Securing Mac Remote Screen Sharing
This is one of those paranoid thoughts that I get.
Remote screen sharing on Mac that uses a password through VNC can be a source of attack.
Obviously, if you’re just using it locally to share that ain’t much of problem.
But what if you are running a mac-mini headless and you open up the router so you can connect to it when you’re out having fun with the Catwoman. What then? This open remote screen app might make you susceptible to a brute force attack.
To foil some Joker/Penguin that is roaming Gotham City looking for open doors, enable screen sharing only when you need it.
Check if remote screen sharing is running:
sudo launchctl list | grep screensharing
If Loaded
- 0 com.apple.screensharing
To disable screen sharing
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.screensharing.plist
To check if disabled
sudo launchctl list | grep screensharing
If you get no output, it’s not working.
To enable screen sharing
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.screensharing.plist
Then tunnel into the remote screen with ssh
ssh -N -L 5901:localhost:5900 username@remote-ip-address -p port#
Open screen sharing in a different terminal window
open /System/Library/CoreServices/Applications/Screen\ Sharing.app
When asked
localhost:5901
When done use ssh to remote in and disable screen sharing
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.screensharing.plist
Check it’s disabled
sudo launchctl list | grep screensharing
By the way:
- 0 com.apple.screensharing
The first column (-): This dash indicates that the service doesn’t have a process identifier (PID) associated with it. This is normal for services that are loaded but not currently running an active process.
The second column (0): This number represents the exit status of the service. A value of 0 means the service is working correctly with no errors. If there was a non-zero value here, it would indicate that the service had exited with an error.
The third column (com.apple.screensharing): This is the service identifier or label for the Screen Sharing service.