Works with iTunes 10 and Lion
After (mostly unsuccessful) Googling for how to stream iTunes over SSH, I finally tracked down the difficult bits myself and put together a four three-line script:
#!/bin/sh dns-sd -P "Home iTunes" _daap._tcp local 3689 localhost.local. 127.0.0.1 "Arbitrary text record" & trap "kill $!" 0 1 2 15 ssh -C -N -L 3689:localhost:3689 myusername@blahblahblah.dyndns.org
Update: I’ve cut this down to three lines using trap
Update: You can do this with iPhoto too.
Update: Works with OS X 10.7 Lion.
Multicast DNS (mDNS) and DNS Service Discovery (DNS-SD) Test Tool
We need to trick iTunes into thinking our home computer is on our local network, because if you’re sitting in Starbucks, then your home computer is not on your local network (and if it is, then you need to address your caffeine addiction). For that we use a tool quietly sitting at /usr/bin/dns-sd that provides a command line interface to the DNS-SD libraries which is normally accessible to programmers via /usr/include/dns_sd.h. Like all good libraries, it helps to have a command line reference tool for scripters, and dns-sd works great for us.
iTunes uses Multicast DNS (mDNS) and DNS Service Discovery (DNS-SD) to announce its presence and to look for other iTunes instances. Apple calls this technology Bonjour (formerly Rendezvous), but it is also known as Zero Configuration Networking (www.zeroconf.org).
The dns-sd man page only gives a few of the many options available. Typing dns-sd at the command line shows you more options but without much explanation.
$ dns-sd dns-sd -E (Enumerate recommended registration domains) dns-sd -F (Enumerate recommended browsing domains) dns-sd -B <Type> <Domain> (Browse for services instances) dns-sd -L <Name> <Type> <Domain> (Look up a service instance) dns-sd -R <Name> <Type> <Domain> <Port> [<TXT>...] (Register a service) dns-sd -P <Name> <Type> <Domain> <Port> <Host> <IP> [<TXT>...] (Proxy) dns-sd -Z <Type> <Domain> (Output results in Zone File format) dns-sd -Q <FQDN> <rrtype> <rrclass> (Generic query for any record type) dns-sd -C <FQDN> <rrtype> <rrclass> (Query; reconfirming each result) dns-sd -X udp/tcp/udptcp <IntPort> <ExtPort> <TTL> (NAT Port Mapping) dns-sd -G v4/v6/v4v6 <Hostname> (Get address information for hostname) dns-sd -V (Get version of currently running daemon / system service) dns-sd -A (Test Adding/Updating/Deleting a record) dns-sd -U (Test updating a TXT record) dns-sd -N (Test adding a large NULL record) dns-sd -T (Test creating a large TXT record) dns-sd -M (Test creating a registration with multiple TXT records) dns-sd -I (Test registering and then immediately updating TXT record) dns-sd -S (Test multiple operations on a shared socket)
We’ll use the Proxy option -P to indicate that the service we’re advertising will be rerouted, in our case through an SSH tunnel.
dns-sd -P <Name> <Type> <Domain> <Port> <Host> <IP> [<TXT>...] (Proxy)
Looking at the relevant line in our script we see how we match up the fields.
dns-sd -P "Home iTunes" _daap._tcp local 3689 localhost.local. 127.0.0.1 "Arbitrary text record" & PID=$!
Note: Some people need “localhost” and others need “localhost.local.” for this to work. Not sure what’s different about people’s systems. Try both. Updated 1 Sept 2010
The Name parameter will show up in iTunes as the name of the iTunes library we’re sharing. It doesn’t have to be the actual name of the library, so we’ll just use Home iTunes as a convenient placeholder.
Port 3689 is the port used by iTunes for sharing music.
The “Arbitrary text record” is just that—an arbitrary chunk of text that’s required for dns-sd to properly process the command.
The next line of our command, PID=$! saves the process id of the command we just executed into a variable $PID which we’ll need in order to neatly shutdown the proxy when our SSH tunnel closes.
The SSH Tunnel
We use SSH to connect to our home machine and forward connections from our remote machine’s port 3689 (in Starbucks) to our home machine’s port 3689, where you left iTunes up and running before you left this morning (right?).
ssh -C -N -L 3689:localhost:3689 myusername@blahblahblah.dyndns.org
The -C option turns on compression, which may not do much good for streaming MP3’s but a) it doesn’t hurt, and processors are much, much faster than your bandwidth, and b) don’t forget that you’ll be receiving a description of your home iTunes library, which is probably a rather sizable XML file.
The -N option says we’re not executing an SSH command but rather just sitting here port forwarding until the connection is broken (like when you leave Starbucks).
The -L “listen” option is covered extensively in tutorials all over the Internet, but in short it says, “listen for local connections to port 3689 and forward them to the other end and try connecting to localhost on its port 3689.”
The myusername@blahblahblah.dyndns.org portion will be dependent on how you connect to your home computer over SSH. Again, that’s covered in detail all over the Internet. If your remote computer is secured, you might consider using SSH keys to allow automatic login. Then you can put this script in ~/Library/Scripts and launch it from the global scripts menu, if you have that activated.
Cleanup
When the SSH connection eventually closes, such as when you close your laptop or disconnect from the network, the ssh command will exit, and kill $PID will run which closes down the dns-sd proxy, so you won’t see it in iTunes anymore.
Packaging
I find it helpful to put this script in ~/Library/Scripts so that I can execute from my global Scripts menu in my menubar, but it’s up to you how you want to launch it. Good luck.
Robert Harder, PhD 
Thanks for the instructions. Unfortunately, I can’t seem to make them work. Am I right in thinking that the only thing I need to do is to substitute into the myusername@blahblahblah.dyndns.org part of your 4-line script? I’ve done that, and I have SSH certificates working (I can ssh into the remote machine from the command line without any hitches), but still no joy.
If it makes a difference, I have iTunes 9.0.2 Mac on both ends.
You are correct. Do you see the “Home iTunes” entry in iTunes? And presumably you have iTunes running on the other end. Now I’m curious — wish I knew what was hanging it up.
Hmmmm–as an IT guy, I feel embarrassed to say that it worked when I tried it again this morning. I have no idea why it didn’t work yesterday. Sorry for the false alarm, and thanks for the response. (If I do pick up some pattern of it not working, I’ll let you know.)
Thanks for taking the time to respond!
Ian
worked like a charm. Thanks!
Great tutorial! Has anybody made it work with Home Sharing? It would be really cool not only to stream music but also to copy it.
PERFECT !!!
I’ve haven’t explored which ports Home Sharing uses and what that protocol is, but I’d be curious to adapt the script for it. -Rob
works perfectly with mt-daap server on debian. thx!
iTunes uses two ports (http://support.apple.com/kb/TS2972) but I have tried forwarding both without any luck.
Great post! However I can’t make it work…
The ssh tunnel part seems to work fine when using Network beacon. When I turn of Network Beacon and use dnd-sd instead, iTunes recognizes an empty library.
On ubuntu karmic, I put together the following script by combining the instructions here with instructions from elsewhere, and it works well:
#!/bin/sh
mywanip=`curl -s checkip.dyndns.org|sed -e ‘s/.*Current IP Address: //’ -e ‘s/<.*$//'`
avahi-publish-address -v -H {local_machine_name}.local -s "DAAP" _daap._tcp. 6689 &
PID=$!
ssh username@remoteserver -N -f -L ${mywanip}:6689:localhost:3689
kill $PID
Any ideas?
How do we tell the dns-sd the folder containing all the content. ?
am surprised that we do not need to run daapd.
