TweetFollow Us on Twitter

Mac in the Shell: ssh Basics and More

Volume Number: 23 (2007)
Issue Number: 10
Column Tag: Mac in the Shell

ssh Basics and More

Is there anything ssh can't do?

by Edward Marczak


If it weren't for OS X, I'd probably be toting around a FreeBSD laptop now. While OS 9 had its charms, when I first fired up under OS X 10.0 and used ping to test a network route, I knew it was a keeper (and it didn't even look that good back then!). The command shell was an environment I was comfortable in, and had the tools I needed to get work done. However, I often need to open up a shell on a remote machine. More than any other command, I probably use ssh the most. At the very least, it's the one I'd most miss. Why? What's the draw and advantage here? Read on and find out.

Across the desert lies the promised land

In the beginning, there was telnet. Telnet allowed one access to a command environment on a remote machine, typically Unix-based. It was a fine way of doing so for a very long time - until the Internet-with-a-capital-I came along. Since telnet passed along all information in clear text, anyone between you and your remote session could happily sniff and read everything you typed, or that the host sent back to you. That's just not cool, man.

ssh was created by Tatu Ylonen in 1995 and was originally released under an open-source license. This initial release formed version 1 of the ssh protocol. After forming SSH Communications, versions of ssh became commercial, with free for non-commercial use versions. Both versions went closed-source. In 1997, however, there was a movement to make the ssh protocol and Internet standard under the IETF. This led to version 2 of the protocol, which cleaned up some security issues, bugs, and made other reliability enhancements.

Meanwhile, in 1999, the OpenBSD team, took the early open source version of Tatu Ylonen's code and began modifying and rewriting, to bring it up to current standards. This is what became OpenSSH, and was released in December 1999. Markus Friedl added support for version 2 of the ssh protocol in early 2000.

Fast forward a bit, and under OS X "Tiger", we're blessed with version 4.5p1 of this venerable application. While we can use ssh as a simple remote login replacement of telnet (and rlogin...and rsh), it has quite a bit more functionality. Let's dig in.

If You Want To View Paradise...

The basics of ssh are pretty straightforward. A machine that you want to access, called the server, must be running sshd, the ssh server daemon, which will listen on some port (22 by default). Under OS X, this is accomplished via the "Sharing" pref pane. Simply check the box next to "Remote Login", as in Figure 1.

Figure 1 - Enabling ssh in the Sharing Pref Pane

We're even given instructions: "To log in to this computer remotely...". Of course, these instructions may not be entirely correct, depending on certain circumstances. In figure 1, the pref pane is picking up an IP address from one of my Parallels interfaces, so, its advice is completely bogus. Be sure to figure out your own appropriate IP address - an external one if necessary - before blindly trusting what the pref pane tells you.

As of OS X 10.4, sshd doesn't run continuously, but is run by launchd on demand. launchd listens on the port specified in the sshd.plist file, and when a connection is made, launchd fires up sshd and passes along the connection. It's due to this that you won't see sshd in a process listing, even though you've enabled it (as you will in 10.3...or FreeBSD and Linux, for that matter).

Button, button, who's got the button?

Now that you have a machine acting as a server, what can you do with it? For starters, you can access a shell on the remote machine from any ssh client. This includes clients running on Linux/BSD, OS X, Windows or even a smart phone that has ssh capabilities (like the Nokia N800). That's cool enough on its own. We can't have Apple Remote Desktop from our iPhone, but I can access my OS X Server using a non-Apple smart phone. Brilliant!

Since we're living in OS X-land, let's pretend our client lives there. Pop open, and simply:

ssh user@host

You'll be asked for a password, and then presented with a remote shell. Couldn't be easier. If you have the muscle memory built up from the telnet days, you can also supply the user name with the "-l" switch, like I tend to do:

ssh -l admin

You can also supply the port, if the server is running on something besides the well defined ssh port of 22:

ssh -l admin -p 8022

Finally, if you want a little more detail about what's going on, use one or more verbose switches (-v):

ssh -v -l admin -p 8022

Once you have your remote shell, you can start typing, just as if you were sitting at a console connected directly to that machine. One last tip: if you're using the defaults, and your current user name is the same as what you'll pass off to the remote, simply give the host name:


Easy, right?

It All Comes Out In The Wash

Of course, the first 's' in ssh stands for "secure". You should have noticed that the first time you connect to a server, you're asked to verify and accept the host's key. The exchange looks something like this:

$ ssh
The authenticity of host ' (' can't be established.
RSA key fingerprint is cd:42:72:31:47:15:80:e6:31:36:66:f1:56:ef:db.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '' (RSA) to the list of known hosts.
marczak@'s password:
Last login: Wed Aug 29 10:56:25 2007

Also note the part about "permanently the list of known hosts". This list is kept in ~/.ssh, in a file named "known_hosts". Don't forget that the "." In front of the file name means that it's hidden in terminal unless you use the "-a" switch with ls. (OK - or if you're root, or have performed some other trickery with environment variables, etc. If you've done that, then you probably know what you're doing...move along, nothing to see here). ssh adds both the host's key, dns name and IP address to the known_hosts file.

If the host key ever changes, you'll be notified when you connect:

Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
Please contact your system administrator.
Add correct host key in /Users/marczak/.ssh/known_hosts to get rid of this message.
Offending key in /Users/marczak/.ssh/known_hosts:70
RSA host key for has changed and you have requested strict checking.
Host key verification failed.

...and you'll be left back at a prompt, rather than connecting. If the host's key and IP address change, you will see a different message:

The RSA host key for has changed,
and the key for the according IP address
has a different value. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
Offending key for IP in /Users/marczak/.ssh/known_hosts:59

All of this helps keep the first 's' in ssh! In the next section, I'll talk a little bit about configuration of ssh, but do know that you can turn this feature off. Doing so will warn you, but still allow you to connect:

$ ssh -l root Warning: the RSA host key for' differs from the key for the IP address '' Offending key for IP in /Users/marczak/.ssh/known_hosts:27 Matching host key in /Users/marczak/.ssh/known_hosts:30 Are you sure you want to continue connecting (yes/no)? yes Password: Last login: Wed Aug 29 10:56:25 2007

These are excellent things to be mindful of as you use ssh.

You've got to go forwards to go back

Now that you have the basics down, let's look at some configuration options. On an OS X machine, you'll find the file /etc/sshd_config that configures the sshd server. Since this is an introductory and cookbook type article, I won't exhaustively detail every option, but only ones that impact the options I'll refer to in this article itself.

If you open up /etc/sshd_config, you'll notice that much of it is commented out with "#" symbols. This shows the default values of these parameters. Uncommenting them will allow you to change the values. Unlike other varieties of Unix, and thanks to launchd, just make the change, and it will go into effect upon next connection. Since sshd isn't really running all the time, there's no need to HUP or restart it.

Any ssh server exposed to the Internet - directly or through a firewall via port forwarding or PAT - should immediately uncomment the "PermitRootLogin" line, and change it to "no".

Now, that was a bit simplistic, and on OS X Server, we need to take one other thing into account: if we're running Open Directory. An unadorned ssh server is needed when creating an Open Directory replica. The replica uses ssh to connect to the OD master and transfer the LDAP database. So, you can either a) not expose an OD master to the Internet - use another machine for remote ssh access - or b) remember to toggle this back when adding a replica.

On the client side, you can edit /etc/ssh_config. I typically add the following two lines to any client I touch immediately:

TCPKeepAlive yes
ServerAliveInterval 30

Just tack these onto the end of the stock ssh_config file. These will 'ping' the server using a handshake protocol that stops your from getting dropped if you're idle.

