alt Hacker NewsI think WebRTC is better than SSH-ing for connecting to Mac terminal from iPhone
Comments
The pricing is extremely steep for a tech-savvy audience that could just set up Tailscale or MOSH.
Shell In A Box has been a thing for like two decades now, and gives you a simple web-based interface ssh interface you can use from any device. https://github.com/shellinabox/shellinabox
I had a play with it using mitmproxy and one thing is for sure, it doesn't implement certificate pinning. It happily connected to my self-signed certificate. When you set a master password for access to your Mac it's sent to their server (a Cloudflare Worker) as plaintext (albeit over TLS) rather than using it as input to a key derivation function. That makes me think it's probably stored server-side with little to no security. All in all, there ain't a bargepole long enough for me to touch this with.
In no serious case have I ever considered connecting to my PC terminal using phone. Connecting from PC to phone makes sense, but when talking the opposite situation, phones simply are terrible at doing things from terminal. Keyboard takes roughly 40% of the screen, and displaying wide lines is awkward. Forget about TUI applications, Midnight Commander and such. Other than toying around and extreme emergencies, why?
What is with all the insanely insecure projects and services making it to the FP today? Nobody should be using this.
It is not at all safe and should absolutely not be on the FP.
I use https://github.com/tiann/hapi self hosted with Tailscale, took seconds to setup, it's free, and it has more features.
Previously:
https://news.ycombinator.com/item?id=47122939 (yesterday, 3 points, 4 comments)
https://news.ycombinator.com/item?id=47103613 (Sunday, 1 point, 0 comments)
Just use iSH and use the local terminal on the iPhone from which you can connect to the Mac terminal. Works well over tailscale, too.
You are connecting to the Mac shell, not the Mac terminal. The remote app running on the iPhone is the terminal.
Or... use something like https://shellbox.dev
Why stop at just one terminal? (shameless plug for https://github.com/rcarmo/webterm, which works pretty well on mobile)
What guarantee is there that the connection is not being MitM? Closed source app from an unknown developer versus OpenSSH is a no-brainer to me.
I’m not sure I get why this is better. Something like Tailscale makes it trivial to connect to your own machines and is likely more secure than this will be. Tailscale even has a free plan these days. Combine that with something like this that was shared on HN a few days ago: https://replay.software/updates/introducing-echo
Then you’re all in for like $3. What about webRTC makes this better?
If you're using tmux, you can try my plugin https://github.com/bjesus/muxile . It sends your tmux session to your phone, with quick QR code scanning and WebSockets.
How do you do data transfer with only blind signaling when either user is behind a NAT?
Or … just run clawdbot.
Just kidding
For connecting two devices I already pay for a service allowing that, it's called ISP (Internet Service Provider).
No, use wireguard or ssh or both.
Its a very handsome website.
[dead]
I wanted a way to access my mac terminal from my iphone without setting up any vpn or weird router rules and then buying a separate ssh app in app store. So I built macky.dev as a fun side project.
When the mac app is running it makes an outbound connection to my signaling server and registers itself under the account. iPhone also connects to this same signaling server to request a connection to this mac. Once both the host and remote are verified it establishes a direct p2p webrtc connection.
Regardless of the poor security guarentees and or personal disinterest in such a service. I don't think services which offer continuous services should ever have a "lifetime" price. With a lifetime subscription the incentive of the company is to offer poor service, or to stop alltogether when revenue from growth is no longer outpacing operating costs. I'd much prefer it if the $29/lifetime would just be $29 / 4 years instead, it would make me much more secure in onboarding onto your proprietary service as I would feel more secure about it's future existence.