jump to navigation

Stream iTunes over SSH September 28, 2009

Posted by Robert Harder in Utility.
Tags: , , , , ,

Works with iTunes 10 and Lion

After (mostly unsuccessful) Googling for how to stream iTunes over SSH, I finally tracked down the difficult bits myself and put together a four three-line script:

dns-sd -P "Home iTunes" _daap._tcp local 3689 localhost.local. "Arbitrary text record" & 
trap "kill $!" 0 1 2 15
ssh -C -N -L 3689:localhost:3689 myusername@blahblahblah.dyndns.org

Update: I’ve cut this down to three lines using trap

Update: You can do this with iPhoto too.

Update: Works with OS X 10.7 Lion.


Multicast DNS (mDNS) and DNS Service Discovery (DNS-SD) Test Tool

We need to trick iTunes into thinking our home computer is on our local network, because if you’re sitting in Starbucks, then your home computer is not on your local network (and if it is, then you need to address your caffeine addiction). For that we use a tool quietly sitting at /usr/bin/dns-sd that provides a command line interface to the DNS-SD libraries which is normally accessible to programmers via /usr/include/dns_sd.h. Like all good libraries, it helps to have a command line reference tool for scripters, and dns-sd works great for us.

iTunes uses Multicast DNS (mDNS) and DNS Service Discovery (DNS-SD) to announce its presence and to look for other iTunes instances. Apple calls this technology Bonjour (formerly Rendezvous), but it is also known as Zero Configuration Networking (www.zeroconf.org).

The dns-sd man page only gives a few of the many options available. Typing dns-sd at the command line shows you more options but without much explanation.

$ dns-sd
dns-sd -E                  (Enumerate recommended registration domains)
dns-sd -F                      (Enumerate recommended browsing domains)
dns-sd -B        <Type> <Domain>        (Browse for services instances)
dns-sd -L <Name> <Type> <Domain>           (Look up a service instance)
dns-sd -R <Name> <Type> <Domain> <Port> [<TXT>...] (Register a service)
dns-sd -P <Name> <Type> <Domain> <Port> <Host> <IP> [<TXT>...]  (Proxy)
dns-sd -Z        <Type> <Domain>   (Output results in Zone File format)
dns-sd -Q <FQDN> <rrtype> <rrclass> (Generic query for any record type)
dns-sd -C <FQDN> <rrtype> <rrclass>   (Query; reconfirming each result)
dns-sd -X udp/tcp/udptcp <IntPort> <ExtPort> <TTL>   (NAT Port Mapping)
dns-sd -G v4/v6/v4v6 <Hostname>  (Get address information for hostname)
dns-sd -V    (Get version of currently running daemon / system service)
dns-sd -A                      (Test Adding/Updating/Deleting a record)
dns-sd -U                                  (Test updating a TXT record)
dns-sd -N                             (Test adding a large NULL record)
dns-sd -T                            (Test creating a large TXT record)
dns-sd -M      (Test creating a registration with multiple TXT records)
dns-sd -I   (Test registering and then immediately updating TXT record)
dns-sd -S                 (Test multiple operations on a shared socket)

We’ll use the Proxy option -P to indicate that the service we’re advertising will be rerouted, in our case through an SSH tunnel.

dns-sd -P <Name> <Type> <Domain> <Port> <Host> <IP> [<TXT>...]  (Proxy)

Looking at the relevant line in our script we see how we match up the fields.

dns-sd -P "Home iTunes" _daap._tcp local 3689 localhost.local. "Arbitrary text record" &

Note: Some people need “localhost” and others need “localhost.local.” for this to work. Not sure what’s different about people’s systems. Try both. Updated 1 Sept 2010

The Name parameter will show up in iTunes as the name of the iTunes library we’re sharing. It doesn’t have to be the actual name of the library, so we’ll just use Home iTunes as a convenient placeholder.

Port 3689 is the port used by iTunes for sharing music.

The “Arbitrary text record” is just that—an arbitrary chunk of text that’s required for dns-sd to properly process the command.

