Posts Tagged ‘ssh’

Upgrade notes on macOS Sierra

I’m notorious for not updating OS X (macOS) too quickly, preferring to wait months on end for Apple to iron out bugs. I just hope that in 2017 they don’t make a major release and something sensible, i.e. that fixes usability and makes the OS much more stable.

However when you buy a new Mac, you’re more or less forced into the new OS. I did pickup a MacBook Pro 15″ with the new TouchBar, and at some stage I’ll talk about my usage (its been about 3 months of daily usage).

One thing that has annoyed me about the new macOS Sierra is that I don’t get to use GPGTools – it will not work on macOS Sierra. There is now however a beta you could try to ensure you’re signing and encrypting email just as well.

Another thing that I hit almost immediately? Some of my SSH hosts just stopped working. I’ve seen various sites talk about how ssh-agent does not automatically load pass phrases to keychain during startup to Upgrading to macOS Sierra will break your SSH keys and lock you out of your own servers.

My ~/.ssh/config now has:

Host *

UseKeychain yes

AddKeysToAgent yes

to fix things.

Everything else more or less works. I did Time Machine restore. I’m not too happy that they removed the Time Remaining from the Battery icon, and I’m not getting the battery life that I expect, but maybe when the new Mac Mini’s come out, I’ll do another Time Machine restore to that, and a clean install to the MacBook Pro.

Secure travelling with ipfw on OS X?

Dear (mac/bsd) Lazyweb,

Any idea how I can do the following, on Mac OS X?

iptables -t nat -A PREROUTING -p tcp -d my.pop.server —dport 110 -j DNAT —to-destination 127.0.0.1:1235
iptables -t nat -A OUTPUT -p tcp -d my.pop.server —dport 110 -j DNAT —to-destination 127.0.0.1:1235

Does ipfw(8) work in OS X? What magic will I have to use for this to work? All I really want is for my.pop.server:110 to point to localhost:1235, so if the SSH tunnel isn’t up, I can’t POP my mail. I wrote about this in Secure travelling tips with iptables and SSH port forwarding, as that’s what I do on Linux.

Why do I ask? I’m thinking that my personal laptop (currently a Dell Inspiron 640m running Linux) might actually be replaced with a MacBook Air in the near future (lighter, easier to carry, etc.). Oh, if you have comments about the Air, don’t hesitate to tell them to me as well.


i