Close
Glad You're Ready. Let's Get Started!

Let us know how we can contact you.

Thank you!

We'll respond shortly.

LABS
Enabling OS X Screen Sharing from the Command Line

There are several ways to enable screen sharing on OS X Mountain Lion from the command line.  The first method is an old standby:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -off -restart -agent -privs -all -allowAccessFor -allUsers

This will work in 99% of the cases, but there may be some situations when it’s not quite enough.  The above command enables Screen Sharing by enabling Remote Management; however, we lose the ability to add fine-grained control to who can connect & those who can’t.

Here’s another way to enable screen sharing from the command line:

sudo defaults write /var/db/launchd.db/com.apple.launchd/overrides.plist com.apple.screensharing -dict Disabled -bool false
sudo launchctl load /System/Library/LaunchDaemons/com.apple.screensharing.plist

In the second example, we enable only Screen Sharing, not Remote Management. This allows us to use System Preferences to restrict who can screen share to our machine (e.g. local administrators, network administrators). We use the second example when configuring our authentication servers remotely.

Comments
  1. Marco Carvalho says:

    Trying to remotely connect to a Mac OS X 10.7.4 from another mac (10.8)

    So, the target machine had screenshare already set from a previous user. I only had ssh and sudo access to it. Here’s the command I ran to reset the password to 123pass (last param) for the VNC:

    sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -off -restart -agent -privs -all -allowAccessFor -allUsers -clientopts -setvncpw -vncpw 123pass

    And then I’m using the chicken (AKA Chicken of the VNC) as my vnc client.

    Thank you so much for posting this.

  2. I think you’re supposed to load the agent, too.

    Here’s a script I’m using:

    #!/bin/bash
    /usr/libexec/PlistBuddy -c ‘Set :com.apple.screensharing:Disabled NO’ /private/var/db/launchd.db/com.apple.launchd/overrides.plist
    launchctl load /System/Library/LaunchDaemons/com.apple.screensharing.plist
    for userid in $(ps -Ajc | grep loginwindow | grep -v grep | awk ‘{print $1}’); do
    if [ “$userid” = “root” ] ; then
    launchctl load /System/Library/LaunchAgents/com.apple.screensharing.agent.plist
    else
    su “$userid” -c ‘launchctl load /System/Library/LaunchAgents/com.apple.screensharing.agent.plist’
    fi
    done

    • Brian Cunnie says:

      Alessandro, nice script. And yes, you’re right: the agent needs to be loaded. Although in my second example I load the agent explicitly using launchctl, in the first example it isn’t necessary—kickstart loads it on my behalf.

  3. bil says:

    Thank you for this, just saved me a trip.

  4. Tom says:

    Guys,

    a question to the experts, who helped me to find out one strange behavior:

    Remote Management:

    Admin uses ARD to get the screen, logs in via the OS X login-screen and works.
    Ordinary User uses the screen-sharing.app, logs in via HIS user and password and ist confronted with the question wether to open his own space or to take over Admins Screen! Admin will NOT be asked to confirm, that User is allowed to do so!

    Screen Sharing:

    Admin uses ARD to get the screen, logs in via the OS X login-screen and works.
    Ordinary User uses the screen-sharing.app, logs in via HIS user and password and ist confronted with the question wether to open his own space or to take over Admins Screen AFTER BEEING GRANTED PERMISSION! Admin WILL be asked to confirm, that User is allowed to do so! THIS is (in my opinion) the correct behavior!

    Now the question: Is there any way to configure Mac OS X (Mavericks Server) to have the described Screen-Sharing behavior WHILE using and having configured Remote Management?

    Thanks in advance guys! (Your article made it possible to reconfigure my headless Mac mini server!)

    Tom

  5. Uncivil m 6 says:

    How do i reset this?

  6. Brian Cunnie says:

    Hi Uncivil,

    When you say, “How do I reset this?”, do you mean, “How do I disable screensharing from the command line?”

  7. Ramon Felciano says:

    Thanks for posting this Brian. I found it while trying to debug a problem where screensharing has stopped working on my Mac Mini. After executing the above commands, is there a way to confirm that the screen sharing setup is now active?

    For example, I do:

    ps ax | grep screen

    and still don’t seen screensharingd in the list.

    Thx,

    Ramon

  8. Mr. Hiraldo says:

    Brian, you just saved me tons of work!
    I was able to ssh to my machine at work and enable screensharing and then connect to it. For security reasons, I normally have Remote Management Disabled…

  9. Brian, you’re awesome! That first command is exactly the command I needed today to get into a headless mac mini while outside the office! Thanks ^_^

  10. Brian Cunnie says:

    @Ramon: it’s launchd, not screensharingd, that’s listening on the port.

    @Hiraldo: Glad it’s helpful.

    @James: We miss you here at Pivotal Labs.

  11. Chris says:

    Brian, first of all, thanks. This works great. But how do I get this to run as a cron event? Any ideas? I’ve setup my timing and included the command you have provided. I’m looking to restart remote login every so often in the event is gets turned off. Thanks in advance.

  12. Chris says:

    Nevermind. I got it to work. Thanks anyway for your post. It helped me to get on the right track. Good day.

  13. Giovanni Lovato says:

    I run the command:

    sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -off -restart -agent -privs -all -allowAccessFor -allUsers

    and it set some permissions, enabled services and stuff. How can restore the system at the exact previous state, undoing the permissions granted and enabled services?

  14. Brian Cunnie says:

    @Giovanni:

    “How can restore the system at the exact previous state, undoing the permissions granted and enabled services?”

    The answer is: I don’t know for the technique `sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -off -restart -agent -privs -all -allowAccessFor -allUsers`

    I think if you’re concerned about restoring to a previous state, you should use the OTHER technique to enable screensharing. The way to reverse that technique is as follows:

    sudo defaults write /var/db/launchd.db/com.apple.launchd/overrides.plist com.apple.screensharing -dict Disabled -bool true
    sudo launchctl unload /System/Library/LaunchDaemons/com.apple.screensharing.plist

  15. Thomas Kilian says:

    Another question to the experts: Is it possible to force VNC to start with the login screen? The reason is that I want to open a VNC session to my own machine to a test user. Currently it looks like the login screen is only shown on coincidence. And without it will simply show a recursive picture (nice but not useful).

    • Brian Cunnie says:

      Hi Thomas,

      I don’t know if OS X has a way to accomplish what you’re asking (screensharing to yourself but with a different login screen).

      If you ever find a way, let me know—I’m curious.

      Interestingly, Linux/UNIX has a way to do it because it can run multiple Xservers (i.e. displays)

      —Brian

  16. Jason says:

    Hey brian
    Would it be possible to do it the other way around on Mavericks 10.9, to actually disable screen sharing through the command line, using your second example?
    I tried running the same command but setting option to ‘true’ instead of ‘false’ but not sure if that is how it’s done. It doesn’t seem to work.

  17. Karl says:

    Hi Brian,

    Thanks.

    I actually solved it…I had the luxury of being able to move it so plugged it into my tv via HDMI cable. Of course i needed to find a USB mouse and keyboard initially. However once that was established and logged into the admin account, i realised, that i’d disabled the screen sharing, even though remote management was still enabled (still no clue how to use that), hence the reason why no screen sharing was available. However once established, i used my MBA to connect via screen sharing, and i could even control the server via screen sharing from my MBA using the MBA keyboard and track pad and showing on the tv.

    I reconnected to my ISP router, and bob’s your uncle, access and screen sharing working just fine.

    I just thought i’d share, as i’m sure others have done the same thing by turning off screen sharing.

    cheers

    Karl

  18. Greg says:

    Working in ARD … Worked liked a charm, Thanks for the time saver.

  19. Brian Cunnie says:

    Hi Karl,

    Your situation sounds complicated, and doesn’t lend itself to a step-by-step solution. I’d call in the help of a good systems administrator if I were you.

    —Brian

Post a Comment

Your Information (Name required. Email address will not be displayed with comment.)

* Copy This Password *

* Type Or Paste Password Here *