Check out this article, to learn how to protect an Agent installation.
Because the Agent is tamper-resistant, uninstallation depends on who is performing it and which authorization method is used. There are currently three ways to uninstall a Protected Agent:
1. Uninstall by the Original User
The user who originally installed the Agent can uninstall directly, no password required:
sudo /usr/local/teramind/agent/bin/uninstall.sh
2. Uninstall with Dashboard Password
Any administrator can disarm protection using the password configured in the PROTECTED AGENT UNINSTALL PASSWORD field under Settings > Security > Agent Removal Protection section of the Teramind Dashboard.
This is a two-step process:
2.1: Disarm Protection
sudo "/usr/local/teramind/agent/bin/Teramind Agent.app/Contents/MacOS/Teramind Agent" --noProtectionServerPassword '<dashboard_password>'
For example:
sudo "/usr/local/teramind/agent/bin/Teramind Agent.app/Contents/MacOS/Teramind Agent" –noProtectionServerPassword 'mypass123'
The Agent will verify the password online against the password set on the Teramind Dashboard. On success, it will remove the protection marker.
2.2: Uninstall Normally
sudo /usr/local/teramind/agent/bin/uninstall.sh
3. Uninstall with Local Password
Any admin can uninstall using a daily-rotating local password. This is useful for support when the dashboard is unreachable or the server password isn't configured.
sudo /usr/local/teramind/agent/bin/uninstall.sh --password "$(printf '%s%s%s' "$(hostname)" "$(date -u +%d%m%Y)" "RemoveMeAllNow" | md5 -q)"
Notes:
The password rotates daily at UTC midnight.
This is a convenience/recovery mechanism, not a cryptographic secret - the formula is derivable from public inputs.
