Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-4114: SSH Remote Login fails on OS X 10.9 Mavericks and higher

Centrify Identity Service, Mac Edition ,  

12 April,16 at 11:18 AM

Applies to: Centrify DirectControl on Mac OS X 10.9 and above

Question:

On new Mac systems with OS X 10.9 or higher installed, the GP at:
 
Computer Configuration / Centrify Settings / Mac OS X Settings / Services / "Enable remote login"

..no longer allows SSH logins. The same GP is working fine for OS X 10.8 and below.

What needs to be changed to allow SSH access for 10.9 systems as well?



Answer:
 
SSH access for OS X is configured via:
 
System Preferences > Sharing > Remote Login

In OS X versions 10.8 and below, the default access for this setting was:
  • Allow access for: All users
 
However in OS X 10.9 the default was changed to:
  • Allow access for: Local Administrators


To set this back to "All users" via group policy, add the following command into the GP at: 
 
Computer Configuration / Centrify Settings / Common UNIX Settings / "Specify commands to run" 
  • Run Command: sudo dseditgroup -o delete -T group com.apple.access_ssh 

(In order for this GP folder to be visible, the centrify_unix_settings.xml template needs to have been added into the GPO) 
 
 
For further detail on managing SSH access in OS X, see: 

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.

Related Articles

No related Articles