I had a call yesterday, where someone was asking to SSH into a remote Mac workstation and mount a particular fileshare on that workstation. I had them do the following:
—–
After enabling Remote Desktop as shown, then connect with the remote Mac to change the user's ssh access via System Prefs. To connect to the remote Mac, go to the Finder and select Connect to Server under the Go menu. Type in the Server Address for your computer. JAMF Software's Casper Suite for Imaging Client Image Deployment and Maintenance - Part 1. By Criss Myers. Background to Image deployment. We have previously looked at some different methods to image network Macs. In particular, Apple's NetInstall and NetBooting. These are great tools, but they rely upon a monolithic image.
1. Log into the Mac with your account login and password.
Jamf's tools, integrated with Apple's Device Enrollment Program allows for program managers to remotely wipe and re-enroll supplied iPads remotely, removing all of a patent's personal data without. The Jamf Remote application and the network scanner in the Recon application connect to computers over Secure Shell (SSH), or Remote Login. Secure Shell (SSH) SSH is a network security protocol built into macOS.
2. Create a folder inside your home folder named sharename to match the name of the share on the server
Note: You should only need to create this folder if it doesn’t already exist.
![]()
3. Use the following command to mount the share, using the new sharename directory as the mountpoint:
mount_smbfs //[email protected]/share ~/sharename
4. You should be prompted for your account password.
5. The SMB share should mount and you should be able to access it via the sharename directory.
To unmount the server share from using the command line in OS X:
1. Log into the Mac with your account login and password.
2. Make sure you’re not in the ~/sharename directory.
3. Use the following command to unmount the sharename share from ~/sharename:
umount ~/sharename
—–
However, when mount_smbfs //[email protected]/share ~/sharename was run, it didn’t connect and gave the following error:
mount_smbfs: server connection failed: No route to host
Trying mount_smbfs //username:password@servername/share ~/sharename also did not work. Same error, plus the user was understandably not happy with the idea of having his password in the clear.
After a bit more digging, I found the answer here. In 10.6, Apple had changed the mount_smbfs configuration so that it now expected the server’s workgroup or domain as part of the connection string. For anybody else that needs it, here’s how the command should be set up if the server is connected to an AD domain:
mount_smbfs //’DOMAIN;username’@servername.example.com/share ~/sharename
If you’re using a workgroup, it should be set up as:
mount_smbfs //’WORKGROUP;username’@servername.example.com/share ~/sharename
Active4 years ago
I have admin rights at a remote Mac computer. I can access it via SSH. The Mac has another user account, which doesn't have remote access. How can I remotely (via SSH) enable remote access for the other account?
Andrei
AndreiAndrei
63933 gold badges1111 silver badges2727 bronze badges
4 Answers
SSH access by users is controlled by the local copy of Directory Services. (Controlled using
dscl )
First off run
dscl . list /Groups | grep 'access_ssh' . If the returned value says com.apple.access_ssh-disabled then all users have SSH access. If not, then we need to give the user access.
To add the user you need to run:
(replace USERNAME with the short username of the user) as well as:
(replace USERNAME with short username as well)
(The last bit is thanks to Reed Stoner on lists.apple.com)
To add/enable Remote Management for only specific users (Add VNC flags from ghoppe's answer if you want VNC):
Is there a snippet tool for mac.
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -users short,usernames,seperated,by,commas -access -on -restart -agent -privs -all -allowAccessFor -specifiedUsers
Find out more by running
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -h Best book writing tool for mac.
Community♦
ChealionChealion
22.6k77 gold badges6161 silver badges7171 bronze badges
Based on Chealion's answer, I came up with this to allow ALL users to ssh in:
MarmadukeMarmaduke
Enable Remote Desktop via command line:
Turn off screen sharing:
EDIT
OK, I may have misunderstood your question. By 'Remote Access' I presumed you meant remote desktop, but now I see you just want to enable ssh access for the other account, right?
My answer gets you halfway there. After enabling Remote Desktop as shown, then connect with the remote Mac to change the user's ssh access via System Prefs.
Mac Ssh Tool
To connect to the remote Mac, go to the Finder and select
Connect to Server… under the Go menu. type in the Server Address for your computer:
Where x.x.x.x is the remote computer's IP address or URI. Since you connected with ssh, I presume you already know this.
Now you can use the Remote Desktop to navigate to System Prefs > Accounts and click the box to allow the other account to log in to the computer…
ghoppeghoppe
ssh access is granted to members of the com.apple.access_ssh group. This is the group that you're editing when you make access modifications to the Remote Login service through the Sharing pref pane.
While
dscl can be use to edit group memberships (as described in other answers), dseditgroup is a cleaner way to modify the com.apple.access_ssh group memberships from the command line.
to add a user:
to remove a user:
teppicteppic
How To Ssh From MacNot the answer you're looking for? Browse other questions tagged macosmacsshremote-accessadministration or ask your own question.Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |