7.8. Remote Login
You can log in to a Mac in a number of different ways, but in the context of the Sharing pane of System Preferences, Remote Login refers to one particular sort of remote access: using SSH (secure shell). When you activate Remote Login, you turn on Mac OS X's built-in OpenSSH server, which means that you or someone else can connect to your Mac remotely using the command-line ssh program or any of various methods that use SSH as a conduit for other services. You or the person connecting remotely must know your Mac's IP address or domain name and must have a valid username and password for a user account on your Mac. In addition, your Mac must either be directly connected to the Internet or, if connected via a NAT gateway, be available via port forwarding or a comparable router configuration.
If you feel comfortable using SSH and can easily imagine situations in which you might want to use it to connect to your Mac from another computer, then by all means turn on Remote Login. However, if you never use SSH, it has no value and should be left disabled because an attacker who knows or can guess your username and password could potentially use an SSH connection to view files on your Mac and even, in extreme cases, take over your computer.
To activate Remote Login, follow these steps:
Choose
Get Mac® Security Bible now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
