Configuring an OS X system as an SSH server

To configure an OS X system, e.g. a MacBook Pro laptop, to function as a Secure Shell (SSH) server, take the following steps:
  1. Click on the Apple icon at the top, left-hand corner of the screen and select System Preferences.
  2. Click on Sharing.

    System Preferences

  3. If the lock icon at the lower, left-hand corner of the Sharing window shows a locked padlock, click on it and provide the credentials for an account with administrator access to change it to an unlocked padlock icon and change the Sharing settings.

    OS X Sharing

  4. Then click on Remote Login to check the check box next to it.

    OS X Remote Login

  5. If you want to allow access to the system via SSH for all users, select that option. If not, leave "Only these users" selected and choose the accounts for which you wish to grant SSH access to the system. To remove any accounts that are listed, click on the account to select it and then click on the minus sign (-) to remove the account. To add accounts, click on the plus sign (+). If your account has administrator-level access to the system and you want to be able to log into the system via SSH using that account, you can leave "Administrators" selected.

    At this point, if you open a Terminal window and issue the command netstat -an | grep -i ssh, you will see the system is listening for SSH connections.

    $ netstat -a | grep -i ssh
tcp6       0      0  *.ssh                  *.*                    LISTEN     
tcp4       0      0  *.ssh                  *.*                    LISTEN
  6. You can close the Sharing window now. You should be able to connect via SSH from another system now, provided there are no intervening firewalls that might be blocking the connectivity.

When logging in by SSH, use the "short name", which is your user name rather than the full name for the account. The short name can be found by opening a Terminal window (the application is found in Applications/Utilities) and typing the command echo ~, which will show the home directory for the account from which you issued the command. E.g.: 

$ echo ~
/Users/jasmith1

In the example above, the short name is "jasmith1". You can also follow the steps listed at OS X Yosemite: If you can’t remember your user name, if you don't know the short name, but would rather make that determination through a GUI than a command line interface (CLI). Note: these instructions were written for OS X Yosemite (10.10.5), but will apply to other versions as well; you can find alternative instructions for obtaining the short name on a Mac OS X 10.5.8 system at SSH Access to an OS X System.

Entries related to SSH logins are logged to /var/log/system.log. So you could find the entries related to SSH by issuing the command cat /var/log/system.log | grep -i ssh in a Terminal window. If you want to determine the IP addresses used for interactive SSH logins, as would occur if someone provides a userid and password for an SSH login or scp file transfer, you can use the commands shown below. 

$ grep sshd /var/log/system.log | grep "keyboard-interactive"
Feb 16 14:36:03 GSSLA15122293 sshd[19739] : Accepted keyboard-interactive/pam for jasmith1 from 192.168.3.3 port 49602 ssh2
Feb 16 14:41:34 GSSLA15122293 sshd[19774] : Accepted keyboard-interactive/pam for jasmith1 from 192.168.3.3 port 49661 ssh2

 

TechRabbit ad 300x250 newegg.com

Justdeals Daily Electronics Deals1x1 px

Valid HTML 4.01 Transitional

Created: Tuesday February 16, 2016