Latest posts by Timothy Warner (see all)
- Microsoft Enhanced Security Administrative Environment (ESAE) - Fri, Aug 19 2016
- Use Datadog to monitor Azure Resource Manager - Tue, Aug 9 2016
- Restore Windows to Azure VM with CloudBerry Server Backup - Tue, Aug 2 2016
Here is the scenario: you are the systems administrator of a mixed Windows/Mac OS X network environment. Your administrative laptop runs Mac OS X 10.7 Lion, and you realize that you need to establish a remote connection to one of your Windows Server 2008 computers to tweak a setting. What do you do?
In this blog post I will share with you reliable methods for establishing both remote desktop and remote command-prompt sessions to a target a Windows computers.
Windows back-end setup ^
In this tutorial we will use the vendor-neutral Secure Shell (SSH) protocol to establish command-line-based remote access from Mac to Windows. We will also leverage Microsoft’s own Remote Desktop Protocol (RDP) to obtain a Windows desktop session from the Mac.
As you probably already know, we can enable Remote Desktop Connection in Windows Server 2008 by opening the System Control Panel item, navigating to the Remote tab, and selecting one of the two options for enabling remote connections. The System Properties dialog box is shown in the following screenshot:
Enabling RDP remote connections in Windows Server 2008
Please see the Microsoft documentation if you want more background on Network Level Authentication.
Microsoft includes no built-in support for SSH, unfortunately. At any rate, we have some choices in the matter for free SSH server/client packages for Windows:
In this exercise I downloaded and installed FreeSSHd. One point of confusion: after installation you might want to double-click the FreeSSHd desktop icon to open the administration panel. This does NOTHING. Instead, right-click the FreeSSHd system tray icon and select Settings… from the shortcut menu. This is shown in the following screenshot.
Administering the FreeSSHd server
After you’ve installed FreeSSHd and ensured that the service is running in the Windows Service Control Manager, our next (and final) configuration task is to create an SSH user. The User properties dialog box is shown in the next figure. In this example, we are enabling the 4Sysopslab domain administrator account to connect to the server by using SSH. Note that FreeSSHd includes secure FTP and Tunneling options as well.
Creating an SSH user
NOTE: By default, SSH operates on TCP port 22, and RDP operates on TCP port 3389. Keep this in mind when you are configuring firewall exceptions.
Command-Line Remote Access
If we need to open a Windows Server 2008 or Windows 7 command prompt from a Mac OS X computer, we don’t need to worry about WinRM or all that jazz. Remember that Mac OS X includes native support for SSH. Thus, we can simply fire up a Terminal session and type our SSH command string.
For instance, to connect to a Windows SSH server at 192.168.1.108 as a user named administrator, we can send the following command:
Once we accept the Windows host’s private key and authenticate, we are in business. This process is shown in the following screen shot:
A Windows command prompt from a Mac OS X computer
Remote Desktop Access ^
As far as I am personally concerned, Microsoft’s Remote Desktop Protocol (RDP) is more secure, efficient, and robust than the Remote Frame Buffer (RFB) protocol that is used with Virtual Network Computing (VNC) technology. The good news here is that Microsoft actually makes their Remote Desktop Connection client available for the Mac:
Once you have the software installed, click RDC > Preferences to set preferences, and thereafter use RDC exactly as you would use the Windows version.
Remote Desktop Connection for the Mac
Remote Windows Server 2008 session from Mac OS X
Today we learned a couple of different methods for establishing a remote administration session with a Windows-based computer from Mac OS X. I hope that you found this article useful. Hey, while we are on the subject of Mac/Windows integration, what “pain points” do you have in your environment? I am more than happy to write on particular subjects, specific issues you are experiencing, etc. Just leave a note in the comments portion of this post; I am happy to help!