Installing the Remote Agent for Macintosh Systems by using the SSH (Secure Shell) protocol

By default, the Remote Agent installation program uses RSH (Remote Shell) when remotely installing the Remote Agent. Symantec recommends that you use SSH (Secure Shell) instead. To remotely install the Remote Agent using the SSH protocol, you must establish and then test a trust relationship between the client computer and each computer where you want to install the Remote Agent.

To establish a trust relationship, SSH must be enabled on each computer where you want to install the Remote Agent. If SSH is not enabled, use the following steps to enable it:

To establish a trust relationship and enable SSH

  1. To enable SSH, open System Preferences.

  2. Click Sharing.

  3. Check the name of the check box for Remote Login.

  4. On the SSH client computer from where you are installing the Remote Agent, log in as root.

  5. Run the following command:

    ssh-keygen -b 1042 -t dsa

  6. Accept the defaults, including no passphrase.

    The command creates an SSH key for the computer, along with a directory in root's home directory called .ssh. The SSH key resides in a file called id_dsa.pub.

  7. On each remote computer where the Remote Agent is installed, verify that /var/root/.ssh/authorized_keys2 file exists, and then do one of the following.

    If the file does not exist

    Copy the file, id_dsa.pub, from the SSH client to /var/root/.ssh/authorized_keys2 to each computer. You may have to create the directory /var/root/.ssh.

    If the file does exist

    Create a backup of the file, authorized_keys2, and then append the contents of the id_dsa.pub file to the original authorized_keys2 file.

To test the trust relationship

  1. On the SSH client computer from where the Remote Agent is being installed, log in as root.

  2. Run the following command:

    ssh root@<client name or IP address>

    The following prompt may appear:

    Are you sure you want to continue connecting (yes/no)?

  3. Type yes.

    If the trust is properly configured, a shell prompt appears for the remote computer.

    If a password prompt appears, the trust is not properly configured. Verify that you have performed each of the steps listed above.

    After testing the trust relationship, close the shell.

  4. Run the following command to install the Remote Agent to the client computer:

    ./installralus -usessh.

More Information

Publishing Macintosh computers to a media server

About editing the ralus.cfg file for a Macintosh computer

Backing up Macintosh computers