The Problem:

You want to take screenshots during the OS X recovery process.

The Solution:

The screencapture command can be used to create screenshots from the Terminal.

(To launch the Terminal: hover the cursor at the top edge to show the menu bar, then select Utilities → Terminal).

Type the following:

screencapture -W /path/to/screenshot.png

then click the window you want to capture.

But wait— the recovery environment allows only one app to run at a time. If you want screenshots of Terminal, then this method works great. However, if you want screenshots of something else, you’re out of luck.

Fortunately, the recovery partition includes sshd. It’s not running by default, but starting it is easy:

/usr/sbin/sshd -o UsePAM=no

(The absolute path is required; if you leave it out, then sshd bails out with an error).

OK, but the root account has a random password. And you can’t reset it, since the filesystem is read-only.

New problem:

You want to ssh into recovery, but you can’t set the root account password.

The solution:

Pubkey authentication!

First, create a writeable ramdisk:

rdsize=$((16*1024*1024/512)) # 16 megabytes
dev=`hdik -drivekey system-image=yes -nomount "ram://$rdsize"`
echo $?; echo $dev # check for errors!
newfs_hfs "$dev"
eval `/usr/bin/stat -s /var/root` # store perms for old mountponit
mount -t hfs -o union -o nobrowse "$dev" /var/root # magic happens here
chown "$st_uid:$st_gid" /var/root
chmod "$st_mode" /var/root

Next, add your key to /var/root/.ssh/authorized_keys.

mkdir /var/root/.ssh
cat /Volumes/THUMBDRIVE/id_rsa.pub > /var/root/.ssh/authorized_keys

You can now use your private key to authenticate to sshd.

Quit Terminal, and the ssh sessions will remain connected. You can now use the screencapture command at any time!

A few notes:

You can create screenshots in /var/root, but the ramdisk is only 16 megabytes. If this is too small, increase the rdsize before creating the ramdisk.

Of course, since this is a ramdisk, all modifications will be lost upon reboot. You might want to save the screenshots to a USB device instead. (Or scp/sftp, etc).

Your ssh key should be located on the client machine at ~/.ssh/id_rsa.pub. If it’s not there, it can be created using ssh-keygen. (You might also see a file called id_rsa—that’s the private key; do not copy it).

I’m sure you can think of many other uses for ramdisks. :)

Sources:

• http://apple.stackexchange.com/a/131669/75660
• http://blog.philippklaus.de/2011/04/ssd-optimizations-on-mac-os-x/

Bennett Perkins