+36Is anyone else having a problem with using "Secure SSH" in conjunction with a hidden local admin account during imaging time?
Hiding the local admin account through JSS seems to result in a "broken" ACL for SSH...
http://donmontalvo.com/jamf/secure_ssh_hidden_admin_acct/Hidden_local_admin_acct_locked_out.jpg
http://donmontalvo.com/jamf/secure_ssh_hidden_admin_acct/Secure_SSH_feature_in_JSS_7.31.jpg
http://donmontalvo.com/jamf/secure_ssh_hidden_admin_acct/Sharing_SSH_settings.png
Thanks,
Don
+24Ensure your ssh account belongs to the group com.apple.access_ssh. Being a
hidden account, it won't show up in the GUI there in Sharing. You need to
make sure it's there via dscl.
--
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436
+11you can use Workgroup manager to make sure it is
Criss Myers
Senior Customer Support Analyst (Mac Services)
iPhone / iPad Developer
Apple Certified Technical Coordinator v10.5
LIS Development Team
Adelphi Building AB28
University of Central Lancashire
Preston PR1 2HE
Ex 5054
01772 895054
+24pffft. Using the GUI is a sign of weakness.
;)
--
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436
+11nah :-) make life easy for yaself :-)
Do you not use Casper Admin? thats a GUI :-)
Criss Myers
Senior Customer Support Analyst (Mac Services)
iPhone / iPad Developer
Apple Certified Technical Coordinator v10.5
LIS Development Team
Adelphi Building AB28
University of Central Lancashire
Preston PR1 2HE
Ex 5054
01772 895054
+21Actually, Jared writes everything to the db in mysql terminal...he’s that hardcore!
Craig E
On 8/4/10 8:39 AM, "Criss Myers" <cmyers at uclan.ac.uk> wrote:
nah :-) make life easy for yaself :-)
Do you not use Casper Admin? thats a GUI :-)
Criss Myers
Senior Customer Support Analyst (Mac Services)
iPhone / iPad Developer
Apple Certified Technical Coordinator v10.5
LIS Development Team
Adelphi Building AB28
University of Central Lancashire
Preston PR1 2HE
Ex 5054
01772 895054
+24Afterall, the Matrix is best seen in its native form…
--
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436
+31How was this account created? If remote log in is enabled I am almost certain the user can ssh. Unless you set it to certain users specifically
Also command line is always faster and once you get the commands down you can then proceed to achieve automation.
+36Tom, Craig, Jared, Criss...thanks for all your responses. After some troubleshooting with John Miller (welcome to JAMF, John!), we found the issue.
Diagnosis: brain f at rt. I had the admin name spelled wrong.
I'm so ashamed....if anyone needs me, I'll be in purgatory.
Don
+36Tom, Craig, Jared, Criss...thanks for all your responses. After some troubleshooting with John Miller (welcome to JAMF, John!), we found the issue.
Diagnosis: brain fart. I had the admin name spelled wrong.
I'm so ashamed....if anyone needs me, I'll be in purgatory.
Don
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
