Full Disk Access - sshd-keygen-wrapper

[steve333]

I decided to check which apps have full disk access and I wanted to turn off access to CleanMyMacX since I want to remove it from my computer.
I found sshd-keygen-wrapper
Full disk access was turned off but what the heck is this? Should I delete it from the list?
Thanks

 

[Nermal]

It's part of the OS and it seems to be normal for it to show up (it's present on my machine as well).

 

[russell_314]

It's part of the OS and it seems to be normal for it to show up (it's present on my machine as well).

That’s good to know. Apple should do a better job naming whatever that is because if I saw keygen anything, I would think of some sort of malware.

 

[Nermal]

Apple should do a better job naming whatever that is

I'm getting flashbacks to the "Steve Jobs would never have allowed this" meme, because I agree with you, and I suspect in the "good old days" it would indeed have had a much more descriptive name.

 

[gilby101]

sshd-keygen-wrapper

Quoting from an answer here https://discussions.apple.com/thread/3066623?sortBy=best (not the first one!):

"This has nothing to do with pirated software or trojans. /usr/libexec/sshd-keygen-wrapper is a shell script that generates SSH host keys when you first use Remote Login. Do you have (or ever had) Remote Login activated in the Sharing preference pane?"

It will be ticked (enabled) if you have ever enabled screen sharing or other remote access.

Web search gives lots of answers.

It is ok to untick if you want, but don't try to delete it.

Apple should do a better job naming whatever that is because if I saw keygen anything, I would think of some sort of malware.

Naming is accurate if somewhat arcane. Related to secure shell (remote access), generate encryption key, and it is a wrapper (round a shell script which needs that privilege).

 

[steve333]

Quoting from an answer here https://discussions.apple.com/thread/3066623?sortBy=best (not the first one!):

"This has nothing to do with pirated software or trojans. /usr/libexec/sshd-keygen-wrapper is a shell script that generates SSH host keys when you first use Remote Login. Do you have (or ever had) Remote Login activated in the Sharing preference pane?"

It will be ticked (enabled) if you have ever enabled screen sharing or other remote access.

Web search gives lots of answers.

It is ok to untick if you want, but don't try to delete it.


Naming is accurate if somewhat arcane. Related to secure shell (remote access), generate encryption key, and it is a wrapper (round a shell script which needs that privilege).

I think that answered my next question, which was should I turn it on?
It's off right now and I never use remote log in, so I assume I should leave it un enabled?

 

[gilby101]

I think that answered my next question, which was should I turn it on?
It's off right now and I never use remote log in, so I assume I should leave it un enabled?

Yes, leave it alone. If you do enable remote login or screen sharing, part of the enabling process will (I think) be to enable it.

The Ventura/Sonoma System Settings have exposed more of the internals than previously. In some ways good, but does lead to undue worries. Pity Apple don't give a brief explanation of the purpose of internal apps displayed in System Settings.

 

[steve333]

Yes, leave it alone. If you do enable remote login or screen sharing, part of the enabling process will (I think) be to enable it.

The Ventura/Sonoma System Settings have exposed more of the internals than previously. In some ways good, but does lead to undue worries. Pity Apple don't give a brief explanation of the purpose of internal apps displayed in System Settings.

I agree, I thought it was malware