The next line of our command, PID=$! saves the process id of the command we just executed into a variable $PID which we’ll need in order to neatly shutdown the proxy when our SSH tunnel closes.

The SSH Tunnel

We use SSH to connect to our home machine and forward connections from our remote machine’s port 3689 (in Starbucks) to our home machine’s port 3689, where you left iTunes up and running before you left this morning (right?).

ssh -C -N -L 3689:localhost:3689 myusername@blahblahblah.dyndns.org

The -C option turns on compression, which may not do much good for streaming MP3’s but a) it doesn’t hurt, and processors are much, much faster than your bandwidth, and b) don’t forget that you’ll be receiving a description of your home iTunes library, which is probably a rather sizable XML file.

The -N option says we’re not executing an SSH command but rather just sitting here port forwarding until the connection is broken (like when you leave Starbucks).

The -L “listen” option is covered extensively in tutorials all over the Internet, but in short it says, “listen for local connections to port 3689 and forward them to the other end and try connecting to localhost on its port 3689.”

The myusername@blahblahblah.dyndns.org portion will be dependent on how you connect to your home computer over SSH. Again, that’s covered in detail all over the Internet. If your remote computer is secured, you might consider using SSH keys to allow automatic login. Then you can put this script in ~/Library/Scripts and launch it from the global scripts menu, if you have that activated.


When the SSH connection eventually closes, such as when you close your laptop or disconnect from the network, the ssh command will exit, and kill $PID will run which closes down the dns-sd proxy, so you won’t see it in iTunes anymore.


I find it helpful to put this script in ~/Library/Scripts so that I can execute from my global Scripts menu in my menubar, but it’s up to you how you want to launch it. Good luck.


1. Ian Crew - December 23, 2009

Thanks for the instructions. Unfortunately, I can’t seem to make them work. Am I right in thinking that the only thing I need to do is to substitute into the myusername@blahblahblah.dyndns.org part of your 4-line script? I’ve done that, and I have SSH certificates working (I can ssh into the remote machine from the command line without any hitches), but still no joy.

If it makes a difference, I have iTunes 9.0.2 Mac on both ends.

2. Robert Harder - December 23, 2009

You are correct. Do you see the “Home iTunes” entry in iTunes? And presumably you have iTunes running on the other end. Now I’m curious — wish I knew what was hanging it up.

3. Ian Crew - December 24, 2009

Hmmmm–as an IT guy, I feel embarrassed to say that it worked when I tried it again this morning. I have no idea why it didn’t work yesterday. Sorry for the false alarm, and thanks for the response. (If I do pick up some pattern of it not working, I’ll let you know.)

Thanks for taking the time to respond!


4. Wayne State Web Communications Blog » Blog Archive » [Friday Links] The 2009 Edition - December 27, 2009

[…] Robert Harder » Stream iTunes over SSH […]

5. Neal - January 19, 2010

worked like a charm. Thanks!

6. Michael Knudsen - January 24, 2010

Great tutorial! Has anybody made it work with Home Sharing? It would be really cool not only to stream music but also to copy it.

7. daniel - January 25, 2010


8. Robert Harder - January 25, 2010

I’ve haven’t explored which ports Home Sharing uses and what that protocol is, but I’d be curious to adapt the script for it. -Rob

9. arthur - January 25, 2010

works perfectly with mt-daap server on debian. thx!

10. Michael Knudsen - January 26, 2010

iTunes uses two ports (http://support.apple.com/kb/TS2972) but I have tried forwarding both without any luck.

11. le petit monde d'Arthur » Blog Archive » Partage iTunes avec ssh - February 17, 2010

[…] cherché une solution scriptable.  J’ai finalement trouvé la solution sur le site de Robert Harder. […]

12. Diderik - February 24, 2010

Great post! However I can’t make it work…
The ssh tunnel part seems to work fine when using Network beacon. When I turn of Network Beacon and use dnd-sd instead, iTunes recognizes an empty library.