As referenced earlier, if a server's key changes, you'll be stopped from connecting in the default state. This is controlled by the "StrictHostChecking" option. It's set to "yes". While possibly unfriendly, a host's key should basically never change, so, I recommend leaving it set this way. Other possible values are "no", which just blindly adds the new host key to your known_hosts file, and "ask", which warns you and asks if you would still like to connect. If you answer "yes", the new key will be added to your known_hosts file at that point.

Nicely, you can specify options as parameters, so, if you use DHCP to hand out client addresses, many times the IP address will not match the key as recorded - properly so. If you are connecting to a host that you know will not match, you can leave your /etc/ssh_config file alone, and for this time, use this:

ssh -o stricthostkeychecking=ask

There are nice man pages for both ssh_config and sshd_config that explain each option.

I am extraordinarily busy, sir

So, now you have an ssh server, or servers to use, as every OS X machine in your midst is potentially an ssh server. "Remote Login" is enabled by default on OS X Server, and I enable it on OS X in my standard operating environment (SOE) images. What can we do from here?

One thing that makes life with ssh very sweet is password-less login. While this is possible in a single-sign on environment, you may be dealing with machines that aren't part of this setup. Password-less login uses the keys that were referenced above. To do so, you need to generate a public key for your account, and transport that key to any server that you'd like to login on without using a password. Here's a short tutorial/how-to.

First, generate your keys:

$ ssh-keygen -t rsa -b 2048

You'll receive the following output, during which, you can press return to accept the defaults for each question:

Generating public/private rsa key pair.
Enter file in which to save the key (/Users/edacct/.ssh/id_rsa): 
Created directory '/Users/edacct/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /Users/edacct/.ssh/id_rsa.
Your public key has been saved in /Users/edacct/.ssh/
The key fingerprint is:
47:51:7b:ec:de:61:b4:e0:23:7d:fc:bd:1f:65:8c:11 edacct@Jack-Kerouac.local

Again, simply press return for each question - including the passphrase questions.

Second, notice the line that states, "Your public key has been saved in /Users/edacct/.ssh/". This is the file that we need to transport to the server, and add its contents to the target account's authorized_keys file. You can do this several different ways, and I'll cover one simple one here.

Simply `cat /Users/edacct/.ssh/ | pbcopy` (substituting the appropriate account name), which will place the contents of your key onto the clipboard, or "paste buffer", ready to be pasted (Apple-v or Edit->Paste). Now, ssh into the target machine. For example:


You'll still need to supply your password, as we haven't altered the server yet. Once in, edit the ~/.ssh/authorized_keys file, and tack the paste buffer onto the end:

$ vi .ssh/authorized_keys

ssh-rsa CAAB5NzaC1yc2ECBEBIwAAAQEAvyDnmn09A6z2dHJrh8RXq5BVoJOIW4OZPZ4ex++
mYNkuyaVyfe07NInQPHebr9asvrEa6F9zxmqB3Ngn2baw== edacct@Jack-Kerouac.local

This may be the only entry in the file, which is just fine. If there are already entries, navigate to the end and place this on its own line.

Finally, logout of the target machine, and then ssh right back in again. This time, you should find yourself logged in, no password asked of you. While this may be a convenience when you're working interactively, the real bonus comes in when using ssh or scp (a utility that copies data over an ssh connection) in a script - no human present. Also, you'll see further on that ssh can do much, much more than simply present you with a remote interactive shell.

Little surprises around every corner

Let's get to the good stuff. You've seen the basics, but what else can ssh do to make your tech life easier and better?

Port Forwarding

Port forwarding may be one of the more popular 'alternative' ways to use ssh. Why the heck would you want to do that? Well, the simple reason is that you can protect clear-text protocols in this manner. Take POP mail retrieval for example. Typically, not only are the username and password sent in the clear, but the body of each message is transferred in plain text. If you're at a conference, or sitting in your local WiFi-equipped coffee shop, you're exposing all of this information to anyone that wants to sniff it. And that's just not cool. So, we tunnel it through ssh.

Here's an example, and then we'll dissect it:

ssh -N -L

This tells ssh:

-N no interactive shell, thankyouverymuch.

-L On this local machine, take port 8110, and forward all requests to's port 110. is the id that we're authenticating with, and the host that we're forwarding through, which, in this case, is that same as the remote destination itself.

You're still connecting to a host, but then the "-L" switch tells that host what to do with packets arriving on the port you specified. Interestingly, you can forward to another machine that the remote machine has access to. Let's say that your office has a single ssh bastion host, but you need to tunnel to another machine on that LAN. No prob. Just forward to that machine:

ssh -N -L 8110:

What's going on here? Look at figure 2, which may help.

Figure 2 - ssh tunneling pass-through

In Figure 2's example, the firewall at has port 22 port forwarded to Telling ssh to connect to gw really connects us to server. handles the ssh connect, authentication and session, but then, as instructed by the "-L" switch, passes the traffic through to's port 110.

Once a port forward is in place, it's your local machine that now has a port open for listening. So, in the example of POP that we've been using, you'd need to tell your mail program that the server is at localhost, or, running on port 8110. Of course, this then gets shuttled over the ssh connection to the designated remote machine on the designated port.

Remote Port Forwarding

Remote port forwarding allows the remote machine to define the tunnel. For instance, take this example:

ssh -N -R 8022:

This tells the ssh server - the machine that you're ssh'ing into - to take traffic on port 8022, and pass it back along to the client machine at - itself, on port 22. In this case, the server is, and the client is whatever machine you're on. Then, from, we can simply:

ssh -l marczak -p 8022 log into the remote host. What's happening here? Let visualize it again:

Figure 3 - Remote port forward

You, at have a very restrictive firewall in place that doesn't allow any incoming connections. However, it does allow you to get an ssh connection out. To allow someone on to ssh into your machine, you create a reverse port forward. We ssh into loud with the "-R 8022:" parameter. This tells to listen on port 8022, and forward it along to the client. Then, someone on loud can connect to the local port of 8022, which will forward along to us over ssh.

You can even connect two separate machines this way, however, some configuration changes must be made. On the server (, the /etc/sshd_config file must be modified. Change the line:

#GatewayPorts no


GatewayPorts yes

Additionally, you must also specify "-g" on the ssh command line, which tells the server to allow remote connections to use the forwarded port.

Again, let's visualize:

Figure 4 - Remote port forward with gateway mode enabled

On, remote port forward to, using this command:

ssh -N -g -R 8022:

Now, is listening on port 8022 on all interfaces, and passing it through to on port 22. On the laptop in figure 4, you can access - even though it's not allowed by the firewall - simply by connecting to

ssh -p 8022

Note that the account used is an account on!


Certainly one of the lesser-known features of ssh is its ability to act as a SOCKS proxy. Rather than forward a specific port, or ports, SOCKS is a dynamic proxy, forwarding any ports requested. This doesn't solve every problem, though, as applications must be written with SOCKS proxy support. Most web browsers support SOCKS, as do many ftp clients.

To test this, open a web browser, I'm going to target Safari here, and go to Make a note of your ip address as it shows to an external web site. In a local shell, run this:

ssh -N -D 9999

...where is a machine on a remote network that you have ssh access to. Once complete, open Safari's preferences and choose the advanced tab, or, go right for the Network Preference pane. If you're using a different web browser, adjust the proxy setting accordingly.

Figure 5 - SOCKS proxy configuration

Apply the changes and now, reload the whatismyip page. See? All requests look like they're coming from the remote machine. Note, though, that if you're counting on this for security or privacy, don't. For web browsing, cookies, Google analytics and others will foil you. Also, your DNS requests are not re-routed, so, those requests will still show up in your local or ISPs DNS server.

Passing Commands

If given a command, ssh will run that command on the remote host and return the output to you:

$ ssh last
ladmin    ttyp9                     Thu Aug 16 07:39   still logged in
ladmin    ttyp9                     Thu Aug 16 07:39 - 07:39  (00:00)
ladmin    console  loud.radiotope.c Thu Aug 16 07:39 - 07:44  (00:04)
marczak   console  loud.radiotope.c Tue Aug 14 17:30 - 07:39 (1+14:09)

This is, naturally, incredibly handy for scripts, and a great way to collect remote data about hosts.

