-
-
Save sebsto/6af5bf3acaf25c00dd938c3bbe722cc1 to your computer and use it in GitHub Desktop.
# YouTube (english) : https://www.youtube.com/watch?v=FtU2_bBfSgM | |
# YouTube (french) : https://www.youtube.com/watch?v=VjnaVBnERDU | |
# | |
# On your laptop, connect to the Mac instance with SSH (similar to Linux instances) | |
# | |
ssh -i <your private key.pem> ec2-user@<your public ip address> | |
# | |
# On the Mac | |
# | |
# Set a password for ec2-user | |
sudo passwd ec2-user | |
# Enable VNC Server (thanks arnib@amazon.com for the feedback and tests) | |
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \ | |
-activate -configure -access -on \ | |
-configure -allowAccessFor -specifiedUsers \ | |
-configure -users ec2-user \ | |
-configure -restart -agent -privs -all | |
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \ | |
-configure -access -on -privs -all -users ec2-user | |
exit | |
# | |
# On your laptop | |
# Create a SSH tunnel to VNC and connect from a vnc client using user ec2-user and the password you defined. | |
# | |
ssh -L 5900:localhost:5900 -C -N -i <your private key.pem> ec2-user@<your public ip address> | |
# open another terminal | |
open vnc://localhost | |
# | |
# On the mac EC2 instance, resize the APFS container to match EBS volume size | |
# https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-mac-instances.html#mac-instance-increase-volume | |
# | |
PDISK=$(diskutil list physical external | head -n1 | cut -d" " -f1) | |
APFSCONT=$(diskutil list physical external | grep "Apple_APFS" | tr -s " " | cut -d" " -f8) | |
sudo diskutil repairDisk $PDISK | |
# Accept the prompt with "y", then paste this command | |
sudo diskutil apfs resizeContainer $APFSCONT 0 | |
# | |
# (optional) On the mac EC2 Instance, set screen resolution | |
# https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-mac-instances.html#mac-screen-resolution | |
# | |
brew tap jakehilborn/jakehilborn && brew install displayplacer | |
displayplacer list | |
displayplacer "id:<screenID> res:<width>x<height> origin:(0,0) degree:0" | |
RES="2560x1600" | |
displayplacer "id:69784AF1-CD7D-B79B-E5D4-60D937407F68 res:${RES} scaling:off origin:(0,0) degree:0" | |
@sebsto after I followed these steps and trying to create a tunnel by command below
ssh -L 5900:localhost:5900 -C -N -i ec2-user@
then I am facing an error that
bind [127.0.0.1]:5900: Address already in use
channel_setup_fwd_listener_tcpip: cannot listen to port: 5900
Could not request local forwarding
@glebsonik : this is because port 5900 on your local machine is already used. Maybe you have Screen Sharing enabled ?
You can just use a different port :
ssh -L 5555:localhost:5900 -C -N -i ec2-user@IP_ADDRESS
Then
open vnc://localhost:5555
Thanks a lot @sebsto !!! It works!!!
Cnn this access, that I provided for vnc, be disabled somehow to avoid some insecurity issues?
@glebsonik. Yes you can disable screen sharing by going to System Preferences => Sharing
https://support.apple.com/en-gb/guide/mac-help/mh11848/mac
or using the same command in the terminal with the option « access off »
This is fantastic and was very informative for me.
I was becoming very frustrated with not being able to get Xcode installed on AWS mac1.metal AMI for build processes and this helped to cure many headaches.
Understanding that the SSH command opens a tunnel to localhost for my RealVNC was very helpful, as well as the commands to sync up the available disk space after increasing the storage volume.
Thanks for this Gist @sebsto
You can change the screen resolution with EC2 Mac Instances now: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-mac-instances.html#mac-screen-resolution
Thank you @scottmalkie for the update
This was absolutely vital and the missing part of documentation for Github runners. Big thanks to everyone who contributed to these efforts.
@scottmalkie thanks for the great info. However, it appears displayplacer list
only shows a connection after a VNC connection is established. Are you aware of an approach that provides native display capabilities (as a macOS equivalent to Xfvb) without requiring a connection to be opened? Note: we're exploring using Macs in a CI/CD context.
On a related note, I saw a comment that M1 Macs may support that out of the box.
Is there a way to run an instance with a disabled SIP?
@startergo it is not currently possible to disable SIP on EC2 Mac. Fully enabling and disabling SIP requires restarting the EC2 Mac host in Recovery mode. Unfortunately, this is not possible for EC2 Mac instances as there's no way for you to access the host once it's in Recovery Mode.
Even with tunneling via SSH I just get "Screen Sharing is not permitted on “localhost”. Disable and re-enable Screen Sharing or Remote Management in System Settings before trying again." after entering user/pass.
@torarnv this gist is 4 years old. Have you check the official documentation ?
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/connect-to-mac-instance.html
thank you @sebsto
Update: I have tried Anydesk as a remote app. I can see now a better response.