I have a few hundred laptops already out with the students and im trying to remotely enroll them but i did not turn remote login on. I have remote management turned on because i use Apple Remote Desktop. Is there a way to change remote enrollment to use the ARD ports instead of the ssh ports? I really dont want to physically change the setting on each laptop in order to use this product.
+7Why don't you use ARD to enable SSH (Remote Management) on the laptops. There's even a 'Send UNIX command' template in ARD that does just that.
+28You may be able to use ARD to turn on SSH.
Not sure if one of these commands, run as root, will do the trick for you:
jamf startSSH
(if they're already enrolled in the JSS) or
systemsetup -setremotelogin on
I don't know if this will enable ssh for all users - something you probably want to control with greater detail.
To specify users to allow ssh access, follow the advice on dseditgroup mentioned in this blog link:
http://macadmincorner.com/securing-ssh/
+31SSH can also be enabled using Casper. You should be able to set up a policy that is scoped to machines that don't have remote login turned on, then use the following command to turn on SSH:
systemsetup -setremotelogin onI tried running the systemsetup -setremotelogin on command via ard but i get the error
You need administrator access to run this tool... exiting!
if i run sudo systemsetup -setremotelogin
i get sudo: no tty present and no askpass program specified
+28^^^^exactly right. And you don't need to have the root login enabled for that to work (you generally shouldn't, as a rule).
Reply
Most helpful members this week
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.