On Snow Leopard, I can give access to services like SSH only to specific users by using the "only these users:" option in the sharing tab of the System preferences.
This is bothersome to use when configuring multiple machines, and some accounts such as the root user do not show up there, so I'd like to script it.
Is there a way to add access to given services to arbitrary users on the command line?
Create a group named "com.apple.access_ssh", and add users and/or subgroups to it. Here's an example of limiting SSH access to administrators (members of the "admin" group) and a user named "fred":
sudo dseditgroup -o create -r "Remote Login ACL" com.apple.access_ssh
sudo dseditgroup -o edit -t group -a admin com.apple.access_ssh
sudo dseditgroup -o edit -t user -a fred com.apple.access_ssh
