Skip to main content
Question

Enable remote login remotely?

  • April 6, 2016
  • 6 replies
  • 8 views
rpayne
Forum|alt.badge.img+12

This is likely a stupid question, but prior to our JSS implementation, macs have been given out (about 300) with remote login (ssh) turned off. Is there anyway to remotely turn this on without enduser interaction?

    6 replies

    G
    Forum|alt.badge.img+16
    • gachowski
    • Honored Contributor
    • April 6, 2016

    Computer Management/Check-In/Start up script.

    Sorry didn't read the full question : )

    C

    N
    Forum|alt.badge.img+13
    • Nix4Life
    • Honored Contributor
    • April 7, 2016

    @rpayne search the jamfnation for first boot scripts. There should be snippet that does this. If no one replies, I will paste mine in the morning

    Larry

    N
    Forum|alt.badge.img+13
    • Nix4Life
    • Honored Contributor
    • April 7, 2016

    @rpayne Below is the snippet I use. I am not the original author

    #!/bin/sh
# Set Remote Management for the adminuser
################################
# adminUser = Admin User Name for Remote Access
adminUser=**youradminusernamehere**
# Define Remote Management Settings
privs="-DeleteFiles -ControlObserve -TextMessages -OpenQuitApps -GenerateReports -RestartShutDown -SendFiles -ChangeSettings"
# Apply Remote Management
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -allowAccessFor -specifiedUsers
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -users $adminUser -privs -all -restart

    so if you seperated the commands with a semi-colon(";"), you would have a one-liner that you could deploy via Casper Remote or ARD

    Larry

      rpayne
      Forum|alt.badge.img+12
      • rpayne
      • Author
      • Contributor
      • April 7, 2016

      @LSinNY The main issue is that I am unable to enroll this machines with Recon. We've narrowed it down to SSH not being turned on. Network scans generate the following error:

      SSH failed to create session with host 'ip address' (Failure establishing socket connection)

      So to be clear, there are not managed machines (yet).

      ehemmete
      Forum|alt.badge.img+5
      • ehemmete
      • Contributor
      • April 7, 2016

      You will need some service already turned on, on the computers. Is Screen Sharing or Remote Management enabled? Is file sharing?
      If nothing is enabled, then you won't be able to connect remotely to turn on Remote Login.

      mm2270
      Forum|alt.badge.img+24
      • mm2270
      • Legendary Contributor
      • April 7, 2016

      +1 to @ehemmete's comment. You will need at least some service enabled that will let you get into the Macs. If everything (SSH, ARD, ScreenSharing, FileSharing, etc) is off, you are out of luck unfortunately. Its just not going to be possible to enable anything remotely in that instance. Hopefully at least one service is on and configured on the Macs with something known by you.

      If all else fails, there is user self enrollment in the JSS, if you can convince people to do it and they have rights to install a .pkg on their Macs.

      Terms & ConditionsCookie settingsAccessibility statement