Skip to main content

Been running in circles for a while with this. I can SSH successfully into an enrolled computer using our jamf management account: "ssh jamfadmin@ipadress"



However if I try to use the local Administrator account "ssh Administrator@ipadress" I get the error "Connection closed by 10.200.0.103 port 22" after entering the password. I know for a fact I am entering the correct password because if I ssh in successfully with "ssh jamfadmin@ipadress" and then enter "su Administrator" and enter that same Administrator password, the account switches to Administrator as designed.



What the heck am I missing here?

@TomDay System Preferences->Sharing->Remote Login. Is "Allow Access for:" set to "All users", or is the Administrator account listed under "Only these users:"

@sdagley TY, I was assuming "All users", but should really confirm. I don't have physical access to the machines I am testing, is there a way I can check remotely?

@TomDay If /usr/bin/dscl . -read /Groups/com.apple.access_ssh | grep GroupMembership | grep -w Administrator returns anything when run on your remote Mac then Administrator is enabled for ssh. If the result is empty, it isn't.

TYVM @sdagley I'll test on Tuesday, wrapping up for the long wkd.

@sdagley Thx for your help with this. Settings for our computers should be "Only these users", so I needed to get theAdministrator account into the proper group. Found a script on Jamfnation from @ssrussell (thanks for that!) and edited it a bit:



#!/bin/sh



# turn ssh on

systemsetup -setremotelogin on





#Add Administrator to Remote Login access list

dseditgroup -o edit -a "$4" -t user com.apple.access_ssh



# restart ssh

launchctl unload /System/Library/LaunchDaemons/ssh.plist

sleep 5

launchctl load -w /System/Library/LaunchDaemons/ssh.plist



exit 0


https://www.jamf.com/jamf-nation/discussions/33372/enable-ssh-from-jamf-for-specific-user

Terms & ConditionsCookie settings