Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Start Mac VNC server from command line
# Step 1: Set priveleges
$ sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -allowAccessFor -allUsers -privs -all
Starting...
Setting allow all users to YES.
Setting all users privileges to 1073742079.
Done.
# Step 2: Allow VNC clients
$ sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -clientopts -setvnclegacy -vnclegacy yes
Starting...
Set the client options.
Done.
# Step 3: Set VNC password (change it at the end of the line (i.e. don't use supersecret))
$ sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -clientopts -setvncpw -vncpw supersecret
Starting...
Set the client options.
Done.
# Step 4: Restart service
$ sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -restart -agent -console
Starting...
Stopped ARD Agent.
Stopped VNC Privilege Proxy
Stopped RFB Register MDNS
Done.
# Step 5: If no ARD services have been activated on the machine before, it is also necessary to run the following command
$ sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate
Starting...
Activated Remote Management.
Done.
@zdj

This comment has been minimized.

Copy link

@zdj zdj commented Jul 11, 2014

Thanks a bunch for this. My headless Mac Pro was showing a grey screen via Screen Share and it came right back after running these commands.

@isaacovercast

This comment has been minimized.

Copy link

@isaacovercast isaacovercast commented Apr 11, 2017

Super useful.

@jaderfeijo

This comment has been minimized.

Copy link

@jaderfeijo jaderfeijo commented May 2, 2018

Super useful indeed. I was able to use this to log into a Circle CI instance to debug an issue via reverse ssh. Wouldn't have been able to figure out what was going on without this. Thanks.

@spin6lock

This comment has been minimized.

Copy link

@spin6lock spin6lock commented Nov 12, 2018

Warning: macos 10.14 and later only allows control if Screen Sharing is enabled through System Preferences.

so sad

@inetfuture

This comment has been minimized.

Copy link

@inetfuture inetfuture commented Sep 16, 2019

works well on 10.13.6, thanks

@albert-a

This comment has been minimized.

Copy link

@albert-a albert-a commented Nov 18, 2019

10.13.6, 10.14 - Does not work.

@aserraric

This comment has been minimized.

Copy link

@aserraric aserraric commented Mar 30, 2020

I'm currently working remote exclusively (Covid-19) and this saved me a trip to the office. (OS X 10.14.6)
The warning appears, but it actually works without "Screen Sharing" being enabled. Having "Remote Management" on apparently does the same thing.

@nateware

This comment has been minimized.

Copy link
Owner Author

@nateware nateware commented Mar 31, 2020

Thanks for the note @aserraric! Glad to hear it was helpful.

@ccsben

This comment has been minimized.

Copy link

@ccsben ccsben commented Apr 1, 2020

I tested on 10.15.4. For whatever reason, -setvncpw -vncpw password seems to be setting the password to something else coz the vncviewer is getting authentication failure
But then I manually type the password into the system preferences > sharing > computer settings... > vnc viewer may control screen with password: without changing anything else that was done by the command line. Then the authentication started working.
This is very strange and just that last bit breaks the whole thing.

@dstranathan

This comment has been minimized.

Copy link

@dstranathan dstranathan commented Jun 10, 2020

I tested on 10.15.4. For whatever reason, -setvncpw -vncpw password seems to be setting the password to something else coz the vncviewer is getting authentication failure
But then I manually type the password into the system preferences > sharing > computer settings... > vnc viewer may control screen with password: without changing anything else that was done by the command line. Then the authentication started working.
This is very strange and just that last bit breaks the whole thing.

Yup. You can enable/disable VNC from CLI but NOT set password. This may have started in Mojave possibly, but definitely
the case now in Catalina as of June 2020.

However, the VNC password (hash) set from the Sharing pane GUI is stored in a (root-owned) pref file in /Library/Preferences. This file can be managed via scripts if you have admin rights and are creative with SSH and scripting, and/or have a Mac management system such as Jamf etc.

Edit: typos.

@lefoimpeur

This comment has been minimized.

Copy link

@lefoimpeur lefoimpeur commented Jul 9, 2020

Hi, I'm currently testing the 10.15.4 as well. Indeed the change of the vnc password doesn't work on the command line.
But I have another particular behavior:

  • when I enable VNC with the GUI, the remote access to the mac with Dameware from a Windows works perfectly.
  • on the other hand when I enable VNC in command line, the connection is done on the mac but the screen is black, I can't do anything.

