Help

Kickstart SSH stuff

jwojda
Valued Contributor II

Posted on ‎08-30-2011 05:22 AM

I have been running a script @ reboot that handles some mundane things like homepage setup and kickstart stuff - apparently in the last week the kickstart portion has not been working as it has. The imaging logs and system logs both say the command is completing normally, but when I go to Settings à Sharing - remote login is not checked.

The only major change was the JSS rebuild, but I'm 85% sure it was working after that.. I tried re-arranging the kickstart arguments to match closer to what Apple's documentation says it should be, but it still won't setup SSH...

John Wojda

Lead System Engineer, DEI & Mobility

3333 Beverly Rd. B2-338B

Hoffman Estates, IL 60179

Phone: (847)286-7855

Page: (224)532.3447

Team Lead DEI: Matt Beiriger <mailto:mbeirig at searshc.com;jwojda at searshc.com?subject=John%20Wojda%20Feedback&body=I%20am%20contacting%20you%20regarding%20John%20Wojda.>

Team Lead Mobility: Chris <mailto:cstaana at searshc.com;jwojda at searshc.com?subject=John%20Wojda%20Feedback&body=I%20am%20contacting%20you%20regarding%20John%20Wojda.> Sta Ana

Mac Tip/Tricks/Self Service & Support <http://bit.ly/gMa7TB>

"Any time you choose to be inflexible in your approach to an unpredictable project you are already building failure into your plan"

0 Kudos
5 REPLIES 5

nessts
Valued Contributor II

Posted on ‎08-30-2011 05:30 AM

systemsetup -f –setremotelogin on

--
Todd Ness
Technology Consultant/Non-Windows Services
Americas Regional Delivery Engineering
HP Enterprise Services

0 Kudos

jwojda
Valued Contributor II

Posted on ‎08-30-2011 05:43 AM

Awesome! Any idea why it changed? Was it with the ARD 3.5.1 update?

John Wojda
Lead System Engineer, DEI & Mobility
3333 Beverly Rd.  B2-338B
Hoffman Estates, IL 60179
Phone:  (847)286-7855
Page:  (224)532.3447
Team Lead DEI: Matt Beiriger
Team Lead Mobility: Chris Sta Ana
                   Mac Tip/Tricks/Self Service & Support

"Any time you choose to be inflexible in your approach to an unpredictable project you are already building failure into your plan"

0 Kudos

rockpapergoat
Contributor III

Posted on ‎08-30-2011 06:52 AM

kickstart only handles ARD access, not ssh. so either your syntax is wrong to enable ssh, or it was missing.

0 Kudos

nessts
Valued Contributor II

Posted on ‎08-30-2011 07:00 AM

I think there was a notice sometime after snow leopard was released that it was a deprecated method please change to the new method, kickstart itself is now deprecated and we should be switching to the new way, I have yet to figure out what the new way is for setting up ARD.

--
Todd Ness
Technology Consultant/Non-Windows Services
Americas Regional Delivery Engineering
HP Enterprise Services

0 Kudos

tlarkin
Honored Contributor

Posted on ‎08-30-2011 09:15 AM

systemsetup handles remote log ins

Usage: systemsetup -setremotelogin <on off> Set remote login to either <on> or <off>. Use "systemsetup -f -setremotelogin off" to suppress prompting when turning remote login off.

though this could be depreciated, then you need to look at the com.apple.access_ssh-disabled (or if enabled for certain users it will drop the disabled part) for group membership to remote into the comptuer

dscl . read /Groups/com.apple.access_ssh-disabled GroupMembership

When I limit it to only certain users, the com.apple.access_ssh adds those users to ssh access

Do note that if you have remote access enabled for every user in the sharing preference pane all users will go to the disabled group because all users can ssh

bash-3.2# dscl . read /Groups/com.apple.access_ssh GroupMembership GroupMembership: cadmin tlarkin

So, post image script I have a command that enables it, then adds local accounts access to it via commands in the script, and if any user would ever need it in production they would get added to the com.apple.access_ssh group

-Tom

0 Kudos