3 Replies Latest reply: Apr 21, 2010 4:21 AM by ruggiero
ruggiero Level 1 Level 1 (25 points)
I have a strange problem in that the app firewall blocks incoming ssh connect requests. That would be ok under normal circumstances but I have explicitly enabled remote login and I can see in the advanced firewall panel that remote login is set to allow incoming connections. The console log however tells me:

07.04.10 08:23:03 Firewall[1112] Deny sshd-keygen-wrapper connecting from to port 22 proto=6

As soon as I deactivate the app firewall I can login. All was OK with Leopard, but started acting weird with Snow Leopard. I only realized this now because I had to login from remote to kill a hanging window server on my MacBook Pro. I had to finally force a reboot.

Any idea what this could be and how to fix it?

Oh, and don't tell me to run without firewall because I connect my MBP to various networks, often in schools where the kids love to try the teacher's computer.

Thanks a lot

MacBook Pro, Mac OS X (10.6.3)
  • ruggiero Level 1 Level 1 (25 points)
    Any takers out there?

    How should I proceed? Any other logs that might give some clues as why the app firewall blocks incoming connect request despite telling me that ssh is allowed to connect??

  • direwolf8 Level 4 Level 4 (1,280 points)
    In the context of the Apple firewall, are you sure that remote login is what you need open? rlogin is port 513, while ssh is port 22. Is port 22 open?
  • ruggiero Level 1 Level 1 (25 points)
    Yes, I know what I want - and what is supposed to be.

    In System Preferences/Sharing I activate Remote Login. On the right hand side of the panel it reads: use ssh ... to log into your computer
    In the Firewall Pane / Advanced it tells me at the top Remote Login (SSH) allow all incoming connections. Toggling remote login in the sharing pane toggles this setting as well. So it really looks to me that ssh port 22 should be open, but in console log it clearly tells me that the app firewall has blocked access to port 22, Weird, isn't it? Deactivating the firewall allows ssh connections, re-activating blocks again (and still shows that incoming connection are allowed...).
    Oh, and a reboot did not help. Problems started after applying combo updater 10.6.3
    Thoroughly confused, yours ---markus---