Command-Tab

Planning to run Hamachi under Mac OS X 10.5 Leopard? Please read this updated post instead.

Over the weekend, I had the need to create a VPN (Virtual Private Network) between a few MUG members and myself to use iChat through a proxy. I should mention that this did not help our paticular situation, as the proxy/firewall we were attempting to bypass was pickier than we first thought. However, I did learn how to use a great VPN tool, Hamachi, and I thought I would detail the steps needed to get it running under Mac OS X. Hamachi has been discussed at length in various episodes of the Security Now! podcast, which I highly recommend (In particular, episode #18 covers most of Hamachi).

The idea behind Hamachi is to create a secure virtual network between computers over the internet, and get them communicating as if they were all on the same local network together. Having all the computers on the same virtual LAN has numerous advantages, including connecting business networks, playing LAN games, and sharing files. Connections are made secure with the use of various encryption and handshake technologies which prevent prying eyes from seeing the information sent back and forth.

Hamachi for Windows is more advanced than the Mac version as far as point-and-click interfaces go, but the Mac version is quite stable and works just as well. To get started using Hamachi, first download and decompress the latest release. You’ll also need to grab the latest Tun/Tap driver.

First, install the Tap package from the Tun/Tap file you downloaded earlier. Then, open the Terminal in your /Applications/Utilities folder, and type cd Desktop to change directory to your Desktop folder inside your Home folder. Do cd [hamachi], where [hamachi] is the folder that was made when you decompressed the downloaded file. In my case, the folder was titled hamachi-0.9.9.9-20-osx, so I did cd hamachi-0.9.9.9-20-osx. Your Terminal window is now navigated inside of the Hamachi folder, and you’re ready to start installing.

Installing Hamachi is quite easy – almost as easy as installing most Mac OS X applications. Type sudo ./install, followed by your administrator password. The admin password is required because Hamachi installs system-level components to make everything work. After the quick install is done, type sudo tuncfg. Tuncfg (tunnel configuration) sets up the VPN tunnel for Hamachi. From this point onward (until you reboot), your administrator password is not required, as Hamchi does all root level functionality in one fell swoop. Type hamachi-init to generate the cryptographic keys that will be used to protect your data as it speeds throughout the internet. Typing hamachi start will load Hamachi and prepare it for use.

As this point, you would also want to get Hamachi running on any other computers you would like on your virtual network, PC or Mac. PC users need only to download and run Hamachi, and they can all connect to the same network. Once that’s done, you’ll need a network for everybody to connect to. Again in the Terminal window, do hamachi create [network] where [network] is the 4 to 64 character name of the network you’d like to create. If the name is already in use, you can simply try again. When prompted for a password, do not enter your administrator password. What you’re being prompted for is the password to log onto your virtual network. Choose a word or phrase not in the dictionary, preferably longer than 8 characters. For security, the longer the password, the better. After your network is created, you can then instruct all your other computers to join the network using the password you chose.

After all the computers are connected in Hamachi, that’s it! You can view members of the network by doing hamachi list, and connect to their IPs (starting with “5.”) as if they were all on your own local network. One popular use for Hamachi is to share music on iTunes with your home computer (under Preferences, Sharing), and then install Hamachi at work. When both computers are connected, iTunes will be fooled into thinking your home computer is on your work computer’s network, so it will allow you to stream music to your workplace via the internet.

I should note that when your computer is restarted, you’ll have to do sudo tuncfg and hamachi start to re-run Hamachi. Also, the Hamachi OS X ReadMe has a listing of commands to delete networks, evict members, and other useful features that are worth a look.

Now that you’ve come this far “the hard way” by typing in commands and learning how to set up Hamachi on your own at the command line level, you should know about two graphical ways to use Hamachi. After using Hamachi for a few minutes, I thought it would be cool to run a Dashboard widget to control it. A single Google search turned up exactly what I had imagined. A third-party Mac OS X program, HamachiX, is also another great front end to Hamachi on the Mac. Both solutions work quite well, and may save you some time in setting up a quick VPN between your computer and others, anywhere else in the world.