It didn’t work for me initially but when I looked at what the (working) Network Beacon app had, I did dns-sd like this with one extra dot and FQ host name and it worked:
dns-sd -P “iTunes Remote” _daap._tcp. local 3689 localhost.local. 127.0.0.1 “” &
Thanks for sharing!
Bill
10.6.3 / iTunes 9.1.1
Works a treat. Combined with PPK authentication this is a piece of cake to use.
My only problem is that my served library consists entirely of ALAC files, and the stream has to keep re-buffering. Hopefully choosing “Streaming Buffer Size: Large” in iTunes Advanced prefs will apply to this.
Thanks for providing a solution that’s still current BTW – others seem to rely on now-defunct software (SimplifyMedia) or grossly out-of-date software (RendezvousProxy – last updated in 2003!)
Thanks to Bill’s for his note (4/28/2010), the dns-sd command line he gave was essential for me to get it working.
I recently had to change the word “localhost” to “localhost.local.” for no known reason. Works again. Will update instructions above. -Rob
Is it just me, or does this no longer work with iTunes 10?
Works for me with iTunes 10 on both computers as well as when I tried iTunes 10 on my laptop with iTunes 9 on the home computer. Try the whole “localhost” vs “localhost.local.” thing discussed in the comments.
Good stuff!
A couple of questions:
1) how would you do it if you wanted to stream from multiple locations?
2) it seems like this trick can work not only for itunes but for every bonjour type service, as long as you know the port it’s listening on, you can do the forwarding trick, right?
This trick would work for many Bonjour services, though it could be defeated if the programmer specifically wanted to defeat it. I don’t have the ability to test streaming from multiple sources, but I would start by modifying the above script to be something like this (changes local port numbers and remote hostname):
#!/bin/sh
dns-sd -P “Another Home iTunes” _daap._tcp local 3690 localhost.local. 127.0.0.1 “Arbitrary text record” &
PID=$!
ssh -C -N -L 3690:localhost:3689 myusername@elsewhere.dyndns.org
kill $PID
Thanks so much for this … how would this work going from win7 (at work) to iMac at home?
Oooh, you got me there. The SSH part is easy, but the dns-sd part — it’s not on Windows 7. I suppose it’s open source, so one could try compiling it, probably under Cygwin. Not sure that it would compile w/o the other BSD-ish things.
http://www.opensource.apple.com/source/mDNSResponder/mDNSResponder-161.1/mDNSShared/
Sweet … it was already in my Cygwin package. Next step … remembering if i left iTunes on at home. D’oh.
whats the best way to debug iTunes connecting to the remote library? is there anyway to get verbose logs of the connection?
its trying to connect to the home itunes but not sure the state of the connection.
Just making sure, but this is to be run on the remote/client machine, correct? I guess I’m having a little trouble understanding why the client needs to broadcast to the server about it’s mDNS service. Wouldn’t the server normally broadcast to the client?
Anyways, brilliant post. Closest thing I’ve found so far getting iTunes to stream remotely (that isn’t from 2003 or beyond).
Scratch the “closest thing I’ve found” part. Just running your script on my client machine works.
Awesome! This worked without a hitch. Thanks a lot for the post.
This is a fantastic solution. I have one problem in that it won’t stream MP3 files in my remote library. Movies, AAC and Purchased content all stream quickly. MPEG (MP3) won’t play at all. any ideas?
Thank you for posting this solution!!!
@Michael Sorry, I don’t know what to tell you. My setup streams MP3s just fine. I’m not sure what could be the problem.
just a noob question:
I run the terminal command on mac at home and got the Home itunes showing as SHARED but have no idea how to access the itunes from work (windows 7 environment)
“Got a reply for record localhost.local.: Name now registered and active”
showing at home
please advise
Thanks
@Lucci That’s a much bigger question than can be answered in comments. You want to run the equivalent of the command “ssh -C -N -L 3689:localhost:3689 myusername@blahblahblah.dyndns.org” on your Windows box to connect to your home computer, possibly through a router at home too. You might try PuTTY for a Windows SSH app. The dyndns.org thing is another matter; you need a way to identify your home network’s external IP address. If you have a router, you’ll have to set up port forwarding. Sorry if that’s TMI, but try Googling for some of these terms. Good luck. -Rob
Thanks Robert, working flawlessly – but need to run it line by line every time.
Do you have any idea how to put everything together in a script so I can just double click on it?
Thanks
@Benny I recommend putting it all in a script file. For instance, copy and paste the lines into TextEdit, and save the file as something like “connect.command”. Then make it executable: “chmod +x connect.command”. Now from the Finder you can double click on that file to run the command. If you’re familiar with the system-wide scripting menu, you could also put the script there for easy access. (http://en.wikipedia.org/wiki/AppleScript#Script_Launchers)
Wow, that was really easy,
Thank you for the post and your help
all working great now.
Very interesting post, since dns-sd and ssh are available on the iPhone (jailbroken), how could this be modified to allow the Remote application to work over the internet / 3G to control a remote iTunes machine?
I believe the whole ‘localhost’ vs. ‘localhost.local.’ has to do with fully qualified DNS names. It appears that ‘locahost.local.’ is correct and absolute, while ‘localhost’ is relative and ambiguous. More info here:
http://www.dns-sd.org/TrailingDotsInDomainNames.html
The technique in this blog post USED to work for me, but now I get this error message when I do the dns-sd:
Got a reply for record localhost.local.: Name in use, please choose another
When I check using “dns-sd -B _daap._tcp. local” I get a record:
14:00:34.882 Add 2 4 local. _daap._tcp. JRG_PW
An iTunes library with that name appears in my Sharing tab. Could it be that someone else is using this technique on my local network, and this prevents me from doing it as well?
Hey guys, this seems to be the only active thread about wan itunes streaming so here goes nothing. My iTunes server is os x. My remote computer is most often xp based. Network beacon works great on the os x side (ie I can see my remote pc’s library remotely over my vpn). I want to be able to go the other way. I’ve tried all the RendezvousProxy versions with no luck. Any idea?
@Keith I wonder if maybe the script is running twice?
@Ryan I missed something. You can see your XP (or similar) library OK? From….? I would have through you were trying to access your Mac’s iTunes library from a remote XP box. No?
Correct on both counts. So basically just for kicks I put a couple of songs on the remote pc. Connected to my home network via vpn. Opened up network beacon on the mac server, pointed it at the remtote pc, it popped up on the mac server itunes, i connected and I could see those couple pc songs remotely through built in itunes sharing. Going the other way, (pc connecting to the mac server) is what I can’t figure out, of course this is what I would really like… I can’t find any type of daap proxy that isn’t way outdated like network beacon on the mac side. I just need some way on the pc side to spoof the bonjour daap signal and have it point to the mac itunes server. SSH isn’t really needed for me since I have the vpn set up. Thanks!
@Ryan I see, and since there’s no dns-sd tool for Windows… There’s a Java Bonjour library jmdns; I wonder if one could piece together a dns-sd kind of tool out of that. http://jmdns.sourceforge.net/
hmmm, if I get a chance maybe I can shoe horn the new libraries into the the old rendexvousproxy program. Don’t really feel like recreating the wheel. If the new libraries are compatible with Bonjour/new versions of iTunes maybe I’ll get lucky…
So guess what, i popped a different hd into the same pc laptop ran rendezvousproxy and it showed right up in itunes… Must be getting blocked internally somehow on the other instal, I have no idea by what though. I turned off all firewalls/virus protection… I’m at wits end… Not sure what is preventing it on the other install.
Great post!
As for Chris, I am also interested into streaming to iphone (no jailbreak) via SSH.
Pros:
– encrypted data transfer (secure)
– no third party server
I have read some related pages
http://forums.fireflymediaserver.org/viewtopic.php?f=2&t=10024
but do not really get idea.
Any of you does it?
Hi All,
I have run this script from my work mac to my home mac, Terminal shows “Name now registered and active” and iTunes shows my home library under Shared. However, it’s completely empty of content. Is this a possible problem since I have my iTunes library not on the startup disk at home?
Thanks
Ok, I switch localhost.local to just localhost and now it appears to be loading the remote library, however, it keeps timing out before it finishes loading. Ideas?
Thanks for figuring out the hard part with the script! Worked great on the first try, and I’m certainly no crackpot at networking.
Should I have any security concerns about leaving a port open?
@jeffrey Not sure about the timeout thing. It might be that iTunes is seeing the “fake” dns-sd broadcast but is still not actually connecting to the host computer (which has iTunes running, right?)
@kerry It’s less secure than not having the port open, but to mitigate: use a strong password, use a strong password, use a strong password, deactivate all remote users but those who need access (System Preferences -> Sharing), truly geek out and see my post multi-factor authentication! http://wp.me/puBa6-34
I got it to work in Windows using Cygwin. Just make sure to install openssh and use the exact same commands. No issues whatsoever.
An alternative to the kill “$PID” command is to put the following right after the PID=$! line:
trap “kill $PID” 0 1 2 15
This is a more sure way to kill the process, in case the script itself dies rather than just the ssh connection dying.
This setup works great as long as the iTunes (server) is already running on the remote machine. But what if it isn’t?
Right now you have set ssh to connect with a ‘-N’ null command which doesn’t do anything.
Instead you can tell the remote machine to open iTunes, so that it can be ready to process music requests. On a local host, this can be done with Applescript like this:
osascript -e ‘tell application “iTunes” to run’
The ‘oscascript’ command allows to invoke Applescript from the command line, and this script simply tells iTunes to start (and does nothing if iTunes is already running).
To do this remotely takes a little extra oomph. You would change your existing ssh call to add a real command like this…
ssh -C -L 3689:localhost:3689 myusername@blahblahblah.dyndns.org
‘(‘ osascript -e “‘”tell application ‘”‘iTunes'”‘ to run”‘;” sleep 1000000000 ‘)’
The quoting is unfortunate, but something like that is necessary to get past two shell invocations. The sleep command causes the session to hang indefinitely (33 years actually), which mimics the previous behavior, and allows your error trapping to work.
Hi, NIce but does not work for me,
I use iTunes 10.4.1 and i have this follows errors messages:
debug1: Connection to port 3689 forwarding to localhost port 3689 requested.
debug1: channel 3: new [direct-tcpip]
debug1: Connection to port 3689 forwarding to localhost port 3689 requested.
debug1: channel 4: new [direct-tcpip]
debug1: Connection to port 3689 forwarding to localhost port 3689 requested.
debug1: channel 5: new [direct-tcpip]
channel 3: open failed: administratively prohibited: open failed
channel 4: open failed: administratively prohibited: open failed
debug1: channel 3: free: direct-tcpip: listening port 3689 for localhost port 3689, connect from 127.0.0.1 port 49382, nchannels 6
debug1: channel 4: free: direct-tcpip: listening port 3689 for localhost port 3689, connect from 127.0.0.1 port 49383, nchannels 5
channel 5: open failed: administratively prohibited: open failed
Is someone could help me to understand my mistake or found a way ?
And I forgot I use 10.7.1 Server.
ssh work nice,
but my iTunes 10.4.1 close session when select shared playlist ?
Hi Robert.
I’m just wondering if I could use this technique to stream the music remotely from my Synology Diskstation which has a iTunes server running on it which is NAS sitting on my home network? Any suggestions would be amazing!
Modifications in itunes always looks impressive and i enjoyed these innovations. This is fantastic post about itunes and their applications. Thanks for this post
After some searching on this matter your post provided the much needed “Yes, that’s it, exactly!” – effect. Excellent article, thanks a lot for the help!
