Access your Mac from the Web

Make your macOS device accessible from anywhere via the Yaler relay.

Prerequisites

Setting up your device requires a relay domain. Please sign up to get one.

Installing OpenSSL on macOS

Note that YalerTunnel expects this specific version of OpenSSL.

  1. Open a terminal on your device, and type
    $ cd ~
    $ OPENSSLSRC=openssl-1.0.2n
    $ OPENSSLSRC_SHASUM=370babb75f278c39e0c50e8c4e7493bc0f18db6867478341a832a982fd15a8fe
    $ OPENSSLDIR=$(pwd)/openssl
  2. Download and verify the OpenSSL source
    $ curl -LO http://www.openssl.org/source/$OPENSSLSRC.tar.gz
    $ echo "$OPENSSLSRC_SHASUM  $OPENSSLSRC.tar.gz" | shasum -a 256  -c
    

    Make sure the output says OK.

  3. Unpack and build the OpenSSL source
    $ tar xfzmv $OPENSSLSRC.tar.gz
    $ cd $OPENSSLSRC
    $ ./Configure darwin64-x86_64-cc --prefix=$OPENSSLDIR --openssldir=$OPENSSLDIR
    $ make depend
    $ make
    $ make test
    $ make install_sw

Installing YalerTunnel on macOS

  1. Download, unpack and build the YalerTunnel source
    $ cd ~
    $ mkdir yalertunnel
    $ cd yalertunnel
    $ curl -LO http://s3.yaler.net/yalertunnel/YalerTunnel2.src.tar.gz
    $ tar xfzmv YalerTunnel2.src.tar.gz
    $ ./configure && make OPENSSLDIR=$OPENSSLDIR
  2. To check the installation, display the YalerTunnel version and usage with
    $ ./yalertunnel
  3. Done. Now either enable Web access or SSH access.


Web access

Prerequisites

A Web server or service has been installed and is running on the macOS device.

Enabling Web access on macOS

How to configure YalerTunnel on your macOS device to make a local Web service accessible from anywhere.

  1. Download the yalertunnel.plist file
    $ sudo curl -L http://s3.yaler.net/macos/yalertunnel.plist -o /Library/LaunchDaemons/yalertunnel.plist
  2. Open the yalertunnel.plist file with
    $ sudo nano /Library/LaunchDaemons/yalertunnel.plist
    Set your macOS user name and yalertunnel path, set the port of the local Web service (default: 8080), and set your relay domain
    01 <?xml version="1.0" encoding="UTF-8"?>
    02 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
    03 <plist version="1.0">
    04     <dict>
    05         <key>Label</key>
    06         <string>org.yaler.yalertunnel</string>
    07         <key>UserName</key>
    08         <string>MACOS_USER</string>
    09         <key>StandardErrorPath</key>
    10         <string>/tmp/yalertunnel.err</string>
    11         <key>StandardOutPath</key>
    12         <string>/tmp/yalertunnel.out</string>
    13         <key>ProgramArguments</key>
    14         <array>
    15             <string>/Users/MACOS_USER/yalertunnel/yalertunnel</string>
    16             <string>server</string>
    17             <string>127.0.0.1:8080</string>
    18             <string>ssl:try.yaler.io:443</string>
    19             <string>RELAY_DOMAIN</string>
    20             <string>-min-listeners</string>
    21             <string>1</string>
    22         </array>
    23         <key>KeepAlive</key>
    24         <true/>
    25     </dict> 
    26 </plist>
    

    Save changes with CTRL-X, then Y, then RETURN. Do not change the local IP (default: 127.0.0.1), unless the Web service runs on a separate device in the same network.

  3. Load the yalertunnel launch daemon
    $ sudo launchctl load /Library/LaunchDaemons/yalertunnel.plist
  4. Reboot your macOS device
    $ sudo reboot
  5. Done. Now access your device from any Web browser or with Curl or from iOS or from Android (and resolve errors).

Disabling Web access on macOS

How to remove YalerTunnel to disable Web access from anywhere.

  1. Unload the yalertunnel launch daemon
    $ sudo launchctl unload /Library/LaunchDaemons/yalertunnel.plist


SSH access

Prerequisites

The SSH daemon sshd is running on the macOS device.

Enabling SSH access on macOS

How to configure YalerTunnel on your macOS device to allow SSH access from anywhere.

  1. Download the yalertunnel-ssh.plist file
    $ sudo curl -L http://s3.yaler.net/macos/yalertunnel-ssh.plist -o /Library/LaunchDaemons/yalertunnel-ssh.plist
  2. Open the yalertunnel-ssh.plist file with
    $ sudo nano /Library/LaunchDaemons/yalertunnel-ssh.plist
    Set your macOS user name and yalertunnel path, set the port of the local SSH service (default: 22), and set your relay domain
    01 <?xml version="1.0" encoding="UTF-8"?>
    02 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
    03 <plist version="1.0">
    04     <dict>
    05         <key>Label</key>
    06         <string>org.yaler.yalertunnel-ssh</string>
    07         <key>UserName</key>
    08         <string>MACOS_USER</string>
    09         <key>StandardErrorPath</key>
    10         <string>/tmp/yalertunnel-ssh.err</string>
    11         <key>StandardOutPath</key>
    12         <string>/tmp/yalertunnel-ssh.out</string>
    13         <key>ProgramArguments</key>
    14         <array>
    15             <string>/Users/MACOS_USER/yalertunnel/yalertunnel</string>
    16             <string>server</string>
    17             <string>127.0.0.1:22</string>
    18             <string>ssl:try.yaler.io:443</string>
    19             <string>RELAY_DOMAIN</string>
    20             <string>-min-listeners</string>
    21             <string>1</string>
    22         </array>
    23         <key>KeepAlive</key>
    24         <true/>
    25     </dict> 
    26 </plist>
    

    Save changes with CTRL-X, then Y, then RETURN. Do not change the local IP (default: 127.0.0.1), unless the SSH service runs on a separate device in the same network.

  3. Load the yalertunnel-ssh launch daemon
    $ sudo launchctl load /Library/LaunchDaemons/yalertunnel-ssh.plist
  4. Reboot your macOS device
    $ sudo reboot
  5. Done. Now access your device with Putty or with SSH (for Linux, macOS).

Disabling SSH access on macOS

How to remove YalerTunnel to disable SSH access from anywhere.

  1. Unload the yalertunnel-ssh launch daemon
    $ sudo launchctl unload /Library/LaunchDaemons/yalertunnel-ssh.plist


Troubleshooting

How to fix common issues.


To enable Web and SSH access at the same time, or tunnel another protocol, please get in touch.


Creative Commons License This work by Yaler GmbH is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.