On ubuntu karmic, I put together the following script by combining the instructions here with instructions from elsewhere, and it works well:

mywanip=`curl -s checkip.dyndns.org|sed -e ‘s/.*Current IP Address: //’ -e ‘s/<.*$//'`
avahi-publish-address -v -H {local_machine_name}.local -s "DAAP" _daap._tcp. 6689 &
ssh username@remoteserver -N -f -L ${mywanip}:6689:localhost:3689
kill $PID

Any ideas?

13. manoj - April 27, 2010

How do we tell the dns-sd the folder containing all the content. ?
am surprised that we do not need to run daapd.

14. Bill - April 28, 2010

It didn’t work for me initially but when I looked at what the (working) Network Beacon app had, I did dns-sd like this with one extra dot and FQ host name and it worked:

dns-sd -P “iTunes Remote” _daap._tcp. local 3689 localhost.local. “” &

Thanks for sharing!


10.6.3 / iTunes 9.1.1

15. SiRGadaBout - May 27, 2010

Works a treat. Combined with PPK authentication this is a piece of cake to use.
My only problem is that my served library consists entirely of ALAC files, and the stream has to keep re-buffering. Hopefully choosing “Streaming Buffer Size: Large” in iTunes Advanced prefs will apply to this.
Thanks for providing a solution that’s still current BTW – others seem to rely on now-defunct software (SimplifyMedia) or grossly out-of-date software (RendezvousProxy – last updated in 2003!)

16. iTunes over SSH — instant-thinking.de - June 3, 2010

[…] gute Nachricht: Nach einem Kommentar von Yann aus dem Januar 2010, der mich auf einen Blogpost bei iharder.net hinwies, konnte das ganze Vorgehen noch ein wenig verschlankt werden und beschränkt sich nun […]

17. Stream music to client via DAAP - July 10, 2010

[…] a Mac client, instructions can be found here: dns-sd -P "Home iTunes" _daap._tcp local 3689 localhost "Arbitrary text […]

18. Ian Boardman - August 23, 2010

Thanks to Bill’s for his note (4/28/2010), the dns-sd command line he gave was essential for me to get it working.

19. Robert Harder - September 1, 2010

I recently had to change the word “localhost” to “localhost.local.” for no known reason. Works again. Will update instructions above. -Rob

20. Josh - September 21, 2010

Is it just me, or does this no longer work with iTunes 10?

21. Robert Harder - September 21, 2010

Works for me with iTunes 10 on both computers as well as when I tried iTunes 10 on my laptop with iTunes 9 on the home computer. Try the whole “localhost” vs “localhost.local.” thing discussed in the comments.

22. zohar - October 4, 2010

Good stuff!

A couple of questions:
1) how would you do it if you wanted to stream from multiple locations?
2) it seems like this trick can work not only for itunes but for every bonjour type service, as long as you know the port it’s listening on, you can do the forwarding trick, right?

23. Robert Harder - October 6, 2010

This trick would work for many Bonjour services, though it could be defeated if the programmer specifically wanted to defeat it. I don’t have the ability to test streaming from multiple sources, but I would start by modifying the above script to be something like this (changes local port numbers and remote hostname):

dns-sd -P “Another Home iTunes” _daap._tcp local 3690 localhost.local. “Arbitrary text record” &
ssh -C -N -L 3690:localhost:3689 myusername@elsewhere.dyndns.org
kill $PID

24. Matt - October 6, 2010

Thanks so much for this … how would this work going from win7 (at work) to iMac at home?

25. Robert Harder - October 6, 2010

Oooh, you got me there. The SSH part is easy, but the dns-sd part — it’s not on Windows 7. I suppose it’s open source, so one could try compiling it, probably under Cygwin. Not sure that it would compile w/o the other BSD-ish things.


26. Matt - October 6, 2010

Sweet … it was already in my Cygwin package. Next step … remembering if i left iTunes on at home. D’oh.

27. Matt - October 6, 2010

whats the best way to debug iTunes connecting to the remote library? is there anyway to get verbose logs of the connection?

its trying to connect to the home itunes but not sure the state of the connection.

