I had a play with it using mitmproxy and one thing is for sure, it doesn't implement certificate pinning. It happily connected to my self-signed certificate. When you set a master password for access to your Mac it's sent to their server (a Cloudflare Worker) as plaintext (albeit over TLS) rather than using it as input to a key derivation function. That makes me think it's probably stored server-side with little to no security. All in all, there ain't a bargepole long enough for me to touch this with.
swongel
Regardless of the poor security guarentees and or personal disinterest in such a service. I don't think services which offer continuous services should ever have a "lifetime" price. With a lifetime subscription the incentive of the company is to offer poor service, or to stop alltogether when revenue from growth is no longer outpacing operating costs. I'd much prefer it if the $29/lifetime would just be $29 / 4 years instead, it would make me much more secure in onboarding onto your proprietary service as I would feel more secure about it's future existence.
show comments
ronsor
The pricing is extremely steep for a tech-savvy audience that could just set up Tailscale or MOSH.
show comments
monster_truck
What is with all the insanely insecure projects and services making it to the FP today? Nobody should be using this.
It is not at all safe and should absolutely not be on the FP.
show comments
notRobot
Shell In A Box has been a thing for like two decades now, and gives you a simple web-based interface ssh interface you can use from any device. https://github.com/shellinabox/shellinabox
pelzatessa
In no serious case have I ever considered connecting to my PC terminal using phone. Connecting from PC to phone makes sense, but when talking the opposite situation, phones simply are terrible at doing things from terminal. Keyboard takes roughly 40% of the screen, and displaying wide lines is awkward. Forget about TUI applications, Midnight Commander and such. Other than toying around and extreme emergencies, why?
I use https://github.com/tiann/hapi self hosted with Tailscale, took seconds to setup, it's free, and it has more features.
gnabgib
Title: Connect to Mac Terminal from iPhone
show comments
yoavm
If you're using tmux, you can try my plugin https://github.com/bjesus/muxile . It sends your tmux session to your phone, with quick QR code scanning and WebSockets.
ay
Just use iSH and use the local terminal on the iPhone from which you can connect to the Mac terminal. Works well over tailscale, too.
What guarantee is there that the connection is not being MitM? Closed source app from an unknown developer versus OpenSSH is a no-brainer to me.
_grilled_cheese
You are connecting to the Mac shell, not the Mac terminal. The remote app running on the iPhone is the terminal.
rubyn00bie
I’m not sure I get why this is better. Something like Tailscale makes it trivial to connect to your own machines and is likely more secure than this will be. Tailscale even has a free plan these days. Combine that with something like this that was shared on HN a few days ago: https://replay.software/updates/introducing-echo
Then you’re all in for like $3. What about webRTC makes this better?
tty456
How do you do data transfer with only blind signaling when either user is behind a NAT?
mrsssnake
For connecting two devices I already pay for a service allowing that, it's called ISP (Internet Service Provider).
EGreg
Or … just run clawdbot.
Just kidding
badgersnake
No, use wireguard or ssh or both.
imwillofficial
Its a very handsome website.
Sayuj01
I wanted a way to access my mac terminal from my iphone without setting up any vpn or weird router rules and then buying a separate ssh app in app store. So I built macky.dev as a fun side project.
When the mac app is running it makes an outbound connection to my signaling server and registers itself under the account. iPhone also connects to this same signaling server to request a connection to this mac. Once both the host and remote are verified it establishes a direct p2p webrtc connection.
[delayed]
I had a play with it using mitmproxy and one thing is for sure, it doesn't implement certificate pinning. It happily connected to my self-signed certificate. When you set a master password for access to your Mac it's sent to their server (a Cloudflare Worker) as plaintext (albeit over TLS) rather than using it as input to a key derivation function. That makes me think it's probably stored server-side with little to no security. All in all, there ain't a bargepole long enough for me to touch this with.
Regardless of the poor security guarentees and or personal disinterest in such a service. I don't think services which offer continuous services should ever have a "lifetime" price. With a lifetime subscription the incentive of the company is to offer poor service, or to stop alltogether when revenue from growth is no longer outpacing operating costs. I'd much prefer it if the $29/lifetime would just be $29 / 4 years instead, it would make me much more secure in onboarding onto your proprietary service as I would feel more secure about it's future existence.
The pricing is extremely steep for a tech-savvy audience that could just set up Tailscale or MOSH.
What is with all the insanely insecure projects and services making it to the FP today? Nobody should be using this.
It is not at all safe and should absolutely not be on the FP.
Shell In A Box has been a thing for like two decades now, and gives you a simple web-based interface ssh interface you can use from any device. https://github.com/shellinabox/shellinabox
In no serious case have I ever considered connecting to my PC terminal using phone. Connecting from PC to phone makes sense, but when talking the opposite situation, phones simply are terrible at doing things from terminal. Keyboard takes roughly 40% of the screen, and displaying wide lines is awkward. Forget about TUI applications, Midnight Commander and such. Other than toying around and extreme emergencies, why?
Previously:
https://news.ycombinator.com/item?id=47122939 (yesterday, 3 points, 4 comments)
https://news.ycombinator.com/item?id=47103613 (Sunday, 1 point, 0 comments)
I use https://github.com/tiann/hapi self hosted with Tailscale, took seconds to setup, it's free, and it has more features.
Title: Connect to Mac Terminal from iPhone
If you're using tmux, you can try my plugin https://github.com/bjesus/muxile . It sends your tmux session to your phone, with quick QR code scanning and WebSockets.
Just use iSH and use the local terminal on the iPhone from which you can connect to the Mac terminal. Works well over tailscale, too.
Or... use something like https://shellbox.dev
Why stop at just one terminal? (shameless plug for https://github.com/rcarmo/webterm, which works pretty well on mobile)
What guarantee is there that the connection is not being MitM? Closed source app from an unknown developer versus OpenSSH is a no-brainer to me.
You are connecting to the Mac shell, not the Mac terminal. The remote app running on the iPhone is the terminal.
I’m not sure I get why this is better. Something like Tailscale makes it trivial to connect to your own machines and is likely more secure than this will be. Tailscale even has a free plan these days. Combine that with something like this that was shared on HN a few days ago: https://replay.software/updates/introducing-echo
Then you’re all in for like $3. What about webRTC makes this better?
How do you do data transfer with only blind signaling when either user is behind a NAT?
For connecting two devices I already pay for a service allowing that, it's called ISP (Internet Service Provider).
Or … just run clawdbot.
Just kidding
No, use wireguard or ssh or both.
Its a very handsome website.
I wanted a way to access my mac terminal from my iphone without setting up any vpn or weird router rules and then buying a separate ssh app in app store. So I built macky.dev as a fun side project.
When the mac app is running it makes an outbound connection to my signaling server and registers itself under the account. iPhone also connects to this same signaling server to request a connection to this mac. Once both the host and remote are verified it establishes a direct p2p webrtc connection.