since adding BPM is something you may want to do in iTunes now, someone wrote an AppleScript to add a BPM calculator to iTunes. I haven't tried it yet but it seems like a good idea.

Radmind reaches 1.0

From MacInTouch:

Released after an extended beta-testing period, Radmind 1.0 is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. It can detect changes to any managed filesystem object (files, directories, links, etc.) and can optionally reverse the change. For Mac OS X, Radmind Assistant provides a graphical interface to the command-line tools. Radmind is free for Mac OS X, Linux, FreeBSD, OpenBSD, and Solaris.

More on iTunes4

Blogspace is certainly abuzz about iTunes4 and the Music Store. This article nicely summarizes how URLs to specific parts of of the Music Store are structured. If you want to see what the URL delivers, just change the "itms" to "http" and your browser will display the returned XML document the best it can (bad in Safari, pretty good in Mozilla and IE). One thing you can do with the XML is copy the URLs which point to the preview files (which are DRM'd AAC files, just like the full tracks) and download the preview files (the URLs are regular http).

iTunes4 sharing is HTTP

I found this article by pudge, Slashdot editor, MacPerl maintainer, and all-round Mac+Perl guy to be interesting. Basically he found that the service iTunes4's sharing creates uses HTTP on port 3689. This does not open up your whole Music folder for browsing but he did find a way to download a track instead of stream it.

Also, iTunes4 adds at least two protocol types (which are really just http assigned to specific apps) to your system, itms: (iTunes Music Store?) and daap: (Digital Audio Access Protocol?). itsm URLs point to specific pages within iTunes Music Store and daap: URLs point to servers providing iTunes sharing. So if my Mac is mac.goofus.com and I turn on sharing in iTunes4, someone can enter daap://mac.goofus.com:3689 in their browser and their iTunes4 will launch and connect to my shared playlists.

It looks like the downloading vs. streaming may be only applicable under rather specific circumstances. For one thing, the URL includes a "session-id" which is probably only generated when the iTunes4 client requests the track. It would be interesting to see if that URL could be used to stream the track using a different player on a different computer. The different player part shouldn't matter since pudge is using "curl" as a client to download the file but I wonder if iTunes4 on the server side ties the IP address of the client to the session-id. Probably not.

About the daap: protocol, it's not clear how you might construct a URL to point to a specific playlist or track or if it's even possible. A program called ServerStore has been made as a way to access a list of available iTunes sharing servers and quickly connect to them.

Someone else is working on a more detailed (and inscrutable!) examination of the sharing protocl.

Oh, and in case it wasn't obvious, iTunes4 only shares music when it's actually running. If the server quits iTunes4, clients can't listen.

Disconnect USB Audio, crash your App

Mac OS X: Audio Application Unexpectedly Quits If Third-Party Audio Device Is Disconnected or Turned Off

It doesn't affect only USB audio devices but also FireWire. Their solution is to quit the app before disconnecting the device. Seems pretty lame, I hope they fix that in a patch before releasing 10.3. We have a bunch of Macs which we want to switch to OS X this Summer but we'll be going with 10.2 because that's what we already own.

That reminds me, this year, we need to make sure our Mac orders are placed late enough to definitely get 10.3. included.

White Paper on FireWire port failures

This isn't strictly a Mac issue but many people have reported problems with failing FireWire ports on their Macs.

FireWire Port Failures in Host Computers and Peripheral Devices

This guy makes a lot of FireWire devices (we have one at work for connecting a 2.5" laptop hard drive to FireWire) and should know what he's talking about.

Nice touch in Software Update

A nice thing about OS X's Software Update is it can check for updates for applications which are not a standard part of the operating system. For instance, if you have the Safari beta web browser installed, Software Update will let you install the latest version. This is also true of other, more exotic applications like QuickTime Broadcaster.

Fugu 1.0 available

"Fugu is a native Mac OS X Cocoa GUI wrapper for OpenSSH's commandline sftp client. SFTP is a secure replacement for FTP: the session is encrypted via ssh, so nothing--most importantly passwords--is sent in the clear."

It's also free and open source.

Running GUI apps as root

Mac OS X Hints has this hint:
Launch GUI programs as root which is kind of obvious to Unix veterans. Here's the meat:

"sudo path/to/application/Contents/MacOS/app_name &
For example:
sudo /Applications/TextEdit.app/Contents/MacOS/TextEdit &"

It was noted that you can't really tell which GUI apps are running as root but one of the comments shared a somewhat subtle way to tell them apart, change root's coloring. If you run this command:
sudo "/Applications/System Preferences.app/Contents/MacOS/System Preferences"
you can set system preferences for root. To change the coloring, go to General and set the Appearance to Graphite and maybe change the Hightlight Color to something else as well. Doing this will make any GUI app running as root have different coloring on it's window elements (scroll bars, open, close minimize buttons, etc.) In something like a text editor, a differeent highlight color could be very noticable. I suppose changing root's language to Français would be pretty obvious too ;-)

Lookup NetBIOS names from OS X

This falls under so many categories. MacOSXHints has this storyAn AppleScript to look up NetBIOS names. but Real Men use the Terminal. Here's the command line bit that does the real work:

nmblookup -T -U <WINS server IP> -R <NetBIOS name>

Here's an example for work and its output:

cwcx% nmblookup -T -U 128.151.209.155 -R esmdc
querying esmdc on 128.151.209.155
esmdc.esm.rochester.edu, 128.151.209.155 esmdc<00>

In this case I used the WINS server to look up the WINS server's NetBIOS name.

Cutting MS Word v.X CPU load

The "Adam" below is Adam Engst. Someone should tell him that most people don't get paid by the word to write so "Live Word Count" isn't too important :-) Anyhow, these are pretty good tips since Word for OS X tends to gobble up quite a few CPU cycles even when it's in the background.

From: Errol Lewthwaite Sent: Friday, March 28, 2003 1:39 PM To: TidBITS Talk Subject: Re: Closing applications quickly in Mac OS X

Something I have just discovered to speed up MS Word on OS X significantly.

When looking at top (in Terminal) when Word has a document open Word is often using 30-50% of CPU.

In Word Preferences turn off "Preferences/View/Window/Live Word Count". CPU usage drops down to about 0-10%.

[Along the same lines, turning off inline spell checking would probably help, but in both these cases, the features are useful for many of us all the time. -Adam]

i/PowerBook battery calibration

PowerBook G4 and iBook: How to Calibrate a New Battery for Best Performance

The battery of an iBook or PowerBook G4 computer has an internal microprocessor that provides an estimate of the amount of energy in the battery during charging and discharging. The battery needs to be recalibrated from time to time to keep the onscreen battery time and percent display accurate. You should perform this procedure when you first use your computer and then every couple of months thereafter.

Kung-Log

Kung-Log is an Mac OS X application for writing & publishing blog entries. I'm trying it right now. The purpose of programs like this is to let you write blog entries without having to use the web interface. The web interface can be slow and this allows you to do things a real application can do, such as spell-checking and having a button which inserts the song iTunes is currently playing (as demonstrated below). I'm sure there are many programs like this, especially for Windows but this seems pretty nifty and it works with the particular blog software I'm using.
Currently listening to Hell from the album "Hot" by Squirrel Nut Zippers, The