28. Jonathan Dumaine - October 8, 2010

Just making sure, but this is to be run on the remote/client machine, correct? I guess I’m having a little trouble understanding why the client needs to broadcast to the server about it’s mDNS service. Wouldn’t the server normally broadcast to the client?

Anyways, brilliant post. Closest thing I’ve found so far getting iTunes to stream remotely (that isn’t from 2003 or beyond).

29. Jonathan Dumaine - October 8, 2010

Scratch the “closest thing I’ve found” part. Just running your script on my client machine works.

30. SpankyM - October 26, 2010

Awesome! This worked without a hitch. Thanks a lot for the post.

31. Michael - November 2, 2010

This is a fantastic solution. I have one problem in that it won’t stream MP3 files in my remote library. Movies, AAC and Purchased content all stream quickly. MPEG (MP3) won’t play at all. any ideas?

Thank you for posting this solution!!!

32. Robert Harder - November 2, 2010

@Michael Sorry, I don’t know what to tell you. My setup streams MP3s just fine. I’m not sure what could be the problem.

33. Robert Harder » Let Front Row Access Other User’s iTunes Account on the Same Computer - November 17, 2010

[…] that item under “Sources,” but it does not. People seem to appreciate my post about Streaming iTunes over SSH, and it turns out that the trick there helps us solve the Front Row problem as well. Running a […]

34. Lucci - November 18, 2010

just a noob question:
I run the terminal command on mac at home and got the Home itunes showing as SHARED but have no idea how to access the itunes from work (windows 7 environment)
“Got a reply for record localhost.local.: Name now registered and active”
showing at home
please advise

35. Robert Harder - November 18, 2010

@Lucci That’s a much bigger question than can be answered in comments. You want to run the equivalent of the command “ssh -C -N -L 3689:localhost:3689 myusername@blahblahblah.dyndns.org” on your Windows box to connect to your home computer, possibly through a router at home too. You might try PuTTY for a Windows SSH app. The dyndns.org thing is another matter; you need a way to identify your home network’s external IP address. If you have a router, you’ll have to set up port forwarding. Sorry if that’s TMI, but try Googling for some of these terms. Good luck. -Rob

36. Benny - November 24, 2010

Thanks Robert, working flawlessly – but need to run it line by line every time.
Do you have any idea how to put everything together in a script so I can just double click on it?

37. Robert Harder - November 24, 2010

@Benny I recommend putting it all in a script file. For instance, copy and paste the lines into TextEdit, and save the file as something like “connect.command”. Then make it executable: “chmod +x connect.command”. Now from the Finder you can double click on that file to run the command. If you’re familiar with the system-wide scripting menu, you could also put the script there for easy access. (http://en.wikipedia.org/wiki/AppleScript#Script_Launchers)

38. Benny - November 25, 2010

Wow, that was really easy,
Thank you for the post and your help
all working great now.

39. Chris - November 27, 2010

Very interesting post, since dns-sd and ssh are available on the iPhone (jailbroken), how could this be modified to allow the Remote application to work over the internet / 3G to control a remote iTunes machine?

40. Jonathan Dumaine - November 28, 2010

I believe the whole ‘localhost’ vs. ‘localhost.local.’ has to do with fully qualified DNS names. It appears that ‘locahost.local.’ is correct and absolute, while ‘localhost’ is relative and ambiguous. More info here:

41. Keith Bettinger - November 29, 2010

The technique in this blog post USED to work for me, but now I get this error message when I do the dns-sd:

Got a reply for record localhost.local.: Name in use, please choose another

When I check using “dns-sd -B _daap._tcp. local” I get a record:

14:00:34.882 Add 2 4 local. _daap._tcp. JRG_PW

An iTunes library with that name appears in my Sharing tab. Could it be that someone else is using this technique on my local network, and this prevents me from doing it as well?

42. Ryan - December 9, 2010

Hey guys, this seems to be the only active thread about wan itunes streaming so here goes nothing. My iTunes server is os x. My remote computer is most often xp based. Network beacon works great on the os x side (ie I can see my remote pc’s library remotely over my vpn). I want to be able to go the other way. I’ve tried all the RendezvousProxy versions with no luck. Any idea?

