Archive for May 2, 2011
Setting access controls for SSH Part 2
May 2, 2011
2 comments
As a follow-up to my earlier blog entry on setting SSH access controls, here’s how you can add groups to your SSH SACL:
Command to create the SACL (if it doesn’t already exist):
dseditgroup -o create -q com.apple.access_ssh
Add your group as a nested group inside the SACL group:
dseditgroup -o edit -a “group name” -t group com.apple.access_ssh
If you’re adding an AD group, you may need to add the AD domain’s name:
dseditgroup -o edit -a “DOMAIN\group name” -t group com.apple.access_ssh
Categories: Mac administration, Mac OS X
Recent Comments