After upgrading to Sequoia MacOS 15.0 cannot connect to it via SSH

I'm posting this just in case anyone else is still running into this issue. I had the exact same error as everyone else in the thread on a new MacBook Pro running Sequoia. I tried the fixes suggested in this thread but none worked.

I did discover that when I executed:

sshd -T

I would get the following error:

/etc/ssh/sshd_config.d/101-authorized-keys.conf: No such file or directory

Checking the file with `ls`, I was able to determine that the file was a symlink to:

/etc/static/ssh/sshd_config.d/101-authorized_keys.conf

but that the symlink target did not exist. I deleted the broken symlink (`rm /etc/ssh/sshd_config.d/101-authorized-keys.conf`), restarted SSH and now I can connect to the new laptop.

The bug is still present on 15.2, but I think I've just found the cause. I tried running sshd from terminal and got this:

debug1: sshd version OpenSSH_9.8, LibreSSL 3.3.6
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0664 for '/etc/ssh/ssh_host_rsa_key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
debug1: Unable to load host key "/etc/ssh/ssh_host_rsa_key": bad permissions

I'll try to fix the permissions and edit this with the results.

I was having this issue too with Remote Desktop needing ssh to work. In the end, disabling the firewall fixed my ssh issue. I'm sure there's a way to add sshd to the exceptions list, but I haven't figured that out yet.

For what it's worth, this approach of insisting on password authentication did not resolve the issue for me. My machine is behaving exactly as in the OP of this thread, same results from tcpdump.

If I switch off the firewall, ssh works as it should. But I am not allowed to leave the firewall disabled so I would love a resolution to this issue.

There are content filters running on my machine: Microsoft Defender and Crowdstrike Falcon. I am not able to disable them but I wonder if they might be part of the issue?

What just worked for me is:

1. turn off the remote access in System-settings|General|Sharing
2. run 'su Administrator' in a terminal
3. run 'sudo visudo /private/etc/sudoers' and allow admin to use sudo by uncommenting the line around line 60 (this may not be strictly necessary but since I did it, its here).
4. run 'sudo /usr/sbin/sshd'

At this point you can test if you can log in (ssh user@target) from another machine.

HTH

I solved by disabling “private wifi address” option

Updating to 15.0.1 also resolved this for me. Thank you for the heads up on that: it allowed me to nudge our system administrator to let me install this update sooner than it would normally become available.

I solved by disabling “private wifi address” option

In the firewall settings, sshd-session has been set to block. Restore to allow.

This also did not work for me :( The only thing that works so far is disabling the firewall.

It sounds like I'm having a similar issue. I have a MacMini I run as a headless server, connect to it remotely using both SSH and VNC. Last week I upgraded to Sequoia and both SSH and VNC stopped working. I did find a "workaround" When I power up the MacMini, I cannot connect remotely through any means. But if I connect a physical keyboard to the machine and login locally, then from that moment on I can connect using SSH and VNC. So the act of logging in locally once "fixes" SSH and VNC, at least until the machine is rebooted.

Apple must fix this. I'm lucky in that I can connect a keyboard and login locally each time I power up this machine. Can you imaging someone running this as a headless server in a datacenter or server room!?!

The bug is still present on 15.2, but I think I've just found the cause. I tried running sshd from terminal and got this:

debug1: sshd version OpenSSH_9.8, LibreSSL 3.3.6
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0664 for '/etc/ssh/ssh_host_rsa_key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
debug1: Unable to load host key "/etc/ssh/ssh_host_rsa_key": bad permissions

I fixed it with:

$ sudo chown -R 600 /etc/ssh/*key

It will ask for your password. You have to deactivate and then reactivate Remote Login.

I think it was fixed in 15.0.1. My test macbook connects via ssh with the firewall enabled after the update. I'm additionally testing it on other macbooks

I have this problem also with upgrade or new install to MacOS 15.0.

The reason or solution is, you have to use

ssh -o PreferredAuthentications=password hostIP -l userXX ( or userXX@hostIP)

and after you can then copy your pubkey to ~/.ssh/authorized_keys on Mac 15.0 you can use

ssh userXX@hostIP

I have try a little in /etc/ssh/sshd_conf, no success. I have to use the above workrounds.