43. Robert Harder - December 10, 2010

@Keith I wonder if maybe the script is running twice?

@Ryan I missed something. You can see your XP (or similar) library OK? From….? I would have through you were trying to access your Mac’s iTunes library from a remote XP box. No?

44. Ryan - December 10, 2010

Correct on both counts. So basically just for kicks I put a couple of songs on the remote pc. Connected to my home network via vpn. Opened up network beacon on the mac server, pointed it at the remtote pc, it popped up on the mac server itunes, i connected and I could see those couple pc songs remotely through built in itunes sharing. Going the other way, (pc connecting to the mac server) is what I can’t figure out, of course this is what I would really like… I can’t find any type of daap proxy that isn’t way outdated like network beacon on the mac side. I just need some way on the pc side to spoof the bonjour daap signal and have it point to the mac itunes server. SSH isn’t really needed for me since I have the vpn set up. Thanks!

45. Robert Harder - December 10, 2010

@Ryan I see, and since there’s no dns-sd tool for Windows… There’s a Java Bonjour library jmdns; I wonder if one could piece together a dns-sd kind of tool out of that. http://jmdns.sourceforge.net/

46. Ryan - December 10, 2010

hmmm, if I get a chance maybe I can shoe horn the new libraries into the the old rendexvousproxy program. Don’t really feel like recreating the wheel. If the new libraries are compatible with Bonjour/new versions of iTunes maybe I’ll get lucky…

47. Ryan - December 11, 2010

So guess what, i popped a different hd into the same pc laptop ran rendezvousproxy and it showed right up in itunes… Must be getting blocked internally somehow on the other instal, I have no idea by what though. I turned off all firewalls/virus protection… I’m at wits end… Not sure what is preventing it on the other install.

48. Thes - December 21, 2010

Great post!
As for Chris, I am also interested into streaming to iphone (no jailbreak) via SSH.
– encrypted data transfer (secure)
– no third party server

I have read some related pages
but do not really get idea.
Any of you does it?

49. jeffrey - February 5, 2011

Hi All,
I have run this script from my work mac to my home mac, Terminal shows “Name now registered and active” and iTunes shows my home library under Shared. However, it’s completely empty of content. Is this a possible problem since I have my iTunes library not on the startup disk at home?

50. jeffrey - February 5, 2011

Ok, I switch localhost.local to just localhost and now it appears to be loading the remote library, however, it keeps timing out before it finishes loading. Ideas?

51. kerry - February 13, 2011

Thanks for figuring out the hard part with the script! Worked great on the first try, and I’m certainly no crackpot at networking.

Should I have any security concerns about leaving a port open?

52. Robert Harder - February 13, 2011

@jeffrey Not sure about the timeout thing. It might be that iTunes is seeing the “fake” dns-sd broadcast but is still not actually connecting to the host computer (which has iTunes running, right?)

@kerry It’s less secure than not having the port open, but to mitigate: use a strong password, use a strong password, use a strong password, deactivate all remote users but those who need access (System Preferences -> Sharing), truly geek out and see my post multi-factor authentication! http://wp.me/puBa6-34

53. Henrik - February 15, 2011

I got it to work in Windows using Cygwin. Just make sure to install openssh and use the exact same commands. No issues whatsoever.

54. 0xcb0 Blog - March 30, 2011

iTunes Sharing over ssh…

Today I realized that I had not a single song on my notebook hard disk. Thanks to Last.FM Unfortunately “Simplify Media” has been adopted by Google Inc. and the do not offer a similar service yet. So I needed a solution to stream my iTunes …

55. Robert Harder » Stream iPhoto over SSH - June 15, 2011

[…] people seem to have enjoyed my post on Streaming iTunes over SSH, and today I needed to access my home iPhoto library from work. It turns out that we can use the […]

56. Robert Harder - June 15, 2011

An alternative to the kill “$PID” command is to put the following right after the PID=$! line:

trap “kill $PID” 0 1 2 15

This is a more sure way to kill the process, in case the script itself dies rather than just the ssh connection dying.

