Apple Event: May 7th at 7 am PT

Learn more

Add to your calendar 

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: geo2000
geo2000 Author
User level: Level 1
8 points

login user via terminal

Hi all, I am trying to get into my iMac (MacOs 10.13) remotely.

First of all: I am not experienced in working from Terminal.

I am connected via Terminal and ssh, can see lists etc., so the computer is running and accessible.

What I would like to do, is login as user, and see and control my remote desktop. I have not yet activated screen sharing on the remote computer. If I understand that right, once this is activated, I could run my remote computer via VNC.

(My normal operation would be to ask somebody to start the computer and login a user, and then use TeamViewer to see the remote computer. TeamViewer is installed and does launch upon user login. But our university is closed at the moment).


From Terminal I cannot start applications with the open command, probably, because no user is logged in.:

open -a MyProg.app


my try:

open -a TextEdit.app

LSOpenURLsWithRole() failed for the application /Applications/TextEdit.app with error -610.


it would be nice, if I could open -a TeamViewer.app, if I understand that correctly, but that doesn't work either


So my questions:

  1. How can I login a user remotely via Terminal/ssh ?
  2. How can I start an application on the remote computer, if no user is logged in?


Thanks for any advise,

Georg

iMac 21.5", macOS 10.13

Posted on May 16, 2020 11:25 PM

Reply

Similar questions

5 replies
User profile for user: geo2000
geo2000 Author
User level: Level 1
8 points

May 17, 2020 8:42 AM in response to BobHarris

Dear Bob,

thank you for the quick and extensive reply.

I am sure this will help, but now my computer in the office is off. I scheduled start-up and shut-down, so it will only start up tomorrow morning (German time).

Both are Macs, both OSX 10.13.

As you say, it seems that in order to enable screen sharing, somebody has to sit at my remote Mac and click the right setting. I hope there is somebody in the office tomorrow. I tried several tips how to enable the Screensharing.app via Terminal, which I found on:


https://www.ecosia.org/search?q=enable+Apple%27s+screensharing+via+ssh+on+a+Mac and other searches, like:

https://www.macissues.com/2016/04/26/how-to-enable-screen-sharing-services-remotely-in-os-x/

https://hints.macworld.com/article.php?story=20080318190503111


but to no avail.

Mysteriously very few of my apps do show up in the list (Terminal-command: applications username$ ls), even though they are in the Applications folder (the same is true on the local Macbook I am working from right now).


Would you agree, that "If Remote Management is selected, you must deselect it before you can select Screen Sharing." (I might have selected that when I tried this last week, but now I learned that just Screensharing is the only click I need).


Tomorrow, I might try to just login to our network via VPN and hope to see my work computer as a shared device as a first attempt.

Will let you know what happened.


Best regards,

Georg

Reply
User profile for user: BobHarris
BobHarris
User level: Level 9
53,261 points

May 17, 2020 9:20 AM in response to geo2000

Remote Management is for use with Apple's "Remote Desktop" app (an expensive paid app) that is intended for managing a classroom of school Mac, or for corporate enterprise management apps, where they are managing many Macs remotely.


You are just going 1 Mac to another Mac. Screen Sharing is all you need, and Remote Management is Not what you want. I have been using Just Screen Sharing for years between my own Macs, my Mac at work, my Wife's Macs, my Mom's Mac (300 miles away). Regular Screen Sharing works great.


System Preferences -> Sharing -> Screen Sharing


You Do Not need to enable any VNC features, such as an insecure VNC password.


If you have another Mac at home, that is another way to experiment so you know what settings you want to apply on your remote Mac.


Here are Apple's instructions on starting Screen Sharing via a Terminal connection (I have NEVER done this):

https://support.apple.com/en-us/HT201710


Via a VPN connection it is VERY unlikely you will see your remote Mac as a shared device, BUT if you have Remote Management enabled, it may still be available.


The following are ways to connect to your remote Mac. The address you used for your ssh connection would be the same one you use in the following examples. These examples should work if you have "Screen Sharing" or "Remote Desktop" enabled on the remote Mac.


Finder -> Go -> Connect to Server -> vnc://remote.macs.dns.or.IP.address

yes, I know it says vnc://, but when going Mac-to-Mac it will use the Screen Sharing secure connection.


From a Terminal session

open vnc://remote.macs.dns.or.IP.address


From a web browser use the URL -> vnc://remote.macs.dns.or.IP.address

This you can make into a browser bookmark

Or drag the URL to the desktop and create a double-clickable file that should open


In TextEdit, enter

vnc://remote.macs.dns.or.IP.address

highlight the text

drag the highlighted text to the desktop

this creates a double-clickable file that will start a Screen Sharing connection to your remote Mac.


If you need to use an alternate port number, then

vnc://remote.macs.dns.or.IP.address:12345


If you want to specify the username, you can use:

vnc://username@remote.macs.dns.or.IP.address

Reply
User profile for user: BobHarris
BobHarris
User level: Level 9
53,261 points

May 17, 2020 7:47 AM in response to geo2000

If you are sitting at a Mac and want to connect to a remote Mac, then you want Screen Sharing. It will need to be enabled on the remote Mac. If at all possible, you want to sit next to the remote Mac with another Mac and verify you have things setup as desired, and you can connect. That will go a long way to making sure it is setup correctly.