You can also run commands that require interaction, however, try it, and you may get some strange results, and a message like this:

ssh vi .ssh/known-hosts
Vim: Warning: Output is not to a terminal
Vim: Warning: Input is not from a terminal

What's happening? Since ssh is just expecting to run the command and bail out, there's no real terminal allocated for the environment. Never fear, as you can tell ssh that you'd like a pseudo tty allocated for this very reason. Just use the "-t" flag. This is handy when using an editor remotely, using an IRC client from a remote machine, or finding that server with nethack on it!

One great trick is to gather your server list somewhere, and to run the same command on each. While this could be a full script, here's a one liner to see who's logged into 3 different servers using the w command:

servers=""; for host in $servers; do ssh user@$host "w"; done

Of course, setting this up with password-less keys will really make this script useful.

Moving Data

With an ssh server running, there are several options for transferring data to and from that system. Two methods are distinct binaries that install alongside the ssh app itself.

The first is scp. The 'secure copy' application tunnels the copy across an ssh link. Its invocation resembles the standard cp command:

scp local_file

This copies 'local_file' to "account's" home directory, in the folder "path", naming the result "remote_name". To copy from a remote server, just reverse the source and destination:

scp ./$1

This copies "some_file" from "account's" home directory on into the current working directory, giving it the same name. Like cp, you can use the "-r" switch to recursively copy entire directories.

When installed with the sftp subsystem, an ssh server also offers an ftp-like interactive interface. Just use 'sftp' in place of 'ftp':

$ sftp
Connecting to
sftp> ls
Applications     Desktop    Desktop DB    Desktop DF   Documents
Library    Movies    Music    Pictures    Public    Sites
memberd_dump.log    test.jpg   test2.jpg 
sftp> get test2.jpg
Fetching /Users/marczak/test2.jpg to test2.jpg
/Users/marczak/test2.jpg      100% 38KB 38.0KB/s   00:00
sftp> quit

Anyone familiar with an ftp shell should be immediately comfortable with sftp.

scp and sftp are fine, fine utilities. However, we're OS X people, and we have certain needs. We like our data fork and resource fork to get transferred. We like our metadata on the complete side. Neither of which scp and sftp will do. Let's take advantage of pipes and redirection.

If we're local on an OS X box and want to copy data, ditto is the preferred method. Written specifically for OS X, we get to have our data fork and resource fork, too. We can extend this by taking ditto's output and sending it not to a disk-based file, but to standard out. Pipe this into ssh, which will happily read it and spit it out on the remote end. Let's start with a simple example:

cat data.txt | ssh -l user '(cat > data2.txt)'

First, we send data.txt to standard out using cat. This is piped to ssh, which connects to the remote host, which in turn takes the piped data, passes it over the encrypted connection, and passes it in to the subshell on standard in. We run commands that take standard in and write it to the file data2.txt. Let's extend on this:

ditto -c MyFolder -|ssh ditto -x - ./MyFolder

The first part, before the pipe, is a standard ditto command. The "-c" switch tells ditto to create a cpio archive of the data it's receiving. The trailing hyphen ("-") tells ditto to send its output on standard out. From there, the data is piped to ssh, connecting to, where the data is piped into ditto running on the remote computer. The "-x" switch on the remote tells ditto to expect cpio archive formatted data, followed by a single hyphen, forcing data to be read from standard in. Finally, we tell ditto on the remote what folder to put all of this data into.

The examples in this section are extremely powerful, and allow you to move massive amounts of data in a safe fashion. Combine these with some of the port forwarding techniques listed earlier, and you can reach hosts potentially not possible for you before.

