Support for macOS feth devices

Charles Celerier chcl at
Thu Jul 16 02:11:12 AEST 2020


I am currently using the L2 tunnel feature of ssh between two Linux
machines, and it works beautifully! As a result, I have come to prefer a
workflow that uses an L2 tunnel, but I can't seem to find a long-term
solution for this workflow on macOS. At the moment, tap devices on macOS
can be generated using a kernel extension like tuntaposx
<>; however, all kernel extensions were
deprecated recently and will likely be removed in a future macOS release
this fall.

An alternative to tap devices on macOS is something called a feth
interface. Luckily, the ZeroTierOne project released a program
can interact with a feth interface through stdin and stdout. Since ssh uses
file descriptors for all of its tunnels, I think a similar program could be
used in the ssh sys_tun_open logic to interact with a feth interface on

I have not yet gone far enough to try and integrate the ZeroTierOne code
with my own ssh build, but I'm curious what thoughts others may have on
this mailing list. One nice improvement of doing something like this in ssh
would be removing the requirement for macOS user's to install an additional
driver to enable L2 tunneling.


More information about the openssh-unix-dev mailing list