Help

Casper Remote and SSH - what is required?

Bernard_Huang
Contributor III

Posted on ‎01-11-2017 07:11 PM

Hi all,

I've been searching through JAMFNation for an answer, but haven't found one that exactly answers my query.

I'm trying to use Casper Remote to remotely log onto a Macbook. We are using Casper 9.96. When trying Casper Remote, it firstly goes to "Opening SSH Connection to <IP Address>", then after around 10 seconds, it goes to "SSH is not enabled on the remote computer".

My end goal is, obviously, to remote to a Macbook and screen share with the user. This will make my support work much easier. But how do I achieve this? Is there a particular setting on the Macbook that needs to be activated? Very sure the Casper remote can see the Macbook, because it actually identified the correct IP address.

Labels:
0 Kudos
4 REPLIES 4

dan-snelson
Valued Contributor II

Posted on ‎01-11-2017 07:34 PM

@Bernard.Huang The following may prove helpful: Screen Sharing

0 Kudos

mscottblake
Valued Contributor

Posted on ‎01-11-2017 07:50 PM

Open the Sharing preference pane within System Preferences and make sure Remote Login is enabled. You will also need to make sure that port 22 is open from your machine (not the Jamf server) to the client machine. Make sure to check the firewall as well as any networking ACLs.

0 Kudos

easyedc
Valued Contributor II

Posted on ‎01-12-2017 05:30 AM

How do you enroll workstations? When making a Quick Add package, you can ensure SSH is enabled, or the same is true if you use the enrollment URL. Do you have your JSS configured to ensure SSH enabled on enrollment? dd135dd67c9a448b8c9c133ef4619427

0 Kudos

easyedc
Valued Contributor II

Posted on ‎01-12-2017 05:36 AM

If SSH is enabled and you're losing screen sharing ability (seems to happen to us occasionally) you can create a ARD kickstart package and break down what you're trying to enable (through pacifist or some similar app). In our case, we were pretty generic, and the following script worked for me. Per Apple's guidance, they recommended breaking down each command into a single line, even though theoretically they can be combined into one command. 

#!/bin/sh
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -targetdisk / -activate -configure -clientopts -setmenuextra -menuextra yes 
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -targetdisk / -configure -users 'admin' -access -on -privs -all
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -targetdisk / -configure -allowAccessFor -specifiedUsers -privs -all
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -targetdisk / -restart -agent -menu
/usr/sbin/systemsetup -setremotelogin on
exit 0

One advantage of breaking it down into separate commands is that you can get to see the success/failure of each process. And theoretically you could create a daily launch agent (or is it daemon?) that runs daily and ensures you're SSH is enabled properly.

0 Kudos