In the previous chapter, I showed you how to configure your Mac to share files with other users, and how those other users can connect to your computer. In this section, I'm going to explain how you can connect to other shares and servers using Mac OS X. In some situations the procedures are identical; however, in other instances the procedures are much different.
In all of the examples I include here, I assume that you have an account that provides you with access to the share or server to which you're connecting (or that the server allows guest access), and that you have the IP address or domain name of the share or server. When I refer to your username and password, I'm talking about your username and password for the share or server, not your Mac OS X username and password (unless, of course, you're connecting to your own Mac from another location).
In many of the connection procedures I discuss in this chapter, you'll need to use OS X's Connect to Server dialog (Go ➣ Connect to Server… in the Finder), which provides a way for you to connect to other computers, both locally and over the Internet. (Keep in mind that "Server" is really just Mac OS X's way of referring to a computer that is sharing files for other computers to access. A server could be a high-end file server, or it could be someone's PC in their home, set up to share files.)
When you select Connect to Server… you're presented with the basic version of the Connect to Server dialog (shown in the graphic below). To connect to another computer or server, you enter its URL in the Address field (using the format described earlier in this chapter, including the protocol—AFP, FTP, SMB, etc.). The At: pop-up menu lists Recent Servers (those to which you've recently attempted to connect), as well as Favorite Servers (those you have manually added to your Favorites list using the Add to Favorites button); select one from the menu to have it automatically entered into the Address field.
In addition, you can click the disclosure triangle (to the right of the At: pop-up menu) to use the expanded dialog view (shown below). Using this view, you can browse servers on your local network, including those in local AppleTalk zones (if AppleTalk is enabled) and Windows workgroups, as well as other Rendezvous-enabled computers (in the Local group). Click the workgroup, zone, or Local group on the left to see available servers on the right.
Once you've typed in a server address, selected a Favorite or Recent server, or selected a local server in the server browser, click Connect to initiate a connection. What happens after you click Connect depends on the type of server to which you're connecting; I'll talk more about the process used for each in other parts of the chapter.
Favorite and Recent Servers
If you want to add a server as a Favorite, type in its address or choose it in the browser, and then click Add to Favorites before you press the Connect button. If you want to remove a server from the Favorites list, select Remove from Favorites… from the pop-up menu. You'll be presented with a dialog listing all of your Favorites; select one or more and click Remove to remove it from the list. Alternatively, you can use the Finder to go to ~/Library/Favorites. You'll notice that each Favorite is simply a Mac OS X Internet Location file located inside this folder; if you drag it to the Trash, it will no longer show up in the list. (I'll show you how to use this design to your advantage later in the chapter.)
As I already mentioned, once you attempt to connect to a server, that server is listed in the At: pop-up under Recent Servers. Unfortunately, there is no "remove" item as there is for Favorites. Fortunately, Recent Servers are stored exactly the same way that Favorites are; go to ~/Library/Recent Servers in the Finder and you'll find an Internet Location file for each server. Drag unwanted Location files to the Trash, and their corresponding server addresses will no longer show up as Recent Servers.
I mentioned earlier in the book that you can connect to your own iDisk using the Finder's Go ➣ iDisk command (which accesses the iDisk corresponding to the member name and password in the .Mac section of Internet preferences), using Apple's iDisk Utility, or using the Finder's iDisk toolbar item. I also explained how to use iDisk Utility to open another member's iDisk Public Folder. However, what if you have more than one iDisk of your own? Or what if a friend or colleague has given you "full" access to their iDisk (which requires you to provide their member name and password)?
Although most servers use only one protocol, .Mac's iDisks actually support two: Apple File Protocol (AFP) and the World Wide Web Distributed Authoring and Versioning (WebDAV) protocol. Using the Finder's Go ➣ iDisk command, or connecting via iDisk Utility, uses WebDAV, but you can use AFP URLs in Connect to Server. This means that by using Connect to Server, you can quickly connect to any iDisk for which you have a member name and password. In the Address field, type afp://idisk.mac.com/ and click Connect. You'll be asked to provide a username and password—enter the .Mac member name and password for the iDisk. After verifying, you'll see a File Sharing—like dialog asking you which volume you wish to mount (the iDisk will be the only choice available). Click OK and the iDisk will be mounted in the Finder (on the Desktop if you have chosen to show connected servers on the Desktop in Finder preferences; otherwise visible in any Finder window via the Computer view). Once an iDisk is mounted, you can copy files to and from it, and edit files on it (since you've logged in as the "owner").