WARNING: enabling Screen Sharing opens a well known port on your Mac. MAKE SURE THAT EVERY account on that Mac has a good password that is not easy to guess.

https://www.grc.com/haystack.htm

https://xkcd.com/936/


  • macOS Screen Sharing when connecting Mac-to-Mac should allow you to perform the initial login. No need for someone else to do that for you.
  • macOS Screen Sharing going Mac-to-Mac borrows some VNC features, but enhances it.
  • macOS Screen Sharing Mac-to-Mac used a secure login where as VNC does not.
  • The Mac-to-Mac Screen Sharing connection is encrypted end-to-end, VNC is not.
  • macOS Screen Sharing Mac-to-Mac has well integrated copy & paste (VNC is very problematic; and that is even going Unix-to-Unix which is where VNC evolved; experience from my day job).
  • macOS Screen Sharing Mac-to-Mac allows you to drag and drop files between a Finder window on each system, and it will copy the file to or from the remote Mac.


HOWEVER, if your school blocks port 5900 (the VNC port) and only allows you access via port 22 (the ssh port), then you can create an ssh tunnel. Since you have managed to make an ssh connection it is only a few more ssh options to create a tunnel.


But give Screen Sharing a try. If it works out of the box, then ignore my comments about ssh tunnels. On the other hand, if you find you do need a tunnel, reply to this thread explaining what you need, and I'll try to help.


I've been assuming you are using a local Mac to access the remote Mac. If this is Not the case, then you do need to use VNC, and that becomes a bit more annoying and a whole lot less integrated and smooth. Someone at work does this. They have a Work Mac, and at home they have Windows. They use RealVNC or TigerVNC on Windows to access macOS Screen Sharing with vanilla VNC support enabled.


NOTE: Vanilla VNC is not secure. The password exchange is not secure (password is sent in clear text), the rest of the VNC connection is not encrypted. If you are going to use vanilla VNC, then you should be looking at tunneling VNC over an ssh tunnel which will encrypt everything, and give you a secure connection. TeamViewer does provide secure encrypted connections. macOS Mac-to-Mac Screen Sharing provides secure encrypted connections. Vanilla VNC does not.


If you DO NOT have a Mac at home, also reply to this thread and explain what you have, so suggestions can be provided on the best way to approach this.

Reply
User profile for user: geo2000
geo2000 Author
User level: Level 1
8 points

May 21, 2020 4:32 AM in response to BobHarris

Dear Bob,

it took me a while, and I had to wait for somebody to login into my office computer in my office on Monday, since one of the ssh commands I used (of course I don't remember which one :( ) shut off my ssh-connection.

Well, to cut a long story short, after several attempts with different combinations this is how it works for me:

 

------Tuesday----

Remote login from Macbook to iMac, both MacOSX 10.13:

 

Setting in "Preferences/Sharing" on the remote computer:

x Screen Sharing

x File Sharing

x Remote Login

x Remote Management (I know this is not necessary, but I don't want to change this now)

 

From Terminal: ssh user@IP

√ active

 

Open Screen sharing

-x Screen sharing: no connection

 

VPN (university network) started – login √

Screensharing start: √

Login: possible with any account on the remote computer.

 

Login window on remote iMac appears

-> login as usual

Then everything works!

 

However, if I quit Screen sharing on my laptop, I cannot reconnect with Screen sharing immediately, eben though the connection is active (via ssh and also file sharing). After a few minutes a reconnect worked, so everybody who is reading this and has a similar behavior, just be a bit patient.

 

 ---Thursday---


Screensharing not working.

SSH over Terminal √

File sharing √

 

Tried again the command from this page:

https://www.techrepublic.com/article/how-to-enable-screen-sharing-on-macs-via-terminal/

 

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -off -restart -agent -privs -all -allowAccessFor -allUsers

(The command above will work most of the time, as it uses the kickstart method of enabling remote management, which in turn enables Screen Sharing as well for all users of the device. This isn't the most secure method and it's not recommended to be used like this for long periods of time due to the potential security risks of unauthorized access, but it should serve you well as a temporary workaround for the problem.)

 

But I thought, as the computer is only accessible after VPN is active, this is a risk I can take.

 

Then I could login via Screen sharing. When I deactivated “Remote Management” in settings, I was logged out, so couldn't activate Screen sharing, which is deactivted, when “Remote Management” is running. But TeamViewer was still connected, so I could change the settings from there.

The current setting is now:

x Screen Sharing

x File Sharing

x Remote Login

0 Remote Management

 

hope this will stay for a while.


Thanks again for your advice!

best regards,

Georg

Reply
User profile for user: BobHarris
BobHarris
User level: Level 9
53,261 points

May 21, 2020 7:26 AM in response to geo2000

If I read what you said correctly, you can apparently ssh into your remote Mac Without needing to VPN. If that is the case, you can setup an ssh tunnel that can be used for screen sharing


ssh -L 5999:localhost:5900 user@IP


The -L 5999:localhost:5900 sets up an ssh fully encrypted tunnel from local port 5999 to remote port 5900 across your ssh connection.


You start screen sharing using (any of the above methods, except this is what you specify as the address)

Finder -> Go -> Connect to Server -> vnc://localhost:5999


You specify localhost because the local end of the ssh tunnel is on your system. You specify :5999 because the -L option specified 5999 as the local port for the ssh tunnel.


ssh will then send everything it receives on 5999 to the remote host's 5900 (the Screen Sharing port number).


You can even add file sharing tunnels to the same ssh command

ssh -L 5999:localhost:5900 -L 22139:localhost:139 user@IP

This sets up an SMB file sharing tunnel. You connect using

Finder -> Go -> Connect to Server -> smb://localhost:22139


If you prefer the AFP (Apple FileSharing protocol), then

ssh -L 5999:localhost:5900 -L 22548:localhost:548 user@IP

This sets up the AFP file sharing tunnel. You connect using

Finder -> Go -> Connect to Server -> afp://localhost:22548


You can have as many tunnels on the 1 ssh command line as you need/want, and all traffic will be end-to-end encrypted by ssh.

Reply

login user via terminal

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up