n8felton
5/13/2014 - 5:51 PM

Enables outbound SSH in Single-user Mode on OS X

Enables outbound SSH in Single-user Mode on OS X

#!/bin/bash
# https://github.com/jacobsalmela

# Enables outbound SSH in single-user mode on OS X
# Save this file as /var/root/.profile and boot into single-user mode

# Last tested on 10.9.2

#----------VARIABLES---------
# Manually set ethernet device ID
ethernetID="en0"	

# Put static IPv4 with subnet mask here
ethernetIP="10.x.x.x 255.255.0.0"

#----------FUNCTIONS---------
#######################
function mountAndLoad()
  {
  	
  	/sbin/fsck -fy
	/sbin/mount -uw /

	# Loads daemons needed for networking in SUM
	launchctl load /System/Library/LaunchDaemons/com.apple.kextd.plist
	launchctl load /System/Library/LaunchDaemons/com.apple.notifyd.plist
	launchctl load /System/Library/LaunchDaemons/com.apple.configd.plist

	# Sleep to allow the NIC to initialize
	sleep 15
	}
	
##########################
function setWiredAddress()
	{
	# Set a static IP
	ipconfig set $ethernetID INFORM $ethernetIP	
	}
	
################################
function loadDaemonsForSSH()
	{
	sleep 5
	# Possible daemons needed to enable SSH
	launchctl load -w /System/Library/LaunchDaemons/com.apple.distnoted.xpc.daemon.plist
	launchctl load -w /System/Library/LaunchDaemons/com.apple.securityd.plist
	launchctl load -w /System/Library/LaunchDaemons/com.apple.securityd_service.plist
	launchctl load -w /System/Library/LaunchDaemons/com.apple.opendirectoryd.plist
	launchctl load -w /System/Library/LaunchDaemons/com.apple.dnsextd.plist
	launchctl load -w /System/Library/LaunchDaemons/com.apple.Kerberos.digest-service.plist
	launchctl load -w /System/Library/LaunchDaemons/com.apple.Kerberos.kadmind.plist
	launchctl load -w /System/Library/LaunchDaemons/com.apple.Kerberos.kcm.plist
	launchctl load -w /System/Library/LaunchDaemons/com.apple.Kerberos.kdc.plist
	launchctl load -w /System/Library/LaunchDaemons/com.apple.Kerberos.kpasswdd.plist

	# Load SSH
	launchctl load -w /System/Library/LaunchDaemons/ssh.plist

	echo "Outbound SSH is now enabled."
	}
	
#---------------------------------#
#----------SCRIPT BEGINS----------#
#---------------------------------#
if [ $TERM = "vt100" ];then
	mountAndLoad
	setWiredAddress
	loadDaemonsForSSH
fi