Quick Fixes for "ls: Operation not permitted" when SSHing to a Mac:
1. Grant Full Disk Access to Terminal, sshd-keygen-wrapper, and sshd
Apple menu > System Settings > Privacy & Security > Full Disk Access, then enable the three programs Full Disk Access.
2. Switch to SSH into another Mac as root
Run the ls command with sudo
3. Re-enable 'Remote Login' in Sharing
System Settings > General > Sharing, turn Remote Login off and then on.
4. Disable SIP
Enter macOS Recovery > Utilities > Terminal and type csrutil disable
After you have used SSH (Secure Shell) to securely connect to another Mac and run the ls command to list the contents of a certain directory, you only receive the error "ls: Operation not permitted" in Terminal.
As it indicates, this error shows that you don't have the permission to access the target folder. This is either due to bugs in the SSH connection, your user permission restrictions, or limits from the system.
To resolve the error "Operation not permitted" with the ls command after SSH into another macOS, you can follow the tricks we list below as a troubleshooting.
Grant Full Disk Access to Terminal, sshd-keygen-wrapper, and sshd
When you encounter an "Operation not permitted" error while running ls or accessing certain directories via SSH into macOS, it's usually due to macOS's TCC (Transparency, Consent, and Control) protection.
Granting Full Disk Access to Terminal, sshd-keygen-wrapper, and sshd allows them to bypass those TCC restrictions, enabling access to protected areas of the SSH-connected Mac.
- Click the Apple menu > System Settings > Privacy & Security > Full Disk Access.
- Enable Terminal and sshd-keygen-wrapper.
- Click the add button (+).
- On the pop-up, select macOS (or Macintosh HD) under locations, and press Command - Shift - . (the dot key) to show the hidden usr folder.
- Find and select sshd in the sbin folder and click Open to add it to the Full Disk Access list.
Note: The path of the usr folder is /usr/sbin/sshd. - Turn on SSHD there.
After giving Full Disk Access to Terminal, sshd-keygen-wrapper, and sshd, check if the ls operation not permitted error occurs or not.
Share this trick to fix the "ls: Operation not permitted" error with others.
Switch to SSH into another Mac as root
With the improved security protection of Mac, your normal user may not have full permission even with SSH access. So, when you use the ls command to view the files of a folder, change to run the sudo ls /target-directory command.
If the issue persists, try the next method.
Re-enable 'Remote Login' in Sharing
The Remote Login feature in the Sharing settings enables the SSH server on your Mac to establish a secure connection with another Mac.
When the "ls: Operation not permitted" error occurs after SSHing into macOS, re-enabling "Remote Login" in Sharing may be the solution, as this will restart the SSH server (sshd) and eliminate the possible errors in the SSH server.
- Go to the Apple menu > System Settings > General > Sharing.
- Scroll down to find Remote Login.
- Disable Remote Login and re-enable it after a moment.
Disable SIP
If you see "ls: Operation not permitted" when SSHing to an M1 Mac or another Mac, you should consider disabling SIP. On modern Macs, the security protection is greatly improved. SIP cannot be bypassed remotely. So, try to temporarily disable SIP so that you can use ls to check the directory content after SSHing into a Mac.
- Boot your Mac in Recovery Mode.
On an Intel-based Mac, restart the device while pressing down Command - Shift - R until the Apple logo or spinning globe appears.
On an Apple Silicon Mac, turn off the Mac, press the power button (Touch ID) until the startup options show up, select Options > Continue. - Click Utilities on the top menu bar > Terminal.
- Enter the following command. csrutil disable
- Quit Terminal and restart your Mac.
After SSH with another Mac, remember to turn on SIP with the command - csrutil enable in macOS Recovery Mode.
If this post helps you resolve "ls: Operation not permitted" when SSHing into macOS, share it with more people.