MacOS – Command Line – Enable Remote Login and Remote Management

command linemacosremote controlsharing

For my job, before I deploy a new Mac laptop, I need to enable these two settings:

System Preferences – Sharing – Remote Login. Once enabled I also need to add the admin account that previously I have created by selecting the little + symbol under Only these users:
System Preferences – Sharing – Remote Management – (the little pop up windows comes out) and I select all the features

How do I achieve the above two process via command line?

Best Answer

Modifying remote login and remote management settings is done with two different commands - both executed as root:

systemsetup
kickstart

To enable remote login for members of the admin group enter:

sudo systemsetup -setremotelogin on

To restrict access use dseditgroup. First check if it exists and add it if necessary:

dseditgroup com.apple.access_ssh
dseditgroup -o create -q com.apple.access_ssh

and add a user group:

sudo dseditgroup -o edit -a admin -t group com.apple.access_ssh

To enable remote management for admin users enter:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -users admin -privs -all -restart -agent -menu

To check other options enter:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart --help

Related Solutions

MacOS – Check Remote Management Status via Terminal

You can tell if it's enabled by running launchctl list | grep '^\d.*RemoteDesktop.*'. That will output a line if there's an active process for the RemoteDesktop agent, and will output nothing if not. There's an active process for the agent whenever Remote Management is enabled, even if there's no active connection (unlike something like Screen Sharing, where the process is only active when there's a connection made).

MacOS – How Do I Disable Remote Management and Enable Screen Sharing

I found the following code in a file I didn't open for a long time. It enables Remote Login on a remote device. Save the script somewhere (from now on referred to as /path/to/script/). Copy the script to the other device.

tell application "System Preferences" to set current pane to pane "com.apple.preferences.sharing"
tell application "System Events" to tell process "System Preferences"
    click checkbox 1 of row 6 of table 1 of scroll area 1 of group 1 of window "Sharing"
end tell

This enables remote login. Now, to disable remote management and enable screen sharing, use the same script, but remove the 3rd line and add these 2 lines:

tell application "System Preferences" to set current pane to pane "com.apple.preferences.sharing"
tell application "System Events" to tell process "System Preferences"
    click checkbox 1 of row 7 of table 1 of scroll area 1 of group 1 of window "Sharing"
    click checkbox 1 of row 2 of table 1 of scroll area 1 of group 1 of window "Sharing"
end tell

To copy this script on the remote device, use scp (secure copy). To use scp type
scp /path/to/script username@IP.of.other.device:/some/path
OR
scp username@hostnameOfDevice:/some/path/
The second option (using the device hostname) requires that the devices are on a computer-to-computer network, so it will not work on a normal wifi network. You will see a prompt requesting the password of username. When you type the password, you will not see any text appear (obviously to prevent people from seeing the password).

Once it is copied, remotely log into the device:
ssh username@IP.of.other.device
OR
ssh username@hostnameOfDevice
Again, the use of the hostname requires computer-to-computer network. Once logged in, run the script using osascript /some/path/theScript.scpt (remember that using scp we copied the script to /some/path, this will be different on your device). This will disable remote management and enable screen sharing.
Good luck!

Best Answer

Related Solutions

MacOS – Check Remote Management Status via Terminal

MacOS – How Do I Disable Remote Management and Enable Screen Sharing

Related Question