You may be curious about the differences between AFP and WebDAV when it comes to iDisks. You know about AFP from the previous chapter, but I only mentioned WebDAV briefly. It's basically a way to provide read/write capabilities via a Web (HTTP) connection. Because HTTP is platform-independent, the fact that iDisks use WebDAV means that they're accessible from computers running Mac OS, Windows, and various versions of Unix/Linux. However, there are a couple of differences between AFP and WebDAV. The first is that using AFP is time-limited; if you don't use a mounted iDisk for a certain amount of time, you'll be automatically disconnected. An iDisk mounted using WebDAV/HTTP, on the other hand, stays mounted until you manually disconnect. The second difference is that you can only connect to another .Mac member's iDisk Public folder (described below) using WebDAV/HTTP; AFP is not an option.
For more info on WebDAV, check out http://www.webdav.org/. If you find yourself connecting to other WebDAV servers, you'll find the freeware WebDAV client Goliath (http://www.webdav.org/goliath/) to be a great tool.
Even though iDisk Utility provides an easy way to access the Public folder of any iDisk, you still have to launch iDisk Utility. Personally, I would rather just press command+K in the Finder and use the Connect to Server dialog; to me, this is much quicker and more convenient. To do this, type http://idisk.mac.com/membername-Public or http://idisk.mac.com/membername/Public (where membername is the user's .Mac member name) and click Connect. If the iDisk's owner has set up a password for their Public folder, you'll see a password dialog; enter public for the name, and then the password. The iDisk's Public folder will be mounted in the Finder or in the Computer view of any Finder window, depending on your Finder preferences. (If you're wondering what the difference is between the two URL formats, the main one is that membername-Public causes the Public folder to be mounted with the owner's name visible; this is helpful if you access more than one Public folder, as you can quickly see whose Public folder is mounted.)
If you frequently access multiple iDisks or iDisk Public folders, I'll show you how to make connecting more convenient later in the chapter, under "Connecting to Frequently Accessed Servers and Shares."
There are two ways to connect to a Mac OS X computer that is sharing files using Personal File Sharing. If the other Mac is running OS X 10.2 or later, and is on a local network with your Mac, you can open Connect to Server and click on the Local or * groups in the left column; other Macs on your local network will show up in the right column (as shown in "The Connect to Server Dialog" sidebar earlier in the chapter). If you've enabled AppleTalk on one of your network ports, the Connect to Server browser will also show you any AppleTalk zones on your network, and any computers with File Sharing enabled in those zones. Select the Mac to which you want to connect and click Connect.
If a locally networked Mac that should appear doesn't, try entering afp://rendezvousname.local in the Address field, where rendezvousname is the other computer's Rendezvous name, as shown in the other computer's Sharing preferences.
If the other Mac isn't on the same local network, or if it doesn't support Rendezvous, you'll need to enter its IP address instead. This is most often the case for using Personal File Sharing over the Internet. Enter the target computer's IP address (or domain name, if applicable) in the format afp://serveraddress, and then click Connect.
Once the connection is successfully initiated, you'll be asked for your username and password—remember that these will be your username and password on the Mac to which you're connecting, not on your own computer. Assuming you provide the correct info, you'll be presented with a list of available sharepoints on the server (the other Mac). If you're a non-admin user on the Mac to which you're connecting, the list will include your own home directory, the Public folders of other users, and any custom sharepoints, if applicable, to which you have access. If you're an admin user on that Mac, it will include your home folder and all mounted volumes (Figure 11.1).
Figure 11.1: Connecting to Personal File Sharing as a normal (left) and admin (right) user
If you're connecting over the Internet to a Mac running File Sharing under OS 9, that Mac must have "Enable File Sharing clients to connect over TCP/IP" checked in the File Sharing control panel.
By default, admin-level users can access all mounted volumes when they connect via Personal File Sharing; as a result, they don't see any custom sharepoints (since they already have the ability to view the entire volume that contains the sharepoint). If you have an admin account on a computer and need to verify that a custom sharepoint is functioning properly—for example, after setting one up as described in Chapter 10—you can connect as any non-admin user (such as one that can view sharepoints) by using their username and your own admin password. (As I mentioned in the last chapter, the downside to this functionality is that it allows any admin user to gain access to any other users' files.)
When you connect to another Mac using Personal File Sharing, you have a few options when it comes to logging in. In the name/password, dialog, click Options… to get a list of connection preferences. The first, Add Password to Keychain, creates a new Keychain entry for that server (see Chapter 13 for more info about the Keychain in OS X). The next time you connect to that particular server, the password field will automatically be filled in for you. The second option lets you choose to send your password in "clear text." If this option is enabled, your password will not be encrypted or otherwise protected, so anyone who might be able to intercept communication between your Mac and the target Mac will be able to figure out your password. Because this is an obvious safety risk, I recommend keeping this option disabled. (In fact, because this option is unsafe, the third option tells your Mac to warn you whenever you send a password in clear text.)
If the computer to which you're connecting has Remote Login—which I'll talk more about later in the chapter—enabled in Sharing preferences, that means that your computer can communicate with it using a secure shell (SSH) protocol; all communication over that SSH connection will be encrypted. By checking "Allow Secure Connections using SSH," you can tunnel your File Sharing connection over this encrypted connection. If the target computer has Remote Login enabled, I highly recommend enabling this option.
With Mac OS X, the Mac is finally a functioning member of Windows networks right out of the box. As explained in the previous chapter, SMB/CIFS is the standard sharing protocol on computers running Microsoft Windows, and OS X includes significant SMB support, allowing you to connect to Windows shares as easily as you connect to Personal File Sharing on other Macs. In addition, if another Mac has Windows File Sharing enabled, you can even connect to it using SMB, just as if it was a Windows computer.
To connect to a local Windows share (one on your local network), open Connect to Server, make sure it's expanded to show the connection browser, and select the Windows workgroup (on the left) in which the target computer is located (Figure 11.2). Select the computer to which you want to connect (on the right), and then click Connect. You'll be asked which share on the computer you want to access; select one from the pop-up menu and click OK. In the subsequent authentication dialog, the workgroup name of the Windows computer will already be entered; just enter your username and your password and then click OK. (If you want OS X to remember your password the next time you connect to this particular Windows share, check the "Add to Keychain" box.) The Windows share will be mounted and you can use it like any other mounted volume. (You may find the above procedure to be reversed—you may be asked to provide your name and password first, and then select the share that you want to access.)
Figure 11.2: Using the Connect to Server dialog to browse Windows workgroups
One limitation of Mac OS X's Connect to Server browser is that it will only show computers on the same subnet as your computer. This isn't a problem for most small office or home users, but if your Mac is on a large network that has been split into multiple subnets by your network administrator, you won't be able to see Windows computers in other subnets. To connect to one of these Windows computers, you'll need to use the procedure for connecting to remote computers, discussed in the next paragraph.
To connect to a remote Windows share, open Connect to Server and type smb://serveraddress/share/ in the Address field, where serveraddress is the IP address or domain name of the Windows computer, and share is the name of the share (a drive, volume, or directory that has been shared by the computer's owner/administrator). Unlike the procedure for connecting to a Windows computer on the same subnet, which will prompt you for the share you wish to access if you don't specify one, Windows computers require you to provide the specific share you're trying to access when connecting remotely. (If the share name contains spaces, type %20 in place of each space.) Click Connect to initiate the connection. If you have trouble connecting to a Windows share using a domain name, see if using the actual IP address works; I've found that IP addresses seem to work better when connecting via SMB URLs.
You'll then be asked to provide the workgroup in which the remote computer resides, your username, and your password. After entering the correct values and clicking OK, the Windows share will be mounted. Note that you can also include the workgroup name in the original URL by typing smb://workgroup;serveraddress/share/.
Once the Windows share is mounted, you can work with it as you would any other mounted volume (within the privileges you have for the share, of course.) However, you should be aware that Mac OS X allows you to use certain characters in the names of files that the Windows OS does not; specifically, these characters are ? [ ] / \ = + < > ; : ", | *. (That final period is the end of the sentence, not one of the "forbidden" characters.) If you try to copy a file from your Mac to a Windows share and the filename contains one of these characters, you'll get an error message "Error code = -43." You'll need to edit the name of the file and try the copy again.
Although OS X includes significant support for accessing Windows shares, at the time of this writing it does have a few limitations in addition to the one I mentioned above about only being able to view Windows computers located on the same subnet:
OS X supports SMB over TCP/IP, but not over NetBEUI; thankfully, most newer versions of the Windows OS share files over TCP/IP.
Administrative shares (those that end with a $ character) are not accessible from a Mac without using a utility like DAVE (discussed below).
At the time of this writing, you can only connect to a single SMB volume at one time. If you need to mount a different Windows share, be sure to drag the first to the Trash to unmount it first, then connect to the second. Mounting more than one SMB volume simultaneously can cause a kernel panic.
Many users experience problems—such as system freezes—if they put their Mac to sleep or disconnect from their Internet or network connection with a Windows share mounted. You should be sure to unmount Windows shares before disconnecting or putting your Mac to sleep.
Although it's great that OS X provides the ability to connect with Windows shares right out of the box, this ability is somewhat limited in its functionality. For example, I already mentioned that OS X can only browse workgroups that are located in the same subnet as your computer. Another commonly encountered shortcoming is that OS X does not support Windows Shortcuts (they show up as generic files and do not link to their targets). If you only occasionally connect to Windows shares, you'll probably be perfectly happy with OS X's connection capabilities. However, if connecting to Windows shares is something you do frequently, or if your Mac sits on a large Windows network, you may want more functionality than OS X provides.
Thursby Software's DAVE (http://www.thursby.com/) is far and away the most comprehensive utility for interacting with Windows computers and networks from your Mac. I mentioned it in the last chapter as a way to extend your Mac's ability to share files with Windows computers, but it's a powerful tool for connecting to Windows computers, as well. Some of the advantages that DAVE provides over Mac OS X's built-in functionality include the ability to authenticate with a Windows network at login in order to mount shares on the network without entering your name and password; the ability to mount multiple shares quickly; the ability to browse workgroups and Windows computers throughout a network, not just on the local subnet; support for Windows Shortcuts; and the ability to change your Windows network password from your Mac. Another nice bonus is that by putting the DAVE installation CD in a Windows computer, you can quickly verify that it is properly set up to share files over a network. If you're having connection problems, this is a great feature that can help you isolate the cause (either with your Mac or with the Windows computer).
DAVE is a bit more expensive than much of the software mentioned in this book; however, if your Mac sits on a Windows network, DAVE is well worth the investment. Instead of just providing a way to interact with Windows computers, it makes your Mac a full citizen on Windows networks.
A decade ago, FTP was the dominant way to share and access files over the Internet. Shareware and freeware, documents, software updates—all of these were commonly distributed using FTP servers. Nowadays FTP has been relegated to second-class citizenship, for a few reasons. The first is that other, more convenient, methods have been developed; whereas FTP generally required you to transfer files using a command-line prompt, or at best a dedicated FTP client, other methods (including a few discussed in this chapter) allow you to mount remote folders and volumes in the Finder and use them just like local volumes. Second, the increasing influence of the World Wide Web means that distributing files via web servers is much more reliable than using FTP servers—everyone has a web browser. Finally, as I discussed in the previous chapter, FTP itself is not a secure protocol, so using FTP for anything other than anonymous (guest) access is a security risk.
Nevertheless, because FTP servers are simple to set up and provide excellent data transfer speeds, they're still a popular way to share files such as software over the Internet. Developers often use them to provide evaluation versions of software or software updates, and end users use them to exchange files. In addition, most website management (the uploading and downloading of web pages) is still done via FTP. What's more, SFTP—the secure implementation of FTP that uses SSH (secure shell) access to encrypt all data—is becoming more and more popular as a substitute for FTP; since it's cross-platform, SFTP is a secure way to share files both within and between platforms. Here are a few of the ways you can connect to FTP and SFTP servers.
Because of the security issues inherent to FTP connections, I recommend using FTP only with servers that allow anonymous (guest) connections, and only for transferring non-sensitive data and files. If you need to send sensitive information and/or you want to make sure no one can discern your username and password, try to use SFTP instead.
As I mentioned in the previous chapter, FTP and SFTP are actually command-line applications; FTP and SFTP clients that feature graphical interfaces are actually issuing the appropriate commands to the FTP/SFTP server for you. If you like doing things the hard way, you can open Terminal and do everything manually. Use man ftp or man sftp in Terminal to get the complete manual for each application.
Because FTP is such a common method for distributing software, most web browsers include a limited degree of FTP support. I don't recommend using a web browser for interactive FTP use, but if you have the complete URL to a file that resides on an FTP server (e.g., ftp://server/directory/filename), and that FTP server allows guest access, the easiest thing to do is often to simply type or copy/paste the URL into your web browser; the file will be downloaded to your computer. Unfortunately, none of the web browsers available at the time of this writing support SFTP.
If you actually need to interact with an FTP or SFTP server (upload files, rename files, etc.), the best way is to use a dedicated FTP/SFTP client. These applications provide you with the full range of FTP/SFTP functionality; under OS X, most also have excellent user interfaces that make working with servers easy and convenient.