My terminal command line is displays:
“dynamic-oit-vapornet-f-3306:~ username$”
This persists through restarting the computer which surprised me.
Does this indicate the proxy is still open? even though I am not 100% sure what this means I would like to be able to get back where I started “computer name:~ username$”
you are a legend, works 100%
I changed it slightly so that I don’t ssh in, but rather vpn into my home network and change the 127.0.0.1 to the ip of my itunes server.
Once VPN’ed in I just run this command:
dns-sd -P “Home iTunes” _daap._tcp local 3689 localhost.local. 192.168.1.3 “Arbitrary text record”
and my library pops up.
Great info, thanks. I’m forwarding “iTunes” library from Linux running Firefly Media Server to iTunes on Windows.
I connect to remote network using VPN and then use dns-sd comand to discover the library, which by the way is running on separate subnet than VPN.
Thanks!
Doesn’t seem to work with iTunes 11
It works fine for me with iTunes 11. Thank you for the excellent instructions.
I’m actually connecting to iTunes remotely over an OpenVPN tunnel.
Home Mac Linode Virtual Machine Work Mac
My Linode machine runs an OpenVPN server with client-to-client enabled, so I simply replaced the localhost stuff with the virtual VPN address of my home Mac (as well as a name I gave it in /etc/hosts).
This has the advantage of not needing to open up any ports from the Internet to home Mac.
The formatting was lost in my little ASCII diagram above. Basically the Linode VM allows my home and work Macs to communicate directly.
The easiest way to stream iTunes over internet
http://my.opera.com/boedr/blog/2013/01/21/stream-itunes-over-internet-for-dummies
I can see ituneserver in itune under shared tree. But how to browse that out of home network from iphone ?
Not sure if there’s a good way to do this from the iPhone… -Rob
Thanks for the blog, very useful. I got this working with a VPN connection. Just use the first line without the need for the ssh port forwarding.
@Robert Harder
Hey Rob, I tried replicating this tutorial, and it worked some of the time. I combined this tutorial (http://dyn.com/support/bonjour-and-dns-discovery/) to set up my DYNDNS side of things (just using a registered hostname like blahblahblah.dyndns.tv didn’t work) and then tunneled via SSH as you described above and I can see my shared iTunes library locally in a remote location only sometimes. The ssh doesn’t always connect consistently erroring out with a “channel 2: open failed: administratively prohibited: open failed” description. Any idea why my ssh connection isn’t consistent? Tried plain ssh without any flags to get to access my remote machine and that always works perfect.
What I was curious about was if I you could apply this tutorial with Home Sharing service for iTunes instead. The port I believe Home Sharing is associated with is 5353 TCP/UDP I believe. Here are is a resource: http://support.apple.com/en-us/HT202944 and
Has anyone used this process of SSH + DNS-SD using iTunes 12 and Yosemite on both the local and remote machines? … I haven’t been able to get it to work.
@Andy
I’m in the same boat as you. After I updated to iTunes 12 and the current version of Yosemite I lost the ability to stream. It worked perfectly before the upgrade so I have no doubt that is what screwed things up. In fact, my wife’s laptop hasn’t been updated yet and this solution works just fine. I suspect Apple locked this down for a reason; to herd users into their paid steaming service…
@Andy @ 600_emails checking in to report it not working. OS X 10.10.2, iTunes 12.1.0.50
@Miles I’m not sure about using Home Sharing. For that matter I’m not sure why Apple keeps making this so difficult. Are the few geeks that figure out how to stream really cutting into their crummy, buggy iTunes Match service, which I still pay for anyway? *sigh* -Rob
@Chris
I downgraded my iTunes from 12.1.0.50 back to 12.0.1.26 and VOILA streaming works again…
I’m on OSX 10.10.2 so the limitation here was indeed the new version of iTunes, 12.1.0.50…
I followed this “How To” video to clobber out the new instance of itunes with the old using pacifist:
Are there any news on getting streaming to work on iTunes 12?