Finally, it would be foolish of me not to mention rsync. While I covered ditto first due to its OS X-specific nature, rsync is a much more efficient application all around if you need data forks only. This turns out to cover the vast majority of data. Of course, I bring this up as rsync can transport over ssh without any fancy shell piping tricks. Just use the "-e" switch:

rsync -ave ssh --delete /path/to/data

Appropriate for anything not containing a resource fork or Mac-specific metadata that you wish to keep intact.

Other Apps

Finally, note that many GUI apps that offer a remote connection, such as Dreamweaver, TextWrangler or your favorite ftp application will offer to do so over ssh or sftp (ssh protected ftp), protecting your content, id and password.

You'll get a stomachache if you swallow it like that

ssh was designed for security - we can now see that. Like anything, though, your implementation must be well thought out. Here are some things to watch out for.

ssh can't protect you against weak passwords! The few times I've heard of an OS X machine getting hacked, it was because the owner had an account named "test" with a password of "test" enabled on the machine. Another popular one is "game" and "game". DON'T MAKE THIS MISTAKE! Choose strong passwords, don't allow passwords at all, or restrict the users that can access the machine via ssh.

The password issue also burns people setting up OS X Server. OS X Server enables root by default. It also enables sshd ("Remote Login"). Where does root's password come from? It comes from the initial admin account that is set up when you first install the server. So, if your initial admin password is weak, and decide to change it later, do not forget to change root's password as well! Past that, they're out of sync.

Also, for you network administrators: ssh should pretty muck make you sick. If you didn't get the dry-heaves reading the section on remote port forwarding, go read it again and think of the implications. Like anything, security is a balance. If you run any networks where guests are allowed access, think hard about allowing them outbound ssh.

There are options in sshd_config that will appeal to the security conscious. Check out the man page and implement appropriately. In particular, look at the following options: ignorerhosts, rhostsauthentication, rhostsrsaauthentication, rsaauthentication, passwordauthentication, permitemptypasswords and uselogin.

I'm sorry, but all questions must be submitted in writing

So, to answer the original question: is there anything that ssh can't do? Well, it won't make you julienne fries, however, you could certainly ssh into a fry maker and control it remotely! I had hoped to also cover a shell that makes ssh control over multiple machines a breeze, but this info seemed to be more than enough. The other info will have to wait for a future column. In the meantime, get some practice with the techniques described here. I'm sure you'll come to depend on them in short order!

Media of the month: Liam Finn's debut album, "I'll Be Lightning". I'm always keeping my ears open for something new, unique and fresh. Liam delivers. If you're an iTunes person, it's currently only available on the Australian iTunes store. CD hits America this January.

Speaking of January, Macworld will be upon us again. Despite the seeming feeling that we're always making plans for some Mac show...I hope you're making your plans for Macworld, and to see you there.

Ed Marczak owns and operates Radiotope, a technology consulting company that focuses on networking, server automation and business process management. He believes that small businesses can use the same tools afforded to enterprise-class customers. How can this help?


Community Search:
MacTech Search:

Software Updates via MacUpdate

Hopper Disassembler 4.2.19- - Binary dis...
Hopper Disassembler is a binary disassembler, decompiler, and debugger for 32- and 64-bit executables. It will let you disassemble any binary you want, and provide you all the information about its... Read more
Duet - Use your iPad as an exter...
Duet is the first app that allows you to use your iDevice as an extra display for your Mac using the Lightning or 30-pin cable. Note: This app requires a $14.99 iOS companion app. Version Read more
Monosnap 3.4.0 - Versatile screenshot ut...
Monosnap lets you capture screenshots, share files, and record video and .gifs! Capture Capture full screen, just part of the screen, or a selected window Make your crop area pixel perfect with our... Read more
Tweetbot 2.5.3 - Popular Twitter client.
Tweetbot is a full-featured OS X Twitter client with a lot of personality. Whether it's the meticulously-crafted interface, sounds and animation, or features like multiple timelines and column views... Read more
Default Folder X 5.1.6 - Enhances Open a...
Default Folder X attaches a toolbar to the right side of the Open and Save dialogs in any OS X-native application. The toolbar gives you fast access to various folders and commands. You just click on... Read more
Evernote 6.12.3 - Create searchable note...
Evernote allows you to easily capture information in any environment using whatever device or platform you find most convenient, and makes this information accessible and searchable at anytime, from... Read more
Geekbench 4.1.2 - Measure processor and...
Geekbench provides a comprehensive set of benchmarks engineered to quickly and accurately measure processor and memory performance. Designed to make benchmarks easy to run and easy to understand,... Read more
Carbon Copy Cloner 5.0.2 - Easy-to-use b...
Carbon Copy Cloner backups are better than ordinary backups. Suppose the unthinkable happens while you're under deadline to finish a project: your Mac is unresponsive and all you hear is an ominous,... Read more
BetterTouchTool 2.305 - Customize multi-...
BetterTouchTool adds many new, fully customizable gestures to the Magic Mouse, Multi-Touch MacBook trackpad, and Magic Trackpad. These gestures are customizable: Magic Mouse: Pinch in / out (zoom... Read more
calibre 3.8.0 - Complete e-book library...
Calibre is a complete e-book library manager. Organize your collection, convert your books to multiple formats, and sync with all of your devices. Let Calibre be your multi-tasking digital librarian... Read more

The best new games we played this week -...
It's pretty much been one big release after another. We were privy to a bunch of surprises this week, with a lot of games we'd been waiting for quite some time dropping unexpectedly. We hope you're free this weekend, because there is a lot for... | Read more »
Stormbound: Kingdom Wars guide - how to...
Stormbound: Kingdom Wars is an excellent new RTS turned card battler out now on iOS and Android. Lovers of strategy will get a lot of enjoyment out of Stormbound's chess-like mechanics, and it's cardbased units are perfect for anyone who loves the... | Read more »
The best AR apps and games on iOS right...
iOS 11 has officially launched, and with it comes Apple's ARKit, a helpful framework that makes it easier than ever for developers to create mobile AR experiences. To celebrate the occassion, we're featuring some of the best AR apps and games on... | Read more »
Phoenix Wright: Ace Attorney - Spirit of...
Phoenix Wright: Ace Attorney - Spirit of Justice 1.00.00 Device: iOS Universal Category: Games Price: $.99, Version: 1.00.00 (iTunes) Description: ************************************************※IMPORTANT※・Please read the “When... | Read more »
Kpressor (Utilities)
Kpressor 1.0.0 Device: iOS Universal Category: Utilities Price: $4.99, Version: 1.0.0 (iTunes) Description: The ultimate ZIP compression application for iPhone and iPad. - Full integration of iOS 11 with support for multitasking.-... | Read more »
Find out how you can save £35 and win a...
Nothing raises excitement like a good competition, and we’re thrilled to announce our latest contest. We’ll be sending one lucky reader and a friend to the Summoners War World Arena Championship at Le Comedia in Paris on October 7th. It’s the... | Read more »
Another Lost Phone: Laura's Story...
Another Lost Phone: Laura's Story 1.0 Device: iOS Universal Category: Games Price: $2.99, Version: 1.0 (iTunes) Description: Another Lost Phone is a game about exploring the social life of a young woman whose phone you have just... | Read more »
The Witness (Games)
The Witness 1.0 Device: iOS Universal Category: Games Price: $9.99, Version: 1.0 (iTunes) Description: You wake up, alone, on a strange island full of puzzles that will challenge and surprise you. You don't remember who you are, and... | Read more »
Egg, Inc. guide - how to build your gold...
Egg, Inc.'s been around for some time now, but don't you believe for one second that this quirky clicker game has gone out of style. The game keeps popping up on Reddit and other community forums thanks to the outlandish gameplay (plus, the... | Read more »
The best deals on the App Store this wee...
Good news, everyone! Your favorite day of the week has arrived at last -- it's discount roundup day! This fine Wednesday evening we're gathering up the hottest deals on the App Store. We've got action platformers, we've got puzzle games, we've got... | Read more »

