Apple - How to enable OpenSSh on iOS 10.2
OpenSSH is not compatible with iOS 10.2 and will break things in later releases of the jailbreak. You should uninstall both OpenSSH and OpenSSL (dependency).
yalu102 comes with dropbear.
You should use the built-in Dropbear. As of Yalu Beta 6, you need to first SSH over USB. Then after changing your password you can enable Dropbear on other interfaces.
Linux or macOS:
- Download gandalf binaries (I had zero luck compiling) from the ocaml-usbmux github page. macOS: gandalf_darwin_10_11_x86_64
- Connect your device via USB cable, and scan for it.
- Put the udid into a mapping file. Make sure device_port 22 (ssh) is mapped!
- Run gandalf with your mapping file
- SSH to the local_port corresponding to device_port 22 in your mapping file.
- Log in with the password alpine.
- CHANGE YOUR PASSWORD!!!
Scan
$ gandalf
Sample Mapping File
[{"udid":"9cdfac9f74c5e18a6eff3611c0927df5cf4f2eca",
"name":"i11", "forwarding": [{"local_port":2000, "device_port":22},
{"local_port":3000, "device_port":1122}]
}]
Run Gandalf with Mapping File
$ gandalf -m myMappingFile.txt
SSH to port 2000
$ ssh mobile@localhost -p 2000
Change password(s)
$ passwd
$ su
$ passwd root
Now that you are in your iOS device (your password has been changed, right?) you can enable Dropbear on other interfaces as follows.
- Create a LaunchDaemon file to launch a second instance of Dropbear.
- Reboot or use
launchctl load
Create LaunchDaemon file:
$ cd /Library/LaunchDaemons
$ cat <<EOF > ssh10022.plist
Paste this into the terminal:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>SSH port 10022</string>
<key>Program</key>
<string>/usr/local/bin/dropbear</string>
<key>ProgramArguments</key>
<array>
<string>/usr/local/bin/dropbear</string>
<string>-F</string>
<string>-R</string>
<string>-p</string>
<string>10022</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>KeepAlive</key>
<true/>
</dict>
</plist>
Type Ctrl-D to end the input. That now creates the file ssh10022.plist
Reboot or use launchctl
launchctl load /Library/LaunchDaemons/ssh10022.plist
Issues:
Dropbear does not like the iOS default permissions on the mobile home directory, so SSH key authentication does not work. After every reboot I have to log in with password and fix the permissions:
$ chmod go-w /var/mobile
To debug Dropbear: Redirect Dropbear logs to stderr (the example below runs yet another instance on port 10023).
$ dropbear -E -p 10023
You can not connect to ssh over wifi with the 10.2 jailbreak. You need to ssh over USB. They are several options but the easiest is to use iproxy.
Install iproxy
brew install libimobiledeviceOn the terminal now run the following command.
iproxy 2222 22This will enable you to forward all traffic from port 2222 to port 22 over USB
Now you can connect to the iPhone by running ssh
ssh root@localhost -p 2222
Notice you connect to localhost not the ip address of your phone. If everything went well, you should be presented with the ssh prompt.
If it doesnt work, check if ssh is running on the iPhone by running
telnet <iphone-ip-address-here> 22
If you cant connect make sure you install the openssh package from Cydia.