Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Start VNCServer on Mac1 EC2 Instance
# YouTube (english) : https://www.youtube.com/watch?v=FtU2_bBfSgM
# YouTube (french) : https://www.youtube.com/watch?v=VjnaVBnERDU
#
# On your laptop, connect to the Mac instance with SSH (similar to Linux instances)
#
ssh -i <your private key.pem> ec2-user@<your public ip address>
#
# On the Mac
#
# Set a password for ec2-user
sudo passwd ec2-user
# Enable VNC Server (thanks arnib@amazon.com for the feedback and tests)
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \
-activate -configure -access -on \
-configure -allowAccessFor -specifiedUsers \
-configure -users ec2-user \
-configure -restart -agent -privs -all
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \
-configure -access -on -privs -all -users ec2-user
exit
#
# On your laptop
# Create a SSH tunnel to VNC and connect from a vnc client using user ec2-user and the password you defined.
#
ssh -L 5900:localhost:5900 -C -N -i <your private key.pem> ec2-user@<your public ip address>
# open another terminal
open vnc://localhost
#
# On the mac, resize the APFS container to match EBS volume size
#
PDISK=$(diskutil list physical external | head -n1 | cut -d" " -f1)
APFSCONT=$(diskutil list physical external | grep "Apple_APFS" | tr -s " " | cut -d" " -f8)
sudo diskutil repairDisk $PDISK
# Accept the prompt with "y", then paste this command
sudo diskutil apfs resizeContainer $APFSCONT 0
@Norbinsh

This comment has been minimized.

Copy link

@Norbinsh Norbinsh commented Dec 2, 2020

on line #32 i believe it should be "-i", otherwise getting:
'ssh: Could not resolve hostname i: nodename nor servname provided, or not known'

thank you for this gist.

@sebsto

This comment has been minimized.

Copy link
Owner Author

@sebsto sebsto commented Dec 2, 2020

fixed. thank you for the fedback

@Sridhar-245

This comment has been minimized.

Copy link

@Sridhar-245 Sridhar-245 commented Dec 4, 2020

I followed the same steps on a windows machine. When I run the command "ssh -L 5900:localhost:5900 -C -N -i macos-catolina.pem ec2-user@ip-address", it is stuck. Any idea why ? Also, do we need to make any changes in the in bound rules of security group ?

@sebsto

This comment has been minimized.

Copy link
Owner Author

@sebsto sebsto commented Dec 4, 2020

@Sridhar-245 : does a regular SSH works ? If Yes, it is normal the ssl -L -N -C does not return, it creates a tunnel and stay active until you ^C

If regular ssh times out, check the usual : does your instance has a public IP ? Is it in a VPC Subnet with a route to the internet gateway ? Does the Security Group accept TCP 22 from your IP address ?

@eric-vader

This comment has been minimized.

Copy link

@eric-vader eric-vader commented Dec 7, 2020

Thanks for this! It works for me, however, to make this usable, the resolution needs to be increased. I searched around and it seems there is no good solution. Any ideas on how to increase the resolution?

@sebsto

This comment has been minimized.

Copy link
Owner Author

@sebsto sebsto commented Dec 7, 2020

@eric-vader Currently you cannot increase the resolution. This was a deliberate choice as the mac1 instances are explicitly not designed as virtual workspaces, based on the macOS Software License Agreement

See Section 3 on page 6 "Leasing for Permitted Developer Services." "...Permitted Developer Services means continuous integration services, including but not limited to software development, building software from source, automated testing during software development, and running necessary developer tools to support such activities...."

@GauravP123

This comment has been minimized.

Copy link

@GauravP123 GauravP123 commented Dec 8, 2020

it's giving me the following error
You cannot control your own screen.

@sebsto

This comment has been minimized.

Copy link
Owner Author

@sebsto sebsto commented Dec 8, 2020

@GauravP123 I am sorry - I did not receive such error when I tried. I would suggest to ask the question on the EC2 forum or post a message to our support team (Support is available on the top right side of the AWS console)

@GauravP123

This comment has been minimized.

Copy link

@GauravP123 GauravP123 commented Dec 8, 2020

also m getting Warning: macos 10.14 and later only allows control if Screen Sharing is enabled through System Preferences. is this fine or I have to make any changes?

@sebsto

This comment has been minimized.

Copy link
Owner Author

@sebsto sebsto commented Dec 8, 2020

@GauravP123 this warning is expected and can be ignored. I tested using MacOS Catalina, I did not try with Mojave. Which OS version are you using on the instance ?

@GauravP123

This comment has been minimized.

Copy link

@GauravP123 GauravP123 commented Dec 8, 2020

I am using macOS Catalina 10.15.7

@sebsto

This comment has been minimized.

Copy link
Owner Author

@sebsto sebsto commented Dec 8, 2020

@GauravP123 I can not help further, please ask the question on the EC2 forum or https://console.aws.amazon.com/support/home to the support

@flhoest

This comment has been minimized.

Copy link

@flhoest flhoest commented Dec 8, 2020

@jbwasp

This comment has been minimized.

