hoakley November 11, 2018 Macs, Technology

Last Week on My Mac: ssh it

I have removed this article as it contained some major errors.

I will post a full and detailed – and hopefully much more accurate – account of ssh in Mojave at 0730 UTC on Monday 12 November. I hope that you will find that valuable, and a suitable substitute for the currently lacking documentation.

Thank you for your patience and understanding.

4Comments

Add yours

1

Dominic Dunlop on November 11, 2018 at 9:01 am

Umm, I don’t think I’m seeing this, either on 10.14.1 or 10.14.2 public beta: having logged in with ssh, I can ls and successfully recursively grep the contents of ~/Library/Mail. As far as I recall, I have never changed my ssh and sshd configurations from the the defaults shipped by Apple. The only thing ssh-related in Security & Privacy => Privacy => Full Disk Access on the two systems I’ve tried is sshd-keygen-wrapper — which I do not remember putting there.

LikeLiked by 1 person
- 2
  
  hoakley on November 11, 2018 at 9:19 am
  
  Therein may lie the clue: if you didn’t put sshd-keygen-wrapper in the Full Disk Access list, what did? I wasn’t aware that anyone other than the user can put items in the Full Disk Access list – I thought that was one of the fundamental rules of the new privacy protections.
  Is it that, perhaps, which enables full access?
  Why is none of this documented?
  Howard.
  
  LikeLike
  - 3
    
    hoakley on November 11, 2018 at 1:20 pm
    
    Thank you for drawing attention to this. I’m now complete confused, as the mysterious sshd-keygen-wrapper has suddenly shown up in the Full Disk Access list (as it had in 10.14 when I looked at ssh behaviour before). Now ssh works exactly as it did in 10.14, with no sign of any changes.
    I’m not sure what is going on. Until I understand this better, I have withdrawn the whole of this article, and I apologise if I have confused anyone. I’m not sure why on several previous ssh connections, and attempts to access protected folders in ~/Library, sshd-keygen-wrapper wasn’t generated or added to the Full Disk Access list on the ‘remote’ Mac. Now that it has been, I can confirm that ssh works unchanged just as it did in 10.14.
    That does mean that users have to be just as careful in allowing ssh access as they were before, though.
    Howard.
    
    LikeLike
4

Jan Steinman on November 11, 2018 at 8:18 pm

Hoo boy… looks like I won’t be upgrading to Mojave any time soon!

LikeLike

·Comments are closed.

Share this:

Related