Remote login after reboot

I’m away from my house on vacation, and am able to remotely connect to my Mac Studio at home over VPN and VNC. I’ve noticed a few weird things happening on the remote computer, and want to see if they clear up with a reboot. However, I’m not sure if I’ll be able to remotely log back into the computer after doing a reboot. When do the remote login services load; immediately after reboot or upon login to the device?

If you were concerned as to whether your VPN app loaded anything prior to user login, you could set your account to automatically login before you reboot the remote computer.

4 Likes

And as an extra precaution, set your Mac to never sleep and/or not require a password on wake (just until you are successfully logged in after the reboot).

3 Likes

@Tommy @fischej - These are great suggestions that I 100% forgot about! Thank you guys!

I remotely rebooted the computer, and then attempted to login to it but couldn’t. It didn’t respond to my VNC attempted connection. I had to have a neighbor with a key to my house swing by, after I’d disabled the alarm. Via FaceTime, I noticed the the power light was illuminated on the Mac Studio, so I had her tap the keyboard and the monitor instantly came to life, meaning the computer was on and awake, yet I couldn’t connect via VNC. I then had her enter my password (fortunately it’s way too long and complicated for her to remember as I dictated it to her), and before the login process was complete, I was able to connect via VNC. So it appears that one of the daemons doesn’t load until login. This is good to know. In the future, I’ll take both of your suggestions!

Yeah, I discovered the hard way (i.e., exactly as you just did), that the VNC connection has to be made with an already logged in user, hence @tommy 's suggestion. I added mine as a sort of “belt and suspenders” approach, but automatic log-in is the real key to making a successful VNC connection after reboot.

1 Like

I think if you have FileVault enabled, there’s no way to reboot without a login. The first login happens in the boot loader and is necessary to unlock the encrypted boot volume. After that’s happened, the normal boot process starts (including starting the VNC daemon).

If you want to be able to remotely reboot the Mac, you’ll need to disable FileVault. I don’t think you need automatic login, as the VNC server will be started during boot and be running when the login screen is displayed. But if you have an encrypted boot disk (i.e. FileVault), you have to enter credentials before the boot process can even start.

4 Likes

I wondered about this. I’ll have to give it a play on my (local) MacBook Pro, before trying attempting it on my (remote) Mac Studio.

Thanks!

1 Like

You’re 100% correct. I have FileVault enabled on both of my computers, and I can’t enable Automatic Login on either of them. I confirmed this by checking out Apple’s support page: Automatic Login

2 Likes

Hmmm. Well it’s always possible I’m mis-remembering, and a quick search didn’t find anything to back me up, but I would have sworn that a freshly booted Mac (without auto-login) cannot be accessed via VNC until at least one user is logged in. At least, that’s my clear recollection of what I learned a few months ago when I was in the OP’s shoes. Can’t test it now, as I’ve switched from an iMac/MBA setup to a single MBP (so my VNC days are behind me…for now).

I don’t know about the latest systems, but at least through Catalina, booting is enough to start VNC, there’s no need to log in first. it can take a bit for the process to start up though. I have a couple of systems that I don’t have filevaulted because they run headless and it’s a lot easier to login to a particular account after a reboot via screen sharing than to connect them to a keyboard and maybe monitor (the default keyboard at boot is sometimes erratic and flip flops between dvorak and US.)

VPN usually needs the user logged in, unless it’s been specifically installed machine wide. Most I’ve seen are user based.

For remote access, the choice between being able to boot remotely vs having the disk encrypted in case it’s stolen while you’re away could be a tough call.

VPN server is part of macOS and AFAIK always runs system wide. Per system preference setting it allows logging on either for all (local) accounts or for a selected subset.

My Mac Studio is running Catalina, but for the life of me, I couldn’t connect to it, until after my neighbor logged in for me, though the box was on and awake.

Re: VPN, I have it running through my router. It does various VPN protocols.

The vast majority of my disks are encrypted, though the drives on my server aren’t the data is.

I used to provide remote support for ~20 Macs using Apple Remote Desktop. As @gastropod says, earlier versions of MacOS certainly allowed screen sharing at the login screen straight after boot, as I have done that many times. When you had the issue a few months ago, did the Mac you were trying to access remotely have FileVault enabled?

No, FileVault was not enabled. So that’s a difference with the OP’s situation, and it would make sense that FV would certainly play a factor on where in the boot sequence user authentication would be required. The Mac I was trying to log into remotely was running the latest version (at the time) of Catalina (the latest OS it would support). Interesting. Well, like the OP, I could not log in remotely after a reboot until my daughter came over to the house and logged in for me. But maybe there was some other factor involved that I conflated with the initial user login, and concluded that was preventing remote login. :man_shrugging:

1 Like

You can run the following command and after the machine will boot to the login screen:

sudo fdesetup authrestart

Here is an article which goes into detail how that works: How to restart a FileVault-protected Mac remotely - CNET

pls note - this is for a planned restart.

2 Likes