Besides downgrading to 12.0.1.26?
@Mike
No.
iTunes 12 actually cares about “Arbitrary text record”, it turns out. Easiest thing to do is discover it on your iTunes server and have dns-sd on the local machine deliver the same data. See https://macfoo.net/iTunes_Library_Sharing_Over_the_Internet.html for details.
@rj
❤
I’ve tried your method, and iTunes will ‘see’ the library, but it tries to load and then ultimately doesn’t work.
@Chris
cancel that, i’m an idiot… works great
@Chris
I
I second that…You are an idiot and this works perfectly.
Hi,
(not sure if anyone still reads this)
I’ve been happily using this method for some years but a couple of years ago it started to fail for me. I verified that the _daap._tcp service instance is aviailable, but the shared library doesn’t show in my iTunes.
~$ dns-sd -B _daap._tcp local
Browsing for _daap._tcp.local
DATE: —Fri 03 Jun 2016—
15:11:51.278 …STARTING…
Timestamp A/R Flags if Domain Service Type Instance Name
15:11:51.278 Add 2 4 local. _daap._tcp. ParkiTunes
More info about my setup:
“server side” (iTunes serving my music from home):
– Mac OX El Capitan 10.11.5
– iTunes 12.4.0.119
“client side” (office iTunes where I want to listen to music):
– Mac OS Yosemite 10.10.5
– iTunes 12.4.1.6
Any help is appreciated. thanks.
@Pius
further note: I noticed someone mentioned sth about iTunes 12 caring about the “Arbitrary text record” but the page https://macfoo.net/iTunes_Library_Sharing_Over_the_Internet.html fails to load. Can someone describe what is needed here? thanks.
Variations of this method have been working for me for ages, so thanks for this, but after lots of experimenting, it turns out that the new Music app in macOS 10.15 Catalina is suddenly EVEN MORE picky about that “arbitrary” text record. It will still try to connect, and act as if it does so successfully, but will not play any listed songs if the TXT record is at all incomplete.
Based on the recommendations from some others above, I did ultimately get it working again by copying and pasting the full text record that is being broadcast locally from my home sharing machine. Worth noting that my Home Sharing library is currently being hosted by an ancient version of iTunes (12.8.2.3), and yet this is working fine for me now on multiple 10.15.x clients.
So the full process is
1) on a machine on your home network, issue the following command:
dns-sd -Z _daap._tcp
2) look in the resulting output screen for the TXT record that is associated with Home Sharing (daap) on the computer that’s sharing its library, and copy the whole thing. It’s gonna be about a dozen double-quoted strings, like so:
“txtvers=1” “Version=196621” “MID=0xFFFF8507D7FFFFF” “Database ID=DFFFF7372726FFFF” “Machine ID=FFFFB2C0FFFF” “dmv=131085” “OSsi=0x1F5” “Media Kinds Shared=66635” “iTSh Version=196623” “Password=1” “Machine Name=My Library”
3) on your tunneling machine at work, use that entire TXT record at the end of your dns-sd command when you are setting up the broadcast for the tunneled daap. This is a sanitized example of the two lines that are currently working for me:
ssh -fNL :36890:127.0.0.1:3689 myhomeuser@203.0.113.123
dns-sd -R “My Library” _daap._tcp local 36890 “txtvers=1” “Version=196621” “MID=0xFFFF8507D7FFFFF” “Database ID=DFFFF7372726FFFF” “Machine ID=FFFFB2C0FFFF” “dmv=131085” “OSsi=0x1F5” “Media Kinds Shared=66635” “iTSh Version=196623” “Password=1” “Machine Name=My Library”
Note that I’m presenting the service at 36890 instead of 3689 to avoid conflict with daap on the tunneling machine. Hope this is helpful to others who are still trying to use this method in 2020. 🙂