Showing results in 'Blog'. Show all posts

Kerberos (PennKey) Authentication for OS X 10.8 "Mountain Lion", 10.9 "Mavericks" and 10.10 "Yosemite"

Allowing users to log in with their PennKey is the best way to provision access to public computing resources. Everyone at Penn has a PennKey and password, that is all they need.

Prerequisites: Mac OS X 10.8.5/10.9.5/10.10.4, PennNet IP address, Kerb access to the Penn Directory.

Update (11/2/15): The content for this post has moved to a new site. All further updates to this page will be placed there. Thanks for visiting!

Open the Firmware

   PowerPC-based Macs use a proprietary system for controlling direct hardware access by the system, called "Open Firmware". This performs in a similar manner to a PC's BIOS. The easiest way to get around all of the access control mechanisms and passwords of a computer's operating system is to go around. Booting a computer to an alternate operating system can allow direct access to a computer's hard drive without any barriers. The BIOS has the ability to password protect the boot sequence as well as the boot device option.

Tip: Ditto

Ditto is a utility that comes with Mac OS X, which copies entire directories from one place to another. When automated via shell script, ditto can form a very very basic backup tool.

Create the ditto command.

For example, "ditto /Users/jasonrw/Documents/ /Volumes/USBHDD/ditto/"

Test out the command and make sure it performs as expected. Place the syntax into a plain text file, preceeded by a #!/bin/bash and followed by an "exit" statement.


ditto /Users/jasonrw/Documents/ /Volumes/USBHDD/ditto/


Tip: Show Lion's Library

In Apple's latest version of Mac OS X, "Lion", the "Library" folder inside of each user's profile is hidden. ~/Library can be reached manually from the "Go to Folder..." menu item. A better option would be to have ~/Library not hidden at all. To do this, enter the following in the terminal.

sudo chflags nohidden ~/Library

Terminal will ask for your login password, or that of an administrator.

Please be careful with directly editing files in ~/Library. Errors in this part of Mac OS X can render features unable to function.