Copy link

@jbwasp jbwasp commented Dec 8, 2020

also m getting Warning: macos 10.14 and later only allows control if Screen Sharing is enabled through System Preferences. is this fine or I have to make any changes?

Just enable it once from system preferences>remote management , computer settings> check vnc and set any password. Your script should change the password anyway

@Sridhar-245

This comment has been minimized.

Copy link

@Sridhar-245 Sridhar-245 commented Dec 9, 2020

@Sridhar-245 : does a regular SSH works ? If Yes, it is normal the ssl -L -N -C does not return, it creates a tunnel and stay active until you ^C

If regular ssh times out, check the usual : does your instance has a public IP ? Is it in a VPC Subnet with a route to the internet gateway ? Does the Security Group accept TCP 22 from your IP address ?

@Sridhar-245

This comment has been minimized.

Copy link

@Sridhar-245 Sridhar-245 commented Dec 9, 2020

Thank you very much for responding Sebsto. Yes, the regular SSH works. "does not return" means are you saying it wont establish connection to the Mac machine. Is there any other way to connect to Mac GUI from windows machine.

@flhoest

This comment has been minimized.

Copy link

@flhoest flhoest commented Dec 9, 2020

also m getting Warning: macos 10.14 and later only allows control if Screen Sharing is enabled through System Preferences. is this fine or I have to make any changes?

Just enable it once from system preferences>remote management , computer settings> check vnc and set any password. Your script should change the password anyway

You cannot do it if you do not have access to the UI .... so check my blog post above, all is explained well enough.

@jbwasp

This comment has been minimized.

Copy link

@jbwasp jbwasp commented Dec 9, 2020

So far it worked for me at least for 200+ MAC users. Generates random vnc password when end user launch the app and terminates vnc service when session ended

@aidenmitchell

This comment has been minimized.

Copy link

@aidenmitchell aidenmitchell commented Dec 14, 2020

Is there a way to change the VNC resolution?

@sebsto

This comment has been minimized.

Copy link
Owner Author

@sebsto sebsto commented Dec 15, 2020

@aidenmitchell Currently you cannot increase the resolution. This was a deliberate choice as the mac1 instances are explicitly not designed as virtual workspaces, based on the macOS Software License Agreement

See Section 3 on page 6 "Leasing for Permitted Developer Services." "...Permitted Developer Services means continuous integration services, including but not limited to software development, building software from source, automated testing during software development, and running necessary developer tools to support such activities...."

@Sridhar-245

This comment has been minimized.

Copy link

@Sridhar-245 Sridhar-245 commented Dec 18, 2020

I am running into an issue with Mac Catolina instance that I created. I created a Mac OS Catolina instance with root EBS volume with 75GB. But when I login to the machine and run "df -h", I dont see the EBS Volume (/dev/sda1) in the list and the EBS root volume is not mounted to root. The disk got partitioned to different volumes. Here is the result of df -h:

Filesystem Size Used Avail Capacity iused ifree %iused Mounted on
/dev/disk2s5 30Gi 10Gi 2.4Gi 82% 488252 312036148 0% /
devfs 230Ki 230Ki 0Bi 100% 796 0 100% /dev
/dev/disk2s1 30Gi 15Gi 2.4Gi 86% 205594 312318806 0% /System/Volumes/Data
/dev/disk2s4 30Gi 2.0Gi 2.4Gi 46% 1 312524399 0% /private/var/vm
map auto_home 0Bi 0Bi 0Bi 100% 0 0 100% /System/Volumes/Data/home
/dev/disk3s1 113Gi 7.6Gi 105Gi 7% 110 1181818330 0% /Volumes/SSD

When I try to install software like XCode, it says there is no enough space. Although I created the EBS volume with 75GB space, I dont find 75 GB space available in the above result. Is there any way we can mount the EBS volume to root and make the 75GB space available in the root. Please help.

@Sridhar-245

This comment has been minimized.

Copy link

@Sridhar-245 Sridhar-245 commented Dec 18, 2020

Please ignore the Bold text. Its unintentional.

@sebsto

This comment has been minimized.

Copy link
Owner Author

@sebsto sebsto commented Dec 18, 2020

Hello @sridhar-25 Glad to see you managed to connect to the instance.

The last part of the gist has instructions to resize the APFS container and enjoy the full size of your EBS volume.

Repeated here for convenience :

PDISK=$(diskutil list physical external | head -n1 | cut -d" " -f1)
APFSCONT=$(diskutil list physical external | grep "Apple_APFS" | tr -s " " | cut -d" " -f8)
sudo diskutil repairDisk $PDISK
# Accept the prompt with "y", then paste this command
sudo diskutil apfs resizeContainer $APFSCONT 0
@Sridhar-245

This comment has been minimized.

Copy link

@Sridhar-245 Sridhar-245 commented Dec 18, 2020

Hi @sebsto,

Thank you very much for providing the instructions to resize the APFS container. After running the above commands, I could see the full size of EBS volume mounted on root. I really appreciate the quick response and providing the right solution.....

Regards,
Sridhar.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment