June 8, 2006

Building a heterogeneous home network for Linux and Mac OS X

Author: Kris Shaffer

You can find plenty of information online about building heterogeneous networks involving Windows, but relatively little about connecting Macs with Linux PCs in a home or small office network. Mac OS X's Unix base, however, means there are plenty of good options for networking a Mac with a Linux PC, despite the relative lack of documentation. In this article, I'll discuss how to set up Mac-Linux printer and file sharing using NFS and SSH.Printer sharing

Setting up printer sharing is fairly easy. Either the Mac or the Linux machine can physically host the printer. To share a Mac's printer with a Linux PC, open System Preferences on the Mac (found in the Apple menu, or in /Applications), and select "Sharing." Under the Services tab, check the box for "Printer Sharing." Under the Firewall tab, if the firewall is running, check the box next to "Printer Sharing" to open the appropriate port. Make sure the printer is on and connected to the Mac, which itself is on and connected to the network, and take note of the Mac's IP address, which you can find in System Preferences -> Network. Select your method of connecting to the Internet, and then click the TCP/IP tab.

To use the printer in Linux, you must add a new network printer at:

http://mac-ip-address:631/printers/mac-printer-queue-name or

and specify it as "Raw." In KDE 3.4, you can add a printer with the Printing Manager. Open it, select "Add," then "Add Printer/Class." In the wizard that comes up, select "Remote CUPS Server," then "Anonymous." When prompted, enter the IP address of the Mac as "host," and make sure the port is 631. The list of Mac printers should come up. Select the appropriate printer, and on the next dialog select "Raw printer (no driver needed)." Following this you'll see several dialogs where you can set appropriate options (the defaults are likely fine) and a name for the printer. If you have any problems authenticating at the end of this process, try performing it in administrator mode.

To share a Linux PC's printer with a Mac, first verify that your firewall is leaving open the printing port (631, most likely). To use the Linux printer on the Mac, open the Printer Setup Utility (found in /Applications/Utilities). Click "Add," and in the menu that comes up, select "IP Printing." For Printer Type, select "Internet Printing Protocol," and for Printer Address, enter the IP address of the Linux machine. For Queue Name, enter the printer's queue name in Linux. In the KDE Printing Manager, you can find this by selecting the printer and the Information tab, which will show the printer's URI. It will look something like


Take the queue name from the end of this URI, enter it into the Printer Setup Utility, and click "Add." (You can leave the driver as "Generic.") The printer is now ready to go on your Mac. If you like, select the printer and click on "Show Info" to change the printer name.

File sharing

There are several options available for sharing files between a Mac and a Linux PC, including FTP, SSH/SFTP, NFS, SMB/Samba, and AFP (with Netatalk). While all of these have their place, I will focus on the two which I have found to be the most useful for building a Linux-Mac network from scratch: NFS and SSH. Both are *nix friendly, both work well both ways (Mac as server, Linux as client; Linux as server, Mac as client), and each caters to a different kind of user.

NFS (Network File System) is a protocol for file sharing that allows a client computer to mount a remote disk or directory (called a "share") on the local filesystem. These shares show up in the file manager, looking and functioning just like a local directory. With NFS, the server setup dictates which client machines are allowed access to which directories and with what privileges, and clients can be set up to mount these shares automatically upon login. If set up properly, NFS is convenient and secure; if set up improperly, however (allowing read-write privileges to any machine on the subnet, for example), it can be very insecure.

SSH (secure shell), on the other hand, is not a file sharing protocol in the traditional sense. It allows a user to log on to a remote machine via a client (typically via a terminal), with all the privileges that user typically has on that machine. Rather than restricting access and privileges according to IP address, it restricts according to user. Though SSH does not mount the remote directory in the local file system, a Linux file manager can view and perform operations on an SSH account graphically (via the Fish (FTP over SSH) protocol, implemented as the fish:// preface in a URL). The Mac Finder cannot use Fish (though alternate file managers and FTP/SFTP applications can).

Each of these protocols, then, is suited to different security needs and different networking situations.

NFS setup

To access a Linux share on a Mac, you must first set up the NFS export on the Linux machine. There is a detailed tutorial on Linux.com that covers setting up both server and client on Linux, and there are also easy setup tools that come with many distributions (such as YaST for SUSE Linux). However, probably the easiest way to set up NFS sharing -- in KDE, anyway -- is to right-click in Konqueror on the directory you want to share, click on "Share," and in the dialog that opens, check the box for "Share with NFS (Linux/UNIX)." There is also a button for "More NFS Options," which leads to a dialog to set up an allowed host (use the IP address of the machine you want to allow access -- you can include wildcards to allow the whole subnet access) and access parameters for that host (see man exports for a complete list of parameters). Double-check that your firewall allows the NFS Server service, and start or restart the NFS server (a quick reboot is the easiest way). The export should now be good to go.

