Hi guys,
I borrowed this script from a thread a while back to enable remote login. This works when i enter the user i need ssh privileges but i'm having an issue adding multiple users. Is there a way to taylor this script to allow multiple users to be added variable $4. the reason for this is because every time i replace the user it kicks my Jamf Service account from that group and i can no longer used Jamf Remote. I'd like to add our local administrator account and Jamf Service Account so that i can do ssh because our Jamf Service account using a random password.
#!/bin/sh
#!/bin/sh
# script to enable a particular user of SSH of OS X systems
# Marc Kerr http://marckerr.com 5/31/13
# http://marckerr.com/?tag=shell-scripts
# Updated by C. Hirtle on 8/1/13 for Casper
USERNAME="$4"
ADMINGROUP="$5"
# check that root is running the script otherwise nothing works
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root" 1>&2
exit 1
fi
# disable SSH to start with regardless of if it's on (off to prevent nixing remote execution)
# systemsetup -setremotelogin off
# remove the existing SSH access group (revert to all user access)
dseditgroup -o delete -t group com.apple.access_ssh
# create the access group and add the user(s)
dseditgroup -o create -q com.apple.access_ssh
dseditgroup -o edit -a $USERNAME -t user com.apple.access_ssh
# add our standard AD computer admins group as subgroup
dseditgroup -o edit -a $ADMINGROUP -t group com.apple.access_ssh
# finally confirm who's in the group before we quit
dseditgroup -o read -t group com.apple.access_ssh
# ensure SSH is back on
systemsetup -setremotelogin on
exit 0
