Sequoia Local Network blocking?
Ryan Carsten Schmidt
ryandesign at macports.org
Mon Jan 27 00:12:15 UTC 2025
On Jan 26, 2025, at 14:17, Daniel J. Luke wrote:
>
> After thinking that I had somehow broken my home network - it looks like I'm actually stumbling on Sequoia's Local Network blocking.
>
> If I ssh into a Mac on my LAN, I can't ssh out using MacPorts openssh to other hosts on the same subnet (dtruss shows connect() failing and ssh reports No route to host) the Apple-provided ssh client /can/ ssh out just fine. I don't get a prompt to allow local network access on my Mac. If I run the ssh client as root, it is able to ssh out. Of course, ssh doesn't appear in the Systems Setting panel for this, so I can't grant it access.
>
> Looking over https://developer.apple.com/documentation/technotes/tn3179-understanding-local-network-privacy - it appears that there's an exception for command line tools in Terminal or over SSH. Have any of us looked into this stuff at all? Is there something in Apple's provided sshd that we can mimic or is it using Apple's signature so we're just limited to perhaps opening bug reports with Apple?
On Intel or Apple Silicon? I had some problems like that on Intel (such as https://trac.macports.org/ticket/70945 ) which were helped by manually codesigning the executable. This shouldn't be a problem on Apple Silicon where everything is already codesigned.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macports.org/pipermail/macports-dev/attachments/20250126/9c39728f/attachment.htm>
More information about the macports-dev
mailing list