I’m sure there are many of you who have long been comfortable with RSA keypairs, so I post this as much for my own reference, as for those like me who stumble around the Internet trying to find coherent instructions on how to do this. These instructions work for OS X 10.4 — not sure about other versions or *nixes. I plan to apply them to securing SSH on my iPhone for easier file transfers though.

Step 1: Open Terminal
Usually found in the Utilities folder of Applications (but if you didn’t know that already, this might not be the right topic for you!)

Step 2: Create your public/private key pair on your local computer

• At the command prompt type: ssh-keygen -t rsa
• Hit enter to accept the default file name and location

Step 3: Copy your public key contents into the “authorized_keys2″ file on the remote server

• Type: ssh username@remoteserver.com ‘cat >> ~/.ssh/authorized_keys2′ < /Users/Youruser/.ssh/id_rsa.pub
• Enter your FTP password for the remote server when prompted
  • If the file didn’t already exist on the remote server, it will be created, don’t worry.

Step 4: SSH at will!
You will never need a password from your account on your local computer again! Note that you’ll need a public key provided for each client computer/computer account you want to use to connect to the server.

The one piece of my .Mac replacement I’ve been missing is a way to publish our address book to the web. Every different web mail app has its own address book, and none of them sync with each other, with Outlook or, for me, Address Book.app — rendering all of them useless. So I needed my own way to, in a pinch, get addresses online. vCard PHP provides the parser and renderer, but I, obviously, needed to provide the group vCard for it to show me. Enter AppleScript again.

The goal of this script was to invoke Address Book.app’s Export command on all of the contacts in its database. I found a script online that exported individual vCards, so with a little modification I was able to get it to dump out a single group vCard. The next challenge was getting it up to my webserver.

I’m learning UNIX as well as AppleScript, so I was quite happy to put SCP to work. However, I hit a brick wall when trying to get AppleScript to pass in my server password. It can’t do it. I searched all over the Internets, but apparently once AppleScript invokes SCP, it loses control. And SCP obviously doesn’t have an AppleScript dictionary of commands. This behaviour is quite different from SSH, with which you do not lose control.

This sucked for a long time, until I finally broke down and decided to learn about RSA key pairs for authentication. I’ve been avoiding this for quite awhile now, because I frankly like just using a password, and I was scared of learning such an obscure new topic. But I finally figured it out — although that’s a topic for another post…

Anyway, assuming you have key pairs set up with your server, this script will do the trick. As I mentioned, it exports your Address Book to a group vCard in a given folder on your local hard machine, then SCPs the file up to a given folder on your web server. Point vCard PHP to that file, and schedule the AppleScript to run at a specific time using iCal, and you have an updated Address Book online!

Download the Script Here

Well my previous post on Symlinks was only partially right. It turns out iTunes doesn’t work very well when it has to share its library. If either computer decides it needs to write anything to the library database, it locks the other out. I had other problems with symlinking iCal’s database — it seems to keep a cache somewhere that I can’t find. So I had to resort to some AppleScripting — maybe the most elite AppleScript I’ve ever written. Here’s everything, some scripted, some not, that our computers do automatically for us…

Media Synchronization

TVShows, the amazing little OS X app, watches the Internets for shows we like and sends them to Transmission, my favorite BitTorrent client, to download. Transmission has a speed-limit in effect during the day so as not to disrupt normal Internet use, and ramps up to full speed after we go to bed.

My uber-script runs at 1:00am on the iMac. It starts by cleaning out the downloads folder, deleting any downloaded TV shows over 21 days old, then moves any downloaded music into the appropriate folder and adds it to the local iTunes library. Then it gets really clever, and logs into the remote Home Theater Mac over SSH and begins sending it instructions. It shuts down the remote iTunes, deletes its Library (which is a data island, because we do all our media maintenance on the iMac) and copies over the iMac’s iTunes Library. Note that it copies the Library only — the music remains on a network share that both computers have access to.
Then, once both iTunes are in sync, it starts up the remote iTunes which triggers a sync with my iPhone, getting me a playlist of my most recent music, plus my favorites (I only have a 4GB so I have to manage well) and does something similar locally to sync Nic’s iPod.

Both computers use the network shared Videos folder to populate FrontRow with our movies and TV content.

Calendar Synchronization

I failed to get WebDAV up and running on my new host, and Symlinks didn’t work out. But a wonderful and free service called iCalX came to the rescue. Microsoft finally added WebDAV publishing to Outlook 2007, so I publish my work calendar from there, my personal calendar syncs from my iPhone with the Home Theater Mac and from there to iCalX, and Nic publishes her calendar from the iMac. Any WebDAV client can subscribe to them and iCalX provides a nice little PHP iCalendar view online.

Address Book Synchronization

The OS X Address Book doesn’t complain too much about sharing its library between two computers, and provides little other utility for syncing or sharing (unless you want to pay $99 a year for .Mac — an otherwise useless service). I explored lots of options, but the only unattended one is Exchange syncing (or Kerio), and I don’t want to run a mail server any more. So I finally just decided to let Address Book share. The only caveat is that to make sure Address Book’s on multiple machines match up you have to quit Address Book to dump its in-memory cache and force it to re-read the database. It was easy enough to add some quit, open and hide commands to my uber-script, and that seems to solve the problem. Putting those commands in before each iTunes syncs with its connected portable device makes sure that both the iPhone and iPod have the latest contacts.

Nic’s cell phone is still a non-Apple device, but it syncs nicely over Bluetooth. A little app called Proximity detects when she comes into range of the Home Theater Mac, and fires a tiny AppleScript that does an automatic sync for her. A little blue light on her phone is the only indicator that its even happening.

Document Backup

This is actually another potentially useful service of .Mac, but I’m too cheap to be sold that easily. A really nice online service called Mozy provides free back-ups up to 2GB, and unlimited back-up for $5 a month (sign-up with that link and get me more free space!) We just eeked in under the 2GB mark backing up all our documents. This happens automatically every Sunday night at 1:00am, in place of the usual media sync.
I’ll be taking a semi-annual physical back-up of our document, music and pictures — pictures are copied between both Macs anyway. I have yet to figure out a way to back up 280GB of videos, save for having a second hard drive stored elsewhere, but I think, in case of a fire, we can live with only losing our movie collection.

Cleaning up

After either scheduled task (media sync or back-up, depending on the night of the week) the iMac goes to sleep until 9:00am, or until called for, while the Home Theater Mac studiously downloads things it thinks we might want to watch.

My script is likely pretty unique to our set-up, but I had to search long and hard to find the various parts that make it work — sending script instructions to a remote Mac over SSH was particularly tricky — so I’m posting it here for anyone who’s interested in picking it apart.

• Download the Uberscript here!
  

One other thing to be aware of, much of the script works against a shared drive, so it needs to be mounted for this to work. I use a little app called Automount Maker to get my media share to mount on boot, but its possible for the volume to get dismounted during the day (our microwave interferes with our wireless, for example, because there are so many wireless networks around, and that can kill the connection). I’d love to hear any ideas on how to make sure a volume stays mounted!