57. CBGoodBuddy - August 26, 2011

This setup works great as long as the iTunes (server) is already running on the remote machine. But what if it isn’t?

Right now you have set ssh to connect with a ‘-N’ null command which doesn’t do anything.

Instead you can tell the remote machine to open iTunes, so that it can be ready to process music requests. On a local host, this can be done with Applescript like this:
osascript -e ‘tell application “iTunes” to run’
The ‘oscascript’ command allows to invoke Applescript from the command line, and this script simply tells iTunes to start (and does nothing if iTunes is already running).

To do this remotely takes a little extra oomph. You would change your existing ssh call to add a real command like this…

ssh -C -L 3689:localhost:3689 myusername@blahblahblah.dyndns.org
‘(‘ osascript -e “‘”tell application ‘”‘iTunes'”‘ to run”‘;” sleep 1000000000 ‘)’

The quoting is unfortunate, but something like that is necessary to get past two shell invocations. The sleep command causes the session to hang indefinitely (33 years actually), which mimics the previous behavior, and allows your error trapping to work.

58. adam - October 4, 2011

Hi, NIce but does not work for me,
I use iTunes 10.4.1 and i have this follows errors messages:
debug1: Connection to port 3689 forwarding to localhost port 3689 requested.
debug1: channel 3: new [direct-tcpip]
debug1: Connection to port 3689 forwarding to localhost port 3689 requested.
debug1: channel 4: new [direct-tcpip]
debug1: Connection to port 3689 forwarding to localhost port 3689 requested.
debug1: channel 5: new [direct-tcpip]
channel 3: open failed: administratively prohibited: open failed
channel 4: open failed: administratively prohibited: open failed
debug1: channel 3: free: direct-tcpip: listening port 3689 for localhost port 3689, connect from port 49382, nchannels 6
debug1: channel 4: free: direct-tcpip: listening port 3689 for localhost port 3689, connect from port 49383, nchannels 5
channel 5: open failed: administratively prohibited: open failed

Is someone could help me to understand my mistake or found a way ?

59. adam - October 4, 2011

And I forgot I use 10.7.1 Server.
ssh work nice,
but my iTunes 10.4.1 close session when select shared playlist ?

60. Matthew Pitts - November 26, 2011

Hi Robert.

I’m just wondering if I could use this technique to stream the music remotely from my Synology Diskstation which has a iTunes server running on it which is NAS sitting on my home network? Any suggestions would be amazing!

61. kijiji kamloops website rating - January 6, 2012

Modifications in itunes always looks impressive and i enjoyed these innovations. This is fantastic post about itunes and their applications. Thanks for this post

62. Alan - March 30, 2012

After some searching on this matter your post provided the much needed “Yes, that’s it, exactly!” – effect. Excellent article, thanks a lot for the help!

63. jeremiah - June 26, 2012

My terminal command line is displays:
“dynamic-oit-vapornet-f-3306:~ username$”

This persists through restarting the computer which surprised me.

Does this indicate the proxy is still open? even though I am not 100% sure what this means I would like to be able to get back where I started “computer name:~ username$”

64. Alan Kemp - October 3, 2012

you are a legend, works 100%

I changed it slightly so that I don’t ssh in, but rather vpn into my home network and change the to the ip of my itunes server.

Once VPN’ed in I just run this command:
dns-sd -P “Home iTunes” _daap._tcp local 3689 localhost.local. “Arbitrary text record”

and my library pops up.

65. kaspars - November 20, 2012

Great info, thanks. I’m forwarding “iTunes” library from Linux running Firefly Media Server to iTunes on Windows.

I connect to remote network using VPN and then use dns-sd comand to discover the library, which by the way is running on separate subnet than VPN.


66. simon - December 6, 2012

Doesn’t seem to work with iTunes 11

67. carlivar - January 16, 2013

It works fine for me with iTunes 11. Thank you for the excellent instructions.

