SSH Connection Corruption issue on MacOS Sequoia 15.0.X

MacOS

Temporary fix for SSH connection corruption issue on MacOS Sequoia 15

Author

Wei Miao

Published

October 11, 2024

Modified

October 18, 2024

Note

The problem seems to be resolved after updating to MacOS 15.1 beta 4 (24B5077a). Therefore, the issue is likely to be fixed in the official release of MacOS 15.1 on the 28th of October.

Obviously, the Sequoia MacOS 15 update has introduced a bug that corrupts SSH connections. The issue is not limited to Tailscale, but also affects other VPN services. As long as you use some sort of VPN service or internet filtering tools, you are likely to see the issue below.

1 Symptom

When I remote connect to my Mac Pro from my MacBook Pro using Tailscale, the SSH connection is frequently dropped. I was prompted to enter my password again, and sometimes the connection was lost entirely.

When I use SSH to connect to my Mac Pro from my MacBook Pro, the connection is also unstable. The connection is dropped, and I see the following error message:

“bad packet length 4279947347.”

“ssh_dispatch_run_fatal: Connection to XXX port XX: Connection corrupted”

At the time of writing this post, I’m using MacOS Sequoia 15.1 beta 3 (24B5070a), and the issue has not been resolved in this release. So it could take a few more weeks for Apple to release an official fix.

The same issue has been reported by many users, so it is surely a bug in the MacOS Sequoia 15.0.1 update.

Reddit: Sequoia and SSH connection corrupted drops
Apple Community: Firewall Issues - ssh_dispatch_run_fatal errors during SSH
And many more

2 Temporary Fix

2.1 Disable the MacOS firewall

From many online posts, it seems that the interference between MacOS and the VPN service is the root cause of the issue. So the temporary fix is to disable the MacOS firewall on your local machine before Apple releases an official fix.

Go to System Preferences > Network > Firewall. Toggle it off

For my own case, this solved the issue. But it’s risky to disable the firewall completely, so you should only do this when you need to use SSH to connect to your remote.

2.2 Disable network filtering tools

If you are using any network filtering tools, such as Little Snitch or Windows Defender, you should disable them as well.

In my case, I’m using UCL’s Cisco AnyConnect VPN client. I need to disable it to avoid the SSH connection corruption issue.

Go to System Preferences > Network > VPN & Filters; for all services under “filters and proxies”, toggle them off or delete them if they keep coming on.

For my own case, this also totally solved the issue. I can now SSH into my Mac Pro without any issues.

2.3 If you don’t want to disable the firewall completely

If you’re the system default ssh client, you can try adding the ssh client to the firewall’s whitelist, by running the following command in the terminal:

sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add /usr/bin/ssh

This solution is suggested by this link, but it didn’t work for me. It’s worth a try on your machine.