iTunes sharing over the internet using Back to my Mac and ssh port forwarding
I was at work the other week, doing a repetitive task of the sort that provides an opportunity to listen to music. I’d recently purchased an album and had stored it in the iTunes library on my home computer, but had not yet loaded the new songs onto my iPhone. There had to be a way to make iTunes at home share its music to my work computer so that I could listen to the new music. A few internet searches turned up some interesting information as well as a solution.
The crippled feature to be healed and exploited
Apple’s iTunes software has the ability to share selected playlists or entire libraries of music to other computers on a local network running iTunes. This means that if you have a large collection of music on your desktop computer, you can browse and listen to music from its library from a different room, streamed to your laptop. Or if you work in an office, and your coworkers have iTunes running on their machines and set to share, their shared libraries will automatically appear in the left column of iTunes running on your machine and you can play from them. It all works very seamlessly, on a local network. Possibly due to agreements made between apple and the recording industry, the sharing feature only works between computers on a local network, not between computers on the internet at large.How iTunes sharing works
When a user tells iTunes to enable sharing in that application’s preferences, iTunes advertises that service on port 3689 of the local network using “Bonjour“, the name for Apple’s implementation of the Zeroconf standard. Bonjour is used by iTunes, iPhoto, and other applications to advertise and to find servers on a local network, such as within a home or office.If a copy of iTunes is running on any other computers that are on the local network, those instances of iTunes will notice the advertisement of an iTunes share on the network, and will display the name of that iTunes share in the left column of the window. The user can then click that shared Library and play songs from it on their computer. The playlists and songs stream over the network from the sharer to the sharee. Unfortunately in my case, iTunes running on my laptop at work couldn’t see the iTunes share served from my computer at home, because my home computer is miles away and not connected to the same local network as my laptop.
Bringing the remote network closer
The following link pointed the way to a solution:1I recognized a familiar Unix trick in their tip: Port forwarding over a secure shell connection. Of course! If one could make a secure shell connection (abbreviated in the command “ssh”) to a remote computer, one could then do what’s called “port forwarding”, and forward all communications on a port on the remote machine to a port on the local machine. This would transport both the advertisement of the iTunes share and the actual sharing itself from the remote network to the local network. I’d never actually executed port forwarding over ssh before, but I’d heard of it, and between their example and the man page for the ‘ssh’ command, it all became clear. The tip first requires that one knows the IP address of the remote computer, and then shows the command to connect to the remote machine, grab any communications on port 3689 (the port used by iTunes sharing), transport it encrypted to the local machine, and repeat it on port 36890 of the local machine. The command looks like this (hover your mouse over any portion of the command to see an explanation of that portion):
$ ssh -fNL *:36890:127.0.0.1:3689 USER@REMOTE-HOST
After that command successfully concludes, the iTunes share on the remote computer will be accessible to computers on the local network, except they won’t be able to see that it’s there. The second command in their document uses OS X’s built-in “dns-sd” command to advertise that there is an iTunes share on port 36890 of the local computer. It is this advertisement that will make the iTunes share appear in the sidebars of any copy of iTunes running on the network:
$ dns-sd -R "Remote iTunes" _daap._tcp local 36890 &
I was confident that this would all work, but for one snag. Like most people, my home computer only has an address on its local network, it doesn’t have its own internet address. The computer is connected to a router. The router has an IP address on the internet and an IP address on the local network and uses what’s called “Network Address Translation” to distribute connections from the outside internet to all the computers on the local network. If I tried to connect to the IP address of my home connection, I’d be connecting to the router, not my home computer with its trove of music. Luckily a solution was within reach.
Locating the remote computer using Back to My Mac
I recently purchased a “MobileMe” subscription, which includes a service called “Back to my Mac“. I’ll let Apple’s marketing folk, who’ve obviously seen Buckaroo Banzai, explain “Back to My Mac” for me:Wherever you go, there’s your Mac.
Back to My Mac puts any Mac OS X Leopard- or Snow Leopard-based Mac you use within easy reach. MobileMe finds your remote Mac computers over the Internet and displays them in the Finder on the Mac you’re using. So you can connect from anywhere with just a click. Edit and save documents, open applications, and move folders. With Back to My Mac Screen Sharing, you can control your remote Mac as though you’re sitting in front of it.
I have been using the Back to My Mac service to copy files to and from my remote computer from work, and to occasionally take control of my home computer’s screen from work. The service must be punching through the router using port-forwarding and registering a temporary domain name for my home computer which can be accessed from the outside internet. I figured that if I could find out this domain name, it would be worth a try to use it to connect from work to the home computer and set up ssh port forwarding of the iTunes share. A search turned up this article:
10.5: How to use ssh using ‘Back to My Mac’
The writer of that article explains exactly how to determine the Back to My Mac domain name at which one can find their remote computer. When I tried the first method described, it did not work. As it turns out, that method works for short computer names, but my home computer’s name is long, and Back to My Mac truncates it and adds a few random (?) numbers when assigning the domain name. The second method they mention does work. I can easily determine the name assigned to my remote machine by choosing “Shell > New Remote Connection…” in the Terminal application’s menubar. In the “New Remote Connection” window that appears, I choose ‘ssh’ in the service column and my remote computer’s name in the ‘Server’ column. There, in the field at the bottom of the New Remote Connection window will appear the command for making a ssh connection to my home computer. It’s not the same ssh connection command that will be used to do port forwarding, but the last portion of it does show me the exact domain name that will resolve to my home computer.
Victory
Whenever I feel the mood, I can now run the following two commands and then sit at work listening to streaming music stored on my home computer:$ ssh -fNL :36890:127.0.0.1:3689 myComputerName.myMobileMeID.members.mac.com.
$ dns-sd -R "Zach's Remote iTunes FTW" _daap._tcp local 36890 &
Thanks Y’all
Thank yous are due to the writers of:- http://www.macosxhints.com/article.php?story=20080428132615192
- http://atomized.org/2008/10/remote-itunes-sharing/
- All the solutions written below involve the use of the Terminal application and the command-line. If you’ve never played with such, give it a shot. Stop kvetching and open /Applications/Utilities/Terminal. You paid for a Unix operating system when you bought your Mac, you might as well try exploring some of its inner awesomeness. [↩]
Wonderful, just wonderful! I’ve spent so much time trying to figure out a way to do this and you just made my worklife a joy :-D
Thanks for the detailed instructions; however, when I run the first command I am prompted for a password? I have tried the password for my iTunes account and the password for my remote computer, neither of which work, any ideas on a solution for this?
It’s definitely not the password for iTunes that you need. What you’re doing is making a ssh connection to your remote computer. To do that, you’ll need to know both your Unix username and your password on the remote computer. The password you use for iTunes, or for the local machine, aren’t relevant.
I suspect you’ve got the right password for the remote system, but the wrong username. The counterintuitive thing about the usernames on the mac is that there’s a long username you can use for logging into things with the GUI, but a short username that’s your actual name as far as the underpinnings of OS X are concerned. You’ll need to know your short username — you can easily spot it in the GUI by looking at the sidebar to the left of every Finder window. Your home directory, which is depicted by an icon of a tiny house, has your short username next to it.
If you use your short username and password from the remote system, you should be in business, or at least past that first step.
Thank you for publishing this online. Works great.
I’ve been working on a similar solution for last couple days, trying to connect Apple TV at my house to a shared iTunes library at work place. While doing so I discovered couple apps which allow you to connect your MAC to remote iTunes (ie. MAC to MAC). Easiest is Hamachi VPN. If you still like the idea of dns-sd and ssh tunnel and don’t like terminal then Network Beacon and SSH Tunnel Manager are probably the best (SSH Tunnel manager has LAN option |ssh -g …| and allows to do -L and -R in the same command).
Thanks.
Works like a charm!
This worked beautifully for about an hour then I started getting the following error in Terminal:
channel 2: open failed: connect failed: Connection refused
channel 3: open failed: connect failed: Connection refused
channel 4: open failed: connect failed: Connection refused
channel 5: open failed: connect failed: Connection refused
channel 6: open failed: connect failed: Connection refused
channel 7: open failed: connect failed: Connection refused
channel 8: open failed: connect failed: Connection refused
channel 9: open failed: connect failed: Connection refused
channel 10: open failed: connect failed: Connection refused
channel 11: open failed: connect failed: Connection refused
Any ideas?
A google search on that error message turns up this discussion, which contains a few possible solutions for you.
I have been trying to work this out for a few days and have tried many methods like network beacon and setting up hamachi but to no avail. This sounds like a good work around but do you need to have an account with mobileme to make it work?
This looks pretty sweet. Now, here’s the problem I’m running into: what does the username part of the hostname look like for a MobileMe ID with a . in it?
john.doe
translates to… what? :) The following didn’t work:
Mac.john.doe.members.mac.com (obviously)
Mac.john+doe.members.mac.com
Mac.johndoe.members.mac.com
Any ideas?
Thanks!
Thanks for the great tip. I found that I had some difficulty with the back to my mac username. I have a dot in my mobile me username. My username is firstname.lastname, for example. When I entered my machine name, it looks like this : computer.firstname.lastname.members.mac.com. That extra dot caused me some heartache. To get it to resolve, I had to write it out like this (quotes and all): computer.”firstname\.lastname”.members.mac.com. That is a double-escape in the unix world, and I could not get it to work any other way. Terminal showed the single escape (\), but I had to put the whole username in quotes to get it to resolve. Works like a champ.
Now I wonder if we can get iTunes Home Sharing working using the iPhone on a 3G connection (or any connection outside of the home network). I’ve tried using a VPN connection and some other ssh tools but haven’t been able to get it to work.
Does anyone know if this has a limitation to only work on Intel Macs? I’ve got a Mac Mini running 10.5.8 and while I can see the shared iTunes library, as soon as I click on it, it reverts me back to my local iTunes library. Not sure if it’s limited by either the OS version or the fact that my Mac Mini is a PowerPC G4.
Thanks for any help!
can one create playlists on the local (listening ) machine through this method?
I’m fairly certain you can’t make playlists that include tracks that are on a remote machine using iTunes sharing. I could be wrong.