I’m actually connecting to iTunes remotely over an OpenVPN tunnel.

Home Mac Linode Virtual Machine Work Mac

My Linode machine runs an OpenVPN server with client-to-client enabled, so I simply replaced the localhost stuff with the virtual VPN address of my home Mac (as well as a name I gave it in /etc/hosts).

This has the advantage of not needing to open up any ports from the Internet to home Mac.

68. carlivar - January 16, 2013

The formatting was lost in my little ASCII diagram above. Basically the Linode VM allows my home and work Macs to communicate directly.

69. Boedr - January 20, 2013
70. skin Care products over 50 - May 1, 2014

skin Care products over 50

Robert Harder

71. Kumar - May 17, 2014

I can see ituneserver in itune under shared tree. But how to browse that out of home network from iphone ?

Robert Harder - May 21, 2014

Not sure if there’s a good way to do this from the iPhone… -Rob

72. Matt Shaw - May 22, 2014

Thanks for the blog, very useful. I got this working with a VPN connection. Just use the first line without the need for the ssh port forwarding.

73. mildebriese.de - October 14, 2014


Think Harder » Stream iTunes over SSH

74. Plus Size Bodycon Dress Pattern - October 15, 2014

Plus Size Bodycon Dress Pattern

Think Harder

75. Yudy - October 18, 2014


Think Harder » Stream iTunes over SSH

76. Vicheara - October 22, 2014


Think Harder » Stream iTunes over SSH

77. see here - October 30, 2014

see here

Think Harder

78. Miles - November 23, 2014

@Robert Harder
Hey Rob, I tried replicating this tutorial, and it worked some of the time. I combined this tutorial (http://dyn.com/support/bonjour-and-dns-discovery/) to set up my DYNDNS side of things (just using a registered hostname like blahblahblah.dyndns.tv didn’t work) and then tunneled via SSH as you described above and I can see my shared iTunes library locally in a remote location only sometimes. The ssh doesn’t always connect consistently erroring out with a “channel 2: open failed: administratively prohibited: open failed” description. Any idea why my ssh connection isn’t consistent? Tried plain ssh without any flags to get to access my remote machine and that always works perfect.

What I was curious about was if I you could apply this tutorial with Home Sharing service for iTunes instead. The port I believe Home Sharing is associated with is 5353 TCP/UDP I believe. Here are is a resource: http://support.apple.com/en-us/HT202944 and

79. Andy - March 7, 2015

Has anyone used this process of SSH + DNS-SD using iTunes 12 and Yosemite on both the local and remote machines? … I haven’t been able to get it to work.

80. 600_emails - March 14, 2015

I’m in the same boat as you. After I updated to iTunes 12 and the current version of Yosemite I lost the ability to stream. It worked perfectly before the upgrade so I have no doubt that is what screwed things up. In fact, my wife’s laptop hasn’t been updated yet and this solution works just fine. I suspect Apple locked this down for a reason; to herd users into their paid steaming service…

81. Chris - March 19, 2015

@Andy @ 600_emails checking in to report it not working. OS X 10.10.2, iTunes

82. Robert Harder - March 19, 2015

@Miles I’m not sure about using Home Sharing. For that matter I’m not sure why Apple keeps making this so difficult. Are the few geeks that figure out how to stream really cutting into their crummy, buggy iTunes Match service, which I still pay for anyway? *sigh* -Rob

83. 600_emails - April 6, 2015

I downgraded my iTunes from back to and VOILA streaming works again…

I’m on OSX 10.10.2 so the limitation here was indeed the new version of iTunes,…

I followed this “How To” video to clobber out the new instance of itunes with the old using pacifist:

84. Mike - September 15, 2015

Are there any news on getting streaming to work on iTunes 12?
Besides downgrading to

85. 600_emails - October 12, 2015
86. rj - January 1, 2016

iTunes 12 actually cares about “Arbitrary text record”, it turns out. Easiest thing to do is discover it on your iTunes server and have dns-sd on the local machine deliver the same data. See https://macfoo.net/iTunes_Library_Sharing_Over_the_Internet.html for details.