Price Scanner via

Looking for a 2017 12″ Retina MacBook? Save $...
Apple has Certified Refurbished 2017 12″ Retina MacBooks available for $200-$240 off the cost of new models. Apple will include a standard one-year warranty with each MacBook, and shipping is free.... Read more
Apple Offering Up To $455 Credit Toward iPhon...
iPhone 8 and 8 Plus are now available at the Apple Store, and you can receive up to $375 credit toward a new iPhone purchase when you trade in your eligible smartphone. Photo Courtesy Apple Just... Read more
AnyTrans Offers iOS Users Three Ways For Movi...
iMobie Inc. today announceed AnyTrans v6.0.1, which now can help iOS users move all data to iPhone 8/8 Plus seamlessly. The software is available both on Mac and Windows and fully able to move all... Read more
Snag a 13-inch 2.3GHz MacBook Pro for $100 of...
B&H Photo has 2017 13″ 2.3GHz MacBook Pros in stock today and on sale for $100 off MSRP, each including free shipping plus NY & NJ sales tax only: – 13-inch 2.3GHz/128GB Space Gray MacBook... Read more
Verizon offers new iPhone 8 for $100-$300 off...
Verizon is offering the new iPhone 8 for up to $300 off MSRP with an eligible trade-in: • $300 off: iPhone 6S/6S Plus/7/7 Plus, Google Pixel XL, LG G6, Moto Z2 Force, Samsung Galaxy S7/S7 edge/S8/S8... Read more
Apple Refurbished 2017 13-inch MacBook Pros a...
Apple has Certified Refurbished 2017 13″ Touch Bar MacBook Pros in stock today and available for $200-$300 off MSRP. A standard Apple one-year warranty is included with each MacBook, and shipping is... Read more
OWC USB-C Travel Dock with 5 Ports Connectivi...
OWC have announced the new OWC USB-C Travel Dock, the latest addition to their line of connectivity solutions. The USB-C Travel Dock lets you connect its integrated USB-C cable to a Mac or PC laptop... Read more
Pelican Products, Inc. Unveils Cases For All...
Pelican Products, Inc. has announced the launch of its full line of cases including Voyager, Adventurer, Protector, Ambassador, Interceptor (for the Apple iPhone 8 and 8 Plus backwards compatible... Read more
$100 off new 2017 13-inch MacBook Airs
B&H Photo has 2017 13″ MacBook Airs on sale today for $100 off MSRP including free shipping. B&H charges NY & NJ sales tax only: – 13″ 1.8GHz/128GB MacBook Air (MQD32LL/A): $899, $100 off... Read more
Apple restocks Certified Refurbished 13-inch...
Apple has Certified Refurbished 2015 13″ MacBook Airs available starting at $719 and 2016 models available starting at $809. An Apple one-year warranty is included with each MacBook, and shipping is... Read more

Jobs Board

Instructional Designer, *Apple* Product Doc...
Job Summary The Apple Product Documentation team is looking for an instructional designer or a video editor to write user documentation for its professional video Read more
*Apple* Retail - Multiple Positions - Apple,...
Job Description: Sales Specialist - Retail Customer Service and Sales Transform Apple Store visitors into loyal Apple customers. When customers enter the store, Read more
Development Operations and Site Reliability E...
Development Operations and Site Reliability Engineer, Apple Payment Gateway Job Number: 57572631 Santa Clara Valley, California, United States Posted: Jul. 27, 2017 Read more
Specialist - Retail Customer Services and Sal...
The position listed below is not with Tennessee Interviews but with Apple , Inc. Tennessee Interviews is a private organization that works in collaboration with Read more
Specialist - Retail Customer Services and Sal...
The position listed below is not with South Carolina Interviews but with Apple , Inc. South Carolina Interviews is a private organization that works in collaboration Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.