Do you have any idea why?

@dstranathan

This comment has been minimized.

Copy link

@dstranathan dstranathan commented Jul 9, 2020

Hi, I'm currently testing the 10.15.4 as well. Indeed the change of the vnc password doesn't work on the command line.
But I have another particular behavior:

  • when I enable VNC with the GUI, the remote access to the mac with Dameware from a Windows works perfectly.
  • on the other hand when I enable VNC in command line, the connection is done on the mac but the screen is black, I can't do anything.

Do you have any idea why?

I dont know. Sorry.

@jbwasp

This comment has been minimized.

Copy link

@jbwasp jbwasp commented Aug 19, 2020

Hi, I'm currently testing the 10.15.4 as well. Indeed the change of the vnc password doesn't work on the command line.
But I have another particular behavior:

  • when I enable VNC with the GUI, the remote access to the mac with Dameware from a Windows works perfectly.
  • on the other hand when I enable VNC in command line, the connection is done on the mac but the screen is black, I can't do anything.

Do you have any idea why?

I dont know. Sorry.

you can add below to your script

perl -we 'BEGIN { @k = unpack "C*", pack "H*", "1734516E8BA8C5E2FF1C39567390ADCA"}; $_ = <>; chomp; s/^(.{8})./$1/; @p = unpack "C", $; foreach (@k) { printf "%02X", $ ^ (shift @p || 0) }; print " "' | sudo tee /Library/Preferences/com.apple.VNCSettings.txt")

@jbwasp

This comment has been minimized.

Copy link

@jbwasp jbwasp commented Aug 19, 2020

I tested on 10.15.4. For whatever reason, -setvncpw -vncpw password seems to be setting the password to something else coz the vncviewer is getting authentication failure
But then I manually type the password into the system preferences > sharing > computer settings... > vnc viewer may control screen with password: without changing anything else that was done by the command line. Then the authentication started working.
This is very strange and just that last bit breaks the whole thing.

you can add below to your script

perl -we 'BEGIN { @k = unpack "C*", pack "H*", "1734516E8BA8C5E2FF1C39567390ADCA"}; $_ = <>; chomp; s/^(.{8})./$1/; @p = unpack "C", $; foreach (@k) { printf "%02X", $ ^ (shift @p || 0) }; print " "' | sudo tee /Library/Preferences/com.apple.VNCSettings.txt")

@flhoest

This comment has been minimized.

Copy link

@flhoest flhoest commented Dec 4, 2020

All this is nice but ... how do you solve the
"Warning: macos 10.14 and later only allows control if Screen Sharing is enabled through System Preferences."
issue ?

I'm actually doing ssh to a Mac mini hosted on AWS EC2 ...

@jcavar

This comment has been minimized.

Copy link

@jcavar jcavar commented Dec 8, 2020

All this is nice but ... how do you solve the
"Warning: macos 10.14 and later only allows control if Screen Sharing is enabled through System Preferences."
issue ?

I'm actually doing ssh to a Mac mini hosted on AWS EC2 ...

This video https://www.youtube.com/watch?v=FtU2_bBfSgM and this gist explain that nicely: https://gist.github.com/sebsto/6af5bf3acaf25c00dd938c3bbe722cc1

@abhi-io

This comment has been minimized.

Copy link

@abhi-io abhi-io commented Dec 28, 2020

@nateware you just saved my day (20.5hrs)
worked on
Amazon EC2 macOS Catalina 10.15.7, and
Amazon EC2 macOS Mojave

endpoint details are - IP, Username, Pass

@hisashiyamaguchi

This comment has been minimized.

Copy link

@hisashiyamaguchi hisashiyamaguchi commented Mar 25, 2021

Great script. It's working on BigSur too.

% uname -a
Darwin ip-172-31-30-21.us-east-2.compute.internal 20.3.0 Darwin Kernel Version 20.3.0: Thu Jan 21 00:07:06 PST 2021; root:xnu-7195.81.3~1/RELEASE_X86_64 x86_64

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment