FixPedia
macOS

Enabling SSH on macOS: Complete Setup Guide

This guide provides a detailed explanation of how to enable and configure the built-in SSH server on macOS. You'll learn to activate remote login via system settings and terminal, verify the service, and implement basic security settings.

Updated at February 16, 2026
5-10 min
Easy
FixPedia Team
Применимо к:macOS Sonoma (14.x)macOS Ventura (13.x)macOS Monterey (12.x)macOS Big Sur (11.x)

Introduction / Why This Is Needed

Enabling SSH (Secure Shell) on macOS turns your computer into a server that can be securely connected to from another device (another Mac, Linux machine, or Windows PC) for remote command-line management. This is essential for:

  • Administering servers or workstations without physical access.
  • Quickly copying files between computers using scp or rsync.
  • Running scripts and tasks on a Mac located elsewhere.
  • Developing and debugging network applications.

macOS comes with a ready-to-use SSH server (the sshd daemon) that simply needs to be activated. This guide will show you how to do this securely and verify the result.

Requirements / Preparation

Before you begin, ensure that:

  1. You have a user account with administrator privileges on the target Mac.
  2. You know the login (username) and password for this account.
  3. The target Mac is connected to a network (Wi-Fi or Ethernet) and has an IP address you can find in System SettingsNetwork.
  4. The computer you will connect from has an SSH client installed (it's included by default on macOS and Linux; for Windows 10/11, use ssh in PowerShell or Terminal).

⚠️ Important: Enabling SSH opens port 22 for incoming connections. Ensure your user account password is strong, and consider setting up SSH key-based authentication instead of a password for enhanced security.

Step-by-Step Instructions

There are two primary ways to activate the SSH server: through the convenient graphical interface and via Terminal. The first method is recommended if you are a beginner.

This is the simplest and most intuitive method.

  1. On the target Mac, open the Apple menu (🍎) and select System Settings.
  2. In the sidebar, find and select the GeneralSharing section.
  3. In the list of sharing services, find Remote Login.
  4. Check the box to the left of the service name.
  5. On the right, you can configure which users are allowed access: "All users" or only specific ones selected from the list. For security, it's better to choose specific users.
  6. The system may prompt you to enter an administrator password to confirm the changes.

After this, the SSH service will start automatically and will launch on every system boot.

Step 2: Activation via Terminal (Alternative Method)

This method is useful for automation, remote management via an existing SSH connection, or if the graphical interface is unavailable.

  1. Open the Terminal app on the target Mac.
  2. Enter the following command and press Enter: 
    sudo systemsetup -setremotelogin on
  3. The system will request the administrator password. Enter it (characters won't be displayed) and press Enter.
  4. You will see confirmation: Remote Login: On.

How to disable SSH? Use the command sudo systemsetup -setremotelogin off.

Step 3: Checking the Service Status

To ensure the SSH server is actually running, execute one of the following commands:

# Check via systemsetup (recommended)
sudo systemsetup -getremotelogin

# Or check via launchctl (will show the process PID)
sudo launchctl list | grep ssh

# Or the simplest check — see if the system is listening on port 22
sudo lsof -i :22

The first command will return Remote Login: On. The second will show a line with the PID (process identifier) com.openssh.sshd. The third will display active listening on port 22 by the sshd process.

Step 4: Local Connection Test

Before attempting to connect from another computer, test the server locally.

  1. In the same or a new Terminal window on the target Mac, run: 
    ssh your_username@localhost
    Replace your_username with the short name of your user account (you can find it using whoami).
  2. On the first connection, you will see a message about an unknown host — type yes and press Enter.
  3. The system will prompt for the password for the your_username account. Enter it.
  4. If you see the command prompt of the new host (e.g., MacBook-Pro-ivan:~ ivan$), the SSH server is working correctly.
  5. To exit the session, run exit.

Step 5: Firewall Configuration (Critical for External Connections)

If you plan to connect to your Mac from outside your local network (from the internet), configuring the macOS firewall is mandatory.

  1. Go to System SettingsNetwork.
  2. Click the Firewall button at the bottom of the window.
  3. Click Options or Customize.
  4. In the window that appears, find Remote Login in the list and ensure the status is Allow incoming connections.
  5. Click OK, then Apply.

Without this step, all incoming connections on port 22 will be blocked by the system firewall.

Verifying the Result

The main indicator of a successful setup is the ability to connect to your Mac via SSH from another device.

  1. From another computer on the same local network, open a terminal.
  2. Find the local IP address of your Mac: in System SettingsNetworkDetailsTCP/IP. The address will be in the format 192.168.x.x or 10.0.x.x.
  3. Run the connection command: 
    ssh your_username@IP_address_of_Mac
    Example: ssh ivan@192.168.1.15.
  4. Enter the password when prompted. A successful connection and the appearance of a command prompt mean everything is configured correctly.

💡 Tip: For regular use, set up SSH key-based authentication. It's more secure than a password and more convenient. See the guide "Generating and Configuring SSH Keys on macOS".

Potential Issues

  • "Connection refused" or "No route to host":
    • Cause: The SSH server is not running or the firewall is blocking the port.
    • Solution: Repeat Step 3 and Step 5. Ensure "Remote Login" is allowed in the firewall.
  • "Permission denied (publickey,password)":
    • Cause: Incorrect username or password. Or password authentication is disabled in the server configuration (/etc/ssh/sshd_config) (PasswordAuthentication no).
    • Solution: Verify the username. If you configured key-based authentication, ensure your public key is added to ~/.ssh/authorized_keys on the target Mac.
  • Cannot connect from outside the local network (from the internet):
    • Cause: The router is not forwarding (port forwarding) external port 22 to the internal IP address of your Mac.
    • Solution: Configure Port Forwarding in your router's web interface: external port 22 → internal IP address of Mac : port 22. Note that this reduces security. It's better to use a non-standard external port (e.g., 2222) and change the SSH port on the Mac (see FAQ).
  • SSH server stops working after reboot:
    • Cause: The sshd daemon is not configured for auto-start. This usually happens if the service was started manually rather than through System Settings.
    • Solution: Enable SSH via System Settings (Step 1). This guarantees the daemon is registered with launchd for auto-start. Alternatively, run sudo launchctl load -w /System/Library/LaunchDaemons/ssh.plist.

F.A.Q.

Why can't I connect from another computer after enabling SSH?
How do I change the default SSH port from 22 to another for security?
Can I limit SSH access to only specific users?
Is SSH enabled by default on macOS?

Hints

Activation via Graphical Interface
Activation via Terminal
Checking Service Status
Testing Local Connection
Configuring Firewall (Optional)

Did this article help you solve the problem?

FixPedia

Free encyclopedia for fixing errors. Step-by-step guides for Windows, Linux, macOS and more.

© 2026 FixPedia. All materials are available for free.

Made with for the community