The most popular FTP/SFTP clients for OS X are the commercial/shareware Interarchy (http://www.interarchy.com/), RBrowser (http://www.rbrowser.com/), Transmit (http://www.panic.com/transmit/), and Gideon (http://www.gideonsoftworks.com/gideon.html), and the freeware Fugu (http://rsug.itd.umich.edu/software/fugu/). Interarchy provides an extensive feature set unmatched by any other FTP/SFTP client, and has become the "power user" client of choice. However, the newest version of Transmit provides an excellent set of features (including some unique features like file previews and a built-in text editor) along with an interface that is head and shoulders above any other, in my opinion. For this reason, I'm going to use Transmit to show how to connect to an FTP or SFTP server. Keep in mind, however, that all FTP/SFTP clients operate similarly in terms of connecting and interacting.
There are also a few very good FTP-only clients, including Captain FTP (http://captainftp.xdsnet.de/), Fetch (http://www.fetchsoftworks.com/), and RBrowser Lite (http://www.rbrowser.com/). Because they don't support SFTP,I rarely use them; however, if you use standard FTP frequently, they're worth considering.
To connect to an FTP or SFTP server, most clients present you with a connection dialog that asks for the server address, username, password, and other information (Figure 11.3). In the case of Transmit, you're also asked which protocol to use, FTP or SFTP. (Some clients instead provide different connection dialogs for FTP and SFTP.) In the server field, enter the server's IP address or domain name (don't include ftp://; the client will do that for you when you connect). If you're connecting anonymously, enter anonymous in the username field and leave the password field blank (or enter your e-mail address; some anonymous servers require this). If you're connecting via SFTP (or to an FTP server that requires an account), enter your actual username and password.
Figure 11.3: Using Transmit to connect to another computer via SFTP
If your FTP/SFTP client supports Rendezvous (an example is Transmit), you can select local, Rendezvous-enabled FTP/SFTP servers from the client's Rendezvous menu instead of entering the server's IP address.
If you know specifically what path you want to connect to on the target computer, you can enter it in the Initial Path field (you'll also see this field as Directory in some clients). Finally, most FTP/SFTP clients give you the option of specifying a nonstandard port if the target computer isn't using standard FTP (20 and 21) or SFTP (22) ports.
Once you've entered the required information, click Connect (or OK in some clients) and the application will connect to the FTP/SFTP server. However, instead of the share/server mounting in the Finder as it does with Personal File Sharing or SMB access, all interactions with the server will take place from within the FTP/SFTP client. Depending on which client you're using, what you see can look like a Finder window, a file browser, or, in an application like Transmit, a dual-paned window that shows you the contents of a directory on the server and a directory on your own computer (Figure 11.4); the latter can be useful for moving files between your own computer and the FTP/SFTP server.
Figure 11.4: Transmit shows you "your stuff" and "their stuff" when connecting to a server.
You can generally navigate within those directories to which your account has access. You can also upload, download, rename, and delete files as needed (again, provided you have the appropriate privileges). Most Mac OS X FTP/SFTP clients provide excellent ease of use: double-clicking a file in a server window, or dragging it to your Desktop or a Finder folder, downloads it; dragging a file from your computer to a server window uploads it. (In the dualpane method used by Transmit, you can simply drag files between panes.) Most clients also have extensive additional options for working with files, accessible through the client's menus. For example, Interarchy and Transmit allow you to synchronize remote and local folders—if you manage a remote website, this is a great way to automatically upload any web pages or files you've recently edited or added.
As I mentioned above, one drawback of FTP has always been that you're forced to use either the command line or a dedicated FTP client to access shared files. However, with OS X 10.2 Apple began to integrate FTP browsing into the OS X Finder. To get a glimpse of how FTP in the Finder works, go to Connect to Server and enter the FTP server's address in the form ftp://serveraddress/. You can even include a directory and/or a username and password in the format <ftp://username:password@serveraddress/directory/.> Click Connect and the FTP server will actually be mounted in the Finder just like a Windows SMB share or File Sharing sharepoint.
Unfortunately, at the time of this writing, the implementation of FTP in the Finder is not flawless. For example, SFTP isn't supported, you can't upload or edit files (you have only read-only access), and sometimes the Finder crashes. However, it looks like a promising avenue. I hope that by the time you read this, or soon after, this new approach will be improved to the point that we rarely need dedicated FTP/SFTP clients.
In addition to Windows and Mac shares, OS X can also connect to Unix Network File System (NFS) exports. NFS exports are a common way to share directories that reside on Unix computers over the Internet. Although most home users will never encounter an NFS export, they're common in university and research settings.
To access an NFS share, open Connect to Server and enter the URL of the share in the format nfs://serveraddress/exportpath, where exportpath is the path to the particular Unix directory you wish to access. You'll be asked for your username and password, after which the export will be mounted in the Finder much like any other remote share.
To automatically mount NFS shares, check out NFS Manager, which I mentioned in Chapter 10.