Enabling SSH in Single-user Mode on OS X

In my testing, I have found a way to enable SSH in Single-user mode (SUM).  So far, I have only been able to make outbound connections.  Even though the SSH service is on and the ports show as LISTENING , I still am not able to remote in from another machine.  But I can use the machine booted to SUM to SSH into another remote device.

Below is the script I save as /var/root/.profile , which loads everything automatically.  These commands could easily be entered manually as well.  This script is based off my Single-user Mode Intrusion Detection script.

4 Replies to “Enabling SSH in Single-user Mode on OS X”

  1. Hi Jacob – thanks very much for working this out. Your post is the only one I found that shows how to get networking up and do any kind of connections with the machine. (I have a Macbook Pro, early 2011, which lost its graphics due to the now well-known, infamous problem with the discrete video.) Frankly, you might be surprised how many posts on the ‘net claim that “it is not possible to do networking in single user mode [on a mac].” Well, you proved, and I can confirm, that info is misinformed. At least, I’m connecting to/from other machines on my local net behind my firewalls. (So, I can’t confirm any wider internet connections.)

    Aside from posting thanks here, I wanted to ask / mention: I wonder if the reason we cannot make full, inbound connections TO the machine is because of the root privileges of the (Mac) single user mode. After getting the network up, using the key elements of your script, I could FTP out, but when I tried to FTP in, it would connect, but I could not authenticate – there is only root as user. ( I don’t have time to research making anonymous or guest work – and they might just not be available). So the problem is, Apple doesn’t (AFAICT) publish the root password ! When you go into single user mode (via command-s after chime) you are automatically logged in as root without password authentication. (And I certainly won’t attempt to reset *that* password!) Thus, no way to finish the authentication process and get in.

    I suspect something similar is happening when we try to SSH in – the socket on that port is listening, as you note, but we cannot get further without the root password.

    What do you think?
    cheers
    – Howard

    1. I struggled with it for a long time, too. After many Google searches and many more trial and errors, I got it going. It’s nice to know someone else found it useful.

      The root user is disabled by default in OS X. You can enable it using Directory Utility. You might be able to connect via FTP once that step is done. Also, root is normally blocked by default in many SSH configs, so you have to enable it in the config file as well.

      1. Thanks for the prompt reply. Root is enabled on my system – or at least it is for single user mode. It skips authentication entirely when booted via command-s. (Not sure if that’s normal, or I might have set it that way sometime back.)

        Did you get it going by setting up an SSH config?

        thx

        1. Well you automatically log in as root, but the account isn’t really enabled, it’s just kind of a bypass since your physical access is trump. Normally, you would need to set PermitRootLogin yes and probably these two directives: PasswordAuthentication yes and
          PermitEmptyPasswords no
          . Depending how you have it setup, you would need to set a root password. A safer method would be to use SSH keys and no passwords at all.

Leave a Reply