Help

Enable remote login remotely?

rpayne
Contributor II

Posted on ‎04-06-2016 01:49 PM

This is likely a stupid question, but prior to our JSS implementation, macs have been given out (about 300) with remote login (ssh) turned off. Is there anyway to remotely turn this on without enduser interaction?

0 Kudos
7 REPLIES 7

rpayne
Contributor II

Posted on ‎04-06-2016 01:51 PM

 
0 Kudos

gachowski
Valued Contributor II

Posted on ‎04-06-2016 01:53 PM

Computer Management/Check-In/Start up script.

Sorry didn't read the full question : )

C

0 Kudos

Nix4Life
Valued Contributor

Posted on ‎04-06-2016 05:53 PM

@rpayne search the jamfnation for first boot scripts. There should be snippet that does this. If no one replies, I will paste mine in the morning

Larry

0 Kudos

Nix4Life
Valued Contributor

Posted on ‎04-07-2016 06:51 AM

@rpayne Below is the snippet I use. I am not the original author

#!/bin/sh
# Set Remote Management for the adminuser
################################
# adminUser = Admin User Name for Remote Access
adminUser=**youradminusernamehere**
# Define Remote Management Settings
privs="-DeleteFiles -ControlObserve -TextMessages -OpenQuitApps -GenerateReports -RestartShutDown -SendFiles -ChangeSettings"
# Apply Remote Management
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -allowAccessFor -specifiedUsers
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -users $adminUser -privs -all -restart

so if you seperated the commands with a semi-colon(";"), you would have a one-liner that you could deploy via Casper Remote or ARD

Larry

rpayne
Contributor II

Posted on ‎04-07-2016 07:14 AM

@LSinNY The main issue is that I am unable to enroll this machines with Recon. We've narrowed it down to SSH not being turned on. Network scans generate the following error:

SSH failed to create session with host 'ip address' (Failure establishing socket connection)

So to be clear, there are not managed machines (yet).

0 Kudos

ehemmete
New Contributor II

Posted on ‎04-07-2016 12:29 PM

You will need some service already turned on, on the computers. Is Screen Sharing or Remote Management enabled? Is file sharing?
If nothing is enabled, then you won't be able to connect remotely to turn on Remote Login.

0 Kudos

mm2270
Legendary Contributor III

Posted on ‎04-07-2016 12:39 PM

+1 to @ehemmete's comment. You will need at least some service enabled that will let you get into the Macs. If everything (SSH, ARD, ScreenSharing, FileSharing, etc) is off, you are out of luck unfortunately. Its just not going to be possible to enable anything remotely in that instance. Hopefully at least one service is on and configured on the Macs with something known by you.

If all else fails, there is user self enrollment in the JSS, if you can convince people to do it and they have rights to install a .pkg on their Macs.

0 Kudos