If you have any Mac that you would like to manage remotely, then you can enable Screen Sharing or Remote Management in the Sharing system preferences. However, if these become disabled or if you keep them disabled by default, then you will not be able to access your system. Nevertheless, if you have Remote Login enabled and can establish an SSH connection, then you can take a few steps to re-enable Screen Sharing.
At the very least, you will need the IP address and credentials for a local administrative account on the system you are trying to administer, and then you can follow these steps to enable Screen Sharing:
- Open the OS X Terminal
- Start a remote login session by entering the following (replace and with your Mac’s IP and admin user, accordingly. When run you will be prompted for your password, which will not show when typed):
ssh <Admin Username>@<IP Address>
- When successfully logged in, run the following command to re-enable Remote Management on the computer, followed by closing the Terminal to log out:
sudo /System/Library/CoreServices/Remot\
eManagement/ARDAgent.app/Contents/Resou\
rces/kickstart -activate
Note that this command uses two escaped carriage return characters to wrap it to multiple lines here. You can make it continuous on a single line when typing it out, or when entering it you can type a backslash followed by a single Return to similarly continue the command on multiple lines. You can also just copy and paste the above command.
The above command uses the “-activate” flag to just enable the Remote Management service, which will load its default configuration as set in the Sharing system preferences. Normally this is all that is needed, and you can then connect to your Mac with Screen Sharing, Remote Desktop, or a VNC client of your choice. However, if you are receiving errors then you can re-run the command using the following flags in place of “activate”:
...kickstart -configure -access -on -privs -all -users <username>
These flags will instruct the Remote Desktop agent to configure the service to give full access to the designated users, so be sure to only use this for designated administrative accounts.