Apple

Remotely administer Macs using Terminal

Erik Eckel offers an overview of the main commands that Mac administrators can use to enable remote management of OS X systems.

Apple administrators frequently require remote access to networked Macs. Whether troubleshooting email operation, confirming network communication, or transferring a file, numerous Terminal commands assist such tasks.

telnet

The telnet command enables an administrator to log on to another Mac where the administrator already possesses a user account. The command possesses an almost overwhelming number of options to administrators new to the Mac Terminal. Those unfamiliar with Terminal but wishing to learn more should likely think of telnet as the command that establishes a connection with another system to enable troubleshooting on the remote host.

For example, if a Mac administrator is troubleshooting email errors, the administrator may wish to remotely confirm the email server is properly passing mail. One item that must be checked is the port passing mail, typically port 25. The following command can be executed to confirm proper port 25 operation on a remote host named acme.com:

telnet acme.com 25

Resulting information helps administrators determine whether firewalls are blocking communications, a remote system is malfunctioning or even if security software is incorrectly configured. Note, telnet is falling out of favor due to security concerns, as its default configuration passes account information in plain text. That said, more advanced encryption options are available for securing information passed within telnet sessions, but the process is much more advanced and beyond the scope of this brief overview.

ssh

ssh is the preferred remote administration command for Apple administrators. The command enables a more secure remote connection to another Mac and subsequently running commands on the remote host. Multiple users can even log in to the same system simultaneously using ssh.

An entire book can be written describing ssh. It's a complex, dynamic command. ssh roadblocks are plentiful, as a result. The command won't even work unless the remote host is configured to permit ssh use.

To enable ssh connectivity on a Mac running Mountain Lion, open System Preferences, select Sharing, and select Remote Login. OS X will prompt you to specify the user accounts to be permitted remote access.

Administrators may test ssh connectivity by typing ssh localhost within Terminal, which should generate the following result: The authenticity of host 'localhost (::1)' can't be established. RSA key fingerprint is 65:25:79:f2:0... Are you sure you want to continue connecting (yes/no)?

Entering yes prompts OS X to request the password, which when entered correctly, then connects the user to the system within the Terminal session.

To connect to another Mac, administrators would enter the ssh command:

ssh username@localhost

Administrators, of course, would substitute the username possessing remote login rights to the system. The administrator would also replace localhost with the remote host's actual computer name (found within the Sharing Preferences menu) or IP address.

ftp / sftp

ftp and its more secure counterpart, sftp, enable remotely exchanging files between systems. Minus a GUI, such as is provided with LogMeIn Pro, the Terminal provides an opportunity to leverage specific commands to enable connectivity and copy files between systems.

Because ftp doesn't secure usernames and passwords, administrators should employ sftp.

To remotely connect to another system, enter the command in the following format:

sftp user1@system1.acme.com

Administrators must substitute a valid user name on the remote system in place of user1. Administrators must also replace system1 with the actual remote system's hostname, while substituting the computer's routable address within the acme.com placeholder.

Assuming the correct computer name and address is entered, a valid username is supplied, and routers and security services enable forwarding ftp / sftp traffic between the computers, the remote system will prompt the administrator to enter the password for the supplied user account on the remote host. Once the administrator authenticates, the ls (list), pwd (print working directory) and cd (change directory) commands as well as the get (transfer) and put (transfer and change file name) interactive command options can be employed to copy files between the computers.

Command line review

The Mac command line provides incredible power, customization, and flexibility. These are just a few commands that can be run within Terminal to enable remote administration.

As previously reviewed, the Mac Terminal extends direct access to OS X. The Mac command line helps:

And for more help, see this handy list: An A-Z Index of the Apple OS X command line.

Hopefully this series of brief overviews helps familiarize novice users and administrators alike with the Mac terminal, command line, and potential Terminal and command uses for common tasks and operations.

About

Erik Eckel owns and operates two technology companies. As a managing partner with Louisville Geek, he works daily as an IT consultant to assist small businesses in overcoming technology challenges and maximizing IT investments. He is also president o...

0 comments