Allow remote access to macOS Server
You can allow or deny access to your server from remote computers that are using the Server app, screen sharing, Apple Remote Desktop, or SSH (Secure Shell).
Allow remote login to your server
You can use the Server app to allow logging in to your server remotely from another computer. After allowing remote login, you can log in to your server by using the ssh command-line tool on another computer. By default, only members of the Administrators group have access to SSH.
In the sidebar of the Server app
, select your server, then click Settings.Select “Allow remote login using SSH”
Choose which users can access your server using SSH.
Click Access.
Select the desired service from the Custom Access list.
Click the More button
and choose Edit Custom Access.Click the “Allow connections from” pop-up menu, then choose “only some users.”
In the users and groups sheet, enter a user or group name.
To add more users or groups, click the Add button
, then enter another name.When you’ve added all the desired users and groups, click OK.
Allowing remote login to your server can make your server less secure. For information about keeping your server secure, search Mac Help for “Protect the information on your Mac.”
Allow screen sharing and remote management
You can use the Server app to let other computers view your screen and control your server. The other computer’s user sees what’s on your screen and can open, move, and close files and windows, open apps, and even restart the server.
If you allow screen sharing and remote management, your server can be observed and controlled by screen sharing software using the VNC protocol on another computer or using Apple Remote Desktop on another Mac. VNC screen sharing is included with macOS. It’s also available for Windows computers and for iPhone, iPad, and iPod touch. Apple Remote Desktop is available from the Mac App Store.
In the sidebar of the Server app
, select your server, then click Settings.Select “Enable screen sharing and remote management.”
The following are three possible states for Screen Sharing and Remote Management:
State
Description
-
Screen Sharing is enabled.
√
Remote Management is enabled.
unselected
Remote management and Screen Sharing are disabled.
Selecting this option in the Server app only allows screen sharing and Apple Remote Desktop access by the administrator account created when the server was initially set up.
Choose which users can access your server using Screen Sharing.
Click Access.
Select the desired service from the Custom Access list.
Click the More button
and choose Edit Custom Access.Click the “Allow connections from” pop-up menu, then choose “only some users.”
In the users and groups sheet, enter a user or group name.
To add more users or groups, click the Add button
, then enter another name.When you’ve added all the desired users and groups, click OK.
If you want to allow other VNC viewer software apps access, select Remote Management or Screen Sharing in Sharing preferences, then select “VNC viewers may control screen with password” and enter a password.