87. dsfklj - February 28, 2016


88. Chris - March 4, 2016

rj :
iTunes 12 actually cares about “Arbitrary text record”, it turns out. Easiest thing to do is discover it on your iTunes server and have dns-sd on the local machine deliver the same data. See https://macfoo.net/iTunes_Library_Sharing_Over_the_Internet.html for details.

I’ve tried your method, and iTunes will ‘see’ the library, but it tries to load and then ultimately doesn’t work. :-/

89. Chris - March 4, 2016

cancel that, i’m an idiot… works great

90. 600_emails - May 6, 2016



Chris :
cancel that, i’m an idiot… works great

I second that…You are an idiot and this works perfectly.

91. Pius - June 3, 2016

(not sure if anyone still reads this)

I’ve been happily using this method for some years but a couple of years ago it started to fail for me. I verified that the _daap._tcp service instance is aviailable, but the shared library doesn’t show in my iTunes.

~$ dns-sd -B _daap._tcp local
Browsing for _daap._tcp.local
DATE: —Fri 03 Jun 2016—
15:11:51.278 …STARTING…
Timestamp A/R Flags if Domain Service Type Instance Name
15:11:51.278 Add 2 4 local. _daap._tcp. ParkiTunes

More info about my setup:

“server side” (iTunes serving my music from home):
– Mac OX El Capitan 10.11.5
– iTunes

“client side” (office iTunes where I want to listen to music):
– Mac OS Yosemite 10.10.5
– iTunes

Any help is appreciated. thanks.

92. Pius - June 3, 2016


further note: I noticed someone mentioned sth about iTunes 12 caring about the “Arbitrary text record” but the page https://macfoo.net/iTunes_Library_Sharing_Over_the_Internet.html fails to load. Can someone describe what is needed here? thanks.

93. mactroy (@mactroy) - February 12, 2020

Variations of this method have been working for me for ages, so thanks for this, but after lots of experimenting, it turns out that the new Music app in macOS 10.15 Catalina is suddenly EVEN MORE picky about that “arbitrary” text record. It will still try to connect, and act as if it does so successfully, but will not play any listed songs if the TXT record is at all incomplete.

Based on the recommendations from some others above, I did ultimately get it working again by copying and pasting the full text record that is being broadcast locally from my home sharing machine. Worth noting that my Home Sharing library is currently being hosted by an ancient version of iTunes (, and yet this is working fine for me now on multiple 10.15.x clients.

So the full process is
1) on a machine on your home network, issue the following command:
dns-sd -Z _daap._tcp

2) look in the resulting output screen for the TXT record that is associated with Home Sharing (daap) on the computer that’s sharing its library, and copy the whole thing. It’s gonna be about a dozen double-quoted strings, like so:
“txtvers=1” “Version=196621” “MID=0xFFFF8507D7FFFFF” “Database ID=DFFFF7372726FFFF” “Machine ID=FFFFB2C0FFFF” “dmv=131085” “OSsi=0x1F5” “Media Kinds Shared=66635” “iTSh Version=196623” “Password=1” “Machine Name=My Library”

3) on your tunneling machine at work, use that entire TXT record at the end of your dns-sd command when you are setting up the broadcast for the tunneled daap. This is a sanitized example of the two lines that are currently working for me:

ssh -fNL :36890: myhomeuser@

dns-sd -R “My Library” _daap._tcp local 36890 “txtvers=1” “Version=196621” “MID=0xFFFF8507D7FFFFF” “Database ID=DFFFF7372726FFFF” “Machine ID=FFFFB2C0FFFF” “dmv=131085” “OSsi=0x1F5” “Media Kinds Shared=66635” “iTSh Version=196623” “Password=1” “Machine Name=My Library”

Note that I’m presenting the service at 36890 instead of 3689 to avoid conflict with daap on the tunneling machine. Hope this is helpful to others who are still trying to use this method in 2020. 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: