In ARD Admin, I am being denied access to mutliple machines.
I'd like to ssh into them so I can activate remote management.
I know how to do this in Terminal (ssh username@hostmachine), but only know how to connect to one host at a time, and that's not efficient.
I'm hoping to send this to multiple hosts but can't find a way to do that.
Can someone help?
Thanks.
MacBook Pro, OS X El Capitan (10.11.1)
Hi kobayashi maru. The short answer is one option is to use a free third-party utility such as csshX. Download the ZIP from GitHub and install into /usr/local/bin. Check out the man page.
The longer answer:
csshX allows keyboard input from a master window to be sent simultaneously to multiple ssh sessions, each in a separate Terminal window. Be aware that you are sending commands to all connected hosts simultaneously. For an interactive session the basic syntax is:
csshX username@hostname1 username@hostname2...
For security and to not have to input the password every time for each host machine, you can create a private and public RSA key pair, ideally a pair for each host machine, each with a unique passphrase which will be stored in Keychain Access. First, in Terminal create a ~/.ssh directory on your computer if not already existing:
mkdir -p ~/.ssh
Create the RSA key pair with a unique file name using the -f option. Enter a unique passphrase when prompted. For example, on a LAN connecting to a macbook host you might use:
ssh-keygen -t rsa -f ~/.ssh/macbook
This will create a private key to ~/.ssh/macbook and a public key to ~/.ssh/macbook.pub. Repeat for each host machine, giving each key pair a unique name.
Next, if not already existing, create a ~/.ssh directory on each host machine after making a ssh connection to it:
mkdir -p ~/.ssh
If not already existing, create an authorized_keys file on the host machine:
touch ~/.ssh/authorized_keys
End the ssh session to the host machine and upload the public key created for it. Assuming a username of Joe and a machine host name of 192.168.0.11, you would use the secure copy command:
scp ~/.ssh/macbook.pub Joe@192.168.0.11:.ssh/authorized_keys
Finally, create a basic ~/.ssh/config file which contains a nickname, host name, port number, RSA authentication identity, and user name to login as for each host machine:
nano ~/.ssh/config
While in Nano, assuming two different host machines on a LAN, one a MacBook and the other a MacBook Air, and one user named Joe, you would type the following:
HostName 192.168.0.11
Port 22
IdentityFile ~/.ssh/macbook
User Joe
Host air
HostName 192.168.0.15
Port 22
IdentityFile ~/.ssh/air
User Joe
Press Control-O to writeout, Return to accept, and Control-X to exit Nano.
Note that the first time SSH negotiates authentication using your key-based identity, you'll be asked to store the passphrase in Keychain Access.
One advantage of using a ~/.ssh/config file is that you can just use the nickname in commands. Instead of:
csshX Joe@192.168.0.11 Joe@192.168.0.15
you can use:
csshX air macbook
If you use an alternative to Terminal such as iTerm2, there is a csshX.iterm binary included along with the csshX binary in the csshx-master folder downloaded from GitHub. If you prefer iTerm2’s panes, you can use i2cssh instead. You’ll need Command Line Tools for Xcode installed to install i2cssh using gem in Terminal. You can check with the command:
gcc --version
If not installed you’ll be prompted to install them.
When connected to host machines using i2cssh, you can change the input broadcast to all panes in the current tab by pressing Option-Command-I. If you want to open iTerm2 with broadcast set to all panes use the -b switch:
i2cssh -b air macbook
or:
i2cssh -b username@hostname1 username@hostname2.
Use the -b switch with caution as it sets iTerm2 to send commands to all connected host machines simultaneously.
Note: You may want to set stricter permissions on certain files such as ~/.ssh/authorized_keys and ~/.ssh/config.
Apple Remote Desktop: Configuring remotely via command line (kickstart) - Apple Support
If you have the Apple Remote Desktop software, perhaps you should be asking this in the Apple Remote Desktop forum
If not, another trick is iTerm <http://www.iterm2.com/> has a way to send the same command to multiple logged in sessions. You would need to login to each system, but then you could tell it to issue the same command to each.
But if you do have ARD, then that should be a built-in feature, and the ARD forum should be able to help you.
ARD has support for Send Unix command. That allows you to configure and send a gazillion commands.
See the ARD manual — that's the 3.3 manual and the current version is 3.8-ish, but I don't see a newer manual, and this area hasn't changed much since 3.3.
SSH to multiple hosts