To access and mount the shared directory on a Mac, try a utility called NFS Manager, which has a free, fully functional demo version. After downloading and installing the software, run NFS Manager and authenticate by clicking the padlock and entering an administrator's username and password. Once authenticated, click on "Add Entry." In the dialog, enter the IP address of the NFS Server (the Linux machine) and the path of the NFS share. (You can also select the share from a list of available shares, after you've entered the server IP address.) Specify the mount point and change any of the default options you like, then click OK. To finalize the link, restart the Mac or click "Activate Changes..." in NFS Manager. If all is well, your NFS share will be available in the Finder under "Network" or at your specified mount point, and it will automatically mount every time you boot the Mac. Anytime you make changes to the share on the server or the client, you must restart the NFS service (reboot or "activate changes") on both machines for changes to take effect.

NFS Manager can also facilitate sharing a Mac folder or drive with the Linux machine. In NFS Manager, authenticate, select the "NFS Shares" tab, and click "Add entry." In the dialog, select or enter the path to the folder you want to share, set the appropriate access parameters, and click OK. Once again, click "Activate Changes," and your export is ready to go. To access the Mac shared folder on a Linux machine, set up your NFS client just as if it were accessing another Linux machine's NFS share, using the Mac's IP address, path to shared folder, and a desired local mount point. (See the Linux.com tutorial for detailed instructions, or use your distribution's setup tool.) Reboot the Linux machine, or restart the DNS service, and you will be able to access the remote folder in the local filesystem. As with the Mac client, most recent Linux distributions will automatically mount the remote share when booting up.

SSH setup

SSH setup is very easy. To access a Mac from a Linux machine, first enable "Remote Login" in System Preferences -> Sharing -> Services on the Mac. Then go to the Firewall tab and make sure that the firewall leaves the SSH port (22) open. In the Linux terminal, you can now access the Mac with

ssh username@mac-ip-address

While SSH is typically used for remote administration in the terminal, or for SFTP transfers to and from remote servers, it can also function as a file sharing protocol. Entering

fish://username@mac-ip-address/path or

in your file manager's address bar, you get graphical access to your Mac's filesystem, with all the right-clicking and drag-and-dropping you like. You can even create a desktop link to the fish:// URL for one click access. SSH doesn't mount the Mac filesystem (or whatever part of it your user account has access to) in the Linux filesystem, but most of the NFS file-sharing functionality is there, plus the advantages of SSH. It's also easier and quicker to get started than NFS, though it only connects when you request, not when you boot.

To access a Linux machine from a Mac via SSH, make sure that the firewall does not block the SSH port on the Linux machine. You can log in to the Linux machine remotely in a terminal with

ssh username@ip-address

Since remote SSH connections don't mount into the Mac filesystem, and since the Finder's "Connect to Server" command (in the Go menu) does not support SSH or SFTP, many Mac users will be disappointed to find that Mac OS X does not display remote filesystems connected via SSH/SFTP in the Finder. Primary access remains with the terminal, or with an FTP/SFTP client such as Cyberduck. However, there are several applications available for Mac OS X that use SSH to run ad hoc or regularly scheduled backup or mirroring of local files and folders onto a remote server, or vice versa -- such as RBrowser and rsync. SSH support isn't as comprehensive, at least graphically, on a Mac OS X client as on a Linux client, but it does prove a secure and easy-to-use solution for certain file-sharing uses, in addition to its uses for remote administration.

Which to use?

One of these protocols will meet the needs of most folks looking to build a Mac-Linux home network. For those who want to allow their roommates or guests read-only access to media files, NFS is probably the way to go. For individuals or families which own more than one computer that everyone has access to, SSH may provide a better framework, since it assigns permissions based on user privileges, not machine IP addresses. In my case, I have a laptop which I periodically back up onto my desktop, which has a bigger hard drive and a DVD burner. For me, either protocol would do the job, but SSH allows me to schedule regular backups which transfer only new and changed files, and to perform other remote administration tasks as well. It also potentially allows me to connect my laptop to a different network and access it from another machine on that network with little effort, thus making one-time connections to a friend's or colleague's computer for a large file transfer easy to accomplish.

Getting Macs and Linux PCs to play nice is relatively easy. And with NFS, SSH, and many other protocols out there (FTP, SMB, AFP), you're sure to find a networking scheme that fits your needs.

Kris Shaffer is a graduate student in music theory at Yale University and an avid open source software enthusiast. He is co-editor-in-chief of AmSteg.org, an online resource for young composers and music theorists, and he has written articles on Linux and open source software for Linux Journal, Newsforge.com, and Linux.com.

Click Here!