Home > Mac administration, Mac OS X > Setting access controls on SSH

Setting access controls on SSH

February 3, 2011 Leave a comment Go to comments

Want SSH on, but want controls over who can log into it? On Mac OS X 10.5.x and higher, you can set this with a SACL for the SSH service.

Command to create the SACL (if it doesn’t already exist):

dseditgroup -o create -q com.apple.access_ssh

Add your user to the SACL group:

dseditgroup -o edit -a myuser -t user com.apple.access_ssh

(replace “myuser” with the shortname of your own account.)

With the SACL in place, only your account (and any others you add) will be able to log in to your Mac via SSH. You can also modify this setting through the Sharing pane of your System Preferences.

Categories: Mac administration, Mac OS X
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: