In this instance, you as an admin want to give remote access to your Mac machines without having to give full remote access to all users and you want to do this remotely. This can be completed by using SSH. Below are the steps you can use to complete this process.
SSH does need to be enabled, which can be done by enabling remote access. Remote access needs to be set to “only these users”. The user you are adding does have to have an existing account on that Mac.
As you can see above, the remote login is for Administrators ONLY. To add a user for them to remotely access the Mac, SSH in to the Mac by typing:
Type your password, which will then bring you to the bash prompt for the Mac.
Once SSH’d in, the new user can be added. This is done by using the command:
sudo dseditgroup -o edit -t user -a <username> com.apple.access_ssh.
Once this is done, you can verify (if required) the user has been added as a remote user under System Preferences > Sharing.
The user now has SSH access to that machine. This is now complete. If that user needs remote access / SSH access rights removed from the Mac, the above illustrated steps would still be used, but the final command would need to be changed to:
sudo dseditgroup -o edit -t user -d USERNAME com.apple.access_ssh
This will remove the user from the remote access as you have requested. To log off the Mac, simply type Logout which will disconnect your session.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.