Mac OS Sierra Not Cleanly Unmounting USB Drives

They always warn you about upgrading to the first release. “Let them fix the bugs in the .1 before you upgrade,” they say.

I never listen.

In Sierra, I’ve run into an interesting problem where the first time I mount my Time Machine USB backup drive post-launch, it mounts and works just fine. I can then tell the OS to eject the disk, which it seems to. Except, in Disk Utility, it still thinks it’s there. And now this phantom disk prevents it from ever being mounted again, until I reboot.

I’ve tried command line mojo (diskutil and hdiutil), and both will say they’ve unmounted the drive, but it still shows up. Eventually, diskutil stops responding.

Reading online, there’s lots of folks reporting similar issues, but no one seems to have found a particularly good solution, other than “reboot.”

We’ll see if it gets fixed up in the .1 release. Until then, off to reboot.

Changes to the SSH keys and Keychain in macOS Sierra

If you were used to storing your ssh keys in your Keychain, you may have noticed that your ssh agent forwarding wasn’t working when you updated to macOS Sierra.

According to jirsbek on GitHub:

ssh-add -K in macOS Sierra no longer saves SSH keys in OS’s keychain. As Apple Developer stated: “That’s expected. We re-aligned our behavior with the mainstream OpenSSH in this area.”

I’m actually ok with the change in behavior. To resolve it, call ssh-add -A to add your identities into your ssh-agent. I’m doing that as part of my .bashrc (though I haven’t rebooted yet, I assume it’ll work).

(Via jirsbek on GitHub.)

Updating Your Printer’s IP Address on a Mac

The work printer nearest me apparently changed IP addresses. I had no idea, so I kept trying to print and it kept failing. Eventually, I noticed that my Mac thought the printer was on one IP, and the printer had a different one.

So I figured, no biggie, I’ll change the IP address.

Turns out, that’s a lot harder than it seems. I finally found this article which walked me through the steps.

Net-net: Apple needs to make this process much easier. I shouldn’t have to log into a hidden web interface to change the settings on a printer.

Mac App Store Won’t Update Apps? This Might Help.

For the last couple of weeks, every time I got an update from the Mac App Store (for a non-system application), I’d go to update it, and the Mac App Store would ask for my password, think, and then fail with “There was an error in the App Store. Please try again later (20)”.

No amount of googling lead me to an answer, but it did lead me to some nifty debugging. For instance, apparently the App Store has a debug menu. I turned that on, turned up logging, and then watched my console log. It was complaining about the application receipt (the proof that you purchased the application).

So, back to the google to try to see if anyone ever found that error. I thought “maybe the App Store can’t read the place where I have receipts.” I tried to figure out where that is, which lead me to this post talking about how the App Store keeps receipts around in memory.

Well, I figured, I could give it a shot …

killall -KILL storeagent

and voilà, my App Store could update again.

(Which also means a reboot would have worked, but I go out of my way to not reboot my machine, if I can avoid it.)

Fixing a Broken Mac VPN Connection

I was on a wonky hotel wifi connection that dropped and reconnected a number of times while I was connected to my office VPN. Eventually, Mac OS X said something like “your connection sucks, I’m not going to let you use the VPN anymore, sorry sucker.”

At the time, that was no big deal, since I was heading out of the hotel.

But later, when I actually needed the VPN, it was a big deal.

No matter what I tried, the VPN wouldn’t connect. I googled some solutions and one solution pointed to flushing the network routes, i.e.:

sudo route flush

but that just ended up spinning up my CPU to 100% and seemingly not getting anywhere.

I decided to take a more targeted approach. I grabbed the IP for my VPN. (If you have a domain-based VPN host, you can get the IP by using this command:

dig +short vpn.hostname

(where you plug in your hostname for the vpn.hostname). Then, I ran this command:

sudo route delete 123.123.456.456

(again, where you plug your IP into the command, rather than my fake IP). Sho ’nuff, that fixed my problem. Your particular situation may be different (but hopefully not, and you’ll think I’m really smart).

Apple is Settling All Debts

I won’t go into too much detail on the announcements coming out of WWDC. That’s been done better and more thoroughly by many others. I will say that this feels like Apple settling all the debts they’ve accrued over the past few years.

“Oh, you wanted apps to be able to talk to each other? Here you go.”

“Widgets on your notification screen? Yep. You got it.”

“You wanted apps to use the TouchID? Ok.”

“That whole ‘I should be able to move files around in iCloud’ thing? All set now.”

“Objective-C not modern enough for ya? Meet Swift.”

There were a bunch more announcements that basically amounted to “We told you to chill while we put in place the way to do these things safely, securely, and without trashing your battery. Here they are.”

And I think that’s a big part of what iOS 8 and Mac OS 10.10 are: the culmination of a few years worth of groundwork and infrastructure building that came together and bloomed all at once. It’s going to allow for almost everything people have asked for, and more, and to top it off, Apple brought out things like Continuity where you devices simply act as logical extension of one other. It’s a simple, powerful feature that will be hard for other companies to duplicate.

(All of this assumes Apple’s cloud services continue to get better … which seems likely given I’m not sure they could get much worse.)

John Gruber has a very nice take on it.

A Couple of Quick Mavericks iCloud Keychain Gotchas

I’ve been using Mavericks for a couple of days now. I’m sure I’ll have more thoughts about it later (particularly about the multi-monitor support). But, right now, here’s a couple of gotchas that I found when using the new iCloud Keychain.

Turn on the ability to save passwords even when a website requests you not

Both on the desktop, in Safari, and in Mobile Safari on your iOS device, there’s a setting that controls whether or not you can autofill a password with your iCloud Keychain password. Since you probably want to control when you can autofill the password (not the website), you’ll want to override the default.

On the desktop, that’s in Safari’s Preferences, under Passwords. Down the bottom, there’s a little checkbox that says “Allow Autofill even for websites that request passwords not be saved”. Check that box.


On your iOS device, go to Settings -> Safari -> Passwords & AutoFill, and turn on “Always Allow”.

Now you’ll never get that error message that you can’t use your saved password.

iCloud Keychain Doesn’t Save the Right Password if You Use PwdHash

I use a Safari Extension called PwdHash (that I actually created, built off of the open-source PwdHash extensions). PwdHash does a nice thing where it generates a new password for you on a site, based off of a password you know. That way, no matter what computer you’re on, or what browser you’re in (assuming you can find a PwdHash extension or bookmarklet), you can login to a site.

It’s pretty handy.

However, the way the Safari extension works (and this may be my fault), it picks up the password I typed in (my “master” password) and not the resulting hashed password after the extension runs.

…which means it ends up syncing the wrong password. That’s very possibly my fault, but could also be just a mechanism of how Safari/iCloud Keychain decides what to sync. It does mean that I need to be careful when saving passwords[1].

  1. However, as I go around creating new passwords, Safari’s new “suggested password” feature may make my need for the PwdHash extension moot.