I am receiving this message about "sshd-keygen-wrapper would like to receive keystrokes from any application", here is a screenshot:
I find it suspicious… this binary is located at /usr/libexec/sshd-keygen-wrapper and never had this message before. the closest to a solution that I found is that it is harmless… does anybody know a bit more about it?
(disclaimer: I am using a MacOS, and this relates mainly with unix / linux software – so after some thoughts, I thought it was more apporiate to post it here than on another forum.)
Best Answer
I assume you have just enabled SSH logins for you Mac - if not, I would find it suspicious too!
When you enable SSH logins, the system needs to generate a host key. The host key is needed for clients to be able to verify that they're logging on to the same computer each and every time they connect. This works the same way as on Linux and other Unix-type systems.
In order to generate a host key, the SSH software needs a lot of good, random numbers. An common input source in generating random numbers is sampling keyboard input (amongst other things). This is why it requests access to receive keystrokes.
You could give it access, generate the key and revoke the access immediately.
You could also generate the SSH host key via other means or on a different machine, and securely transfer it to this Mac. This way you won't have to grant access. The host key is stored in the
/etc/ssh/folder.Please note that you should not just copy over the host key already in use by another computer - this would defeat the purpose of the key!