I trust many of you have seen this stuff already, but I'd been holding off since there wasn't even a tacit acceptance on Apple's part made public (even if several firmware updates since jailbreak hit didn't get in the way of anything that wasn't keeping Apple from profits–ie, only breaking the free ringtones thing).
But that statement has been made. So, I've gone all the way now. I'm not thrilled with the termcap local to the iPhone, but I'll sort that out later. But hey looky here:
wire# uname -a
Darwin wire 9.0.0d1 Darwin Kernel Version 9.0.0d1: Fri Jun 22 00:38:56 PDT 2007; root:xnu-933.0.1.178.obj~1/RELEASE_ARM_S5L8900XRB iPhone1,1 Darwin
I actually had cause to use this, waiting for a plane in SFO, where you have to pay for wifi, when SpamAssassin crapped the bed and decided it didn't feel like delivering to ~/mail/spam any longer (which may happen if SA runs into log-like rotation of that mbox; I've never felt the itch to investigate, nor to teach my rotation script about locking). cat /dev/null >| ~/mail/spam fixes this, and it was a breeze to issue that from the iPhone, via EDGE, and then go back to reading email (in the mail client on the iPhone; mutt's a bit painful at that screen real estate, never mind the broke-ass termcap).
If you're going down this path too, after you install OpenSSH, I strongly recommend that you populate ~root/.ssh/authorized_keys appropriately and then modify /etc/sshd_config as follows:
StrictModes no
PermitRootLogin without-password
PasswordAuthentication no
(There's no need to restart sshd if you installed it via Installer.app: that package runs out of inetd, and, as near as I can tell, there isn't much of an init/rc structure to start userland daemons outside the baseline iPhone software.)
The passwords for root (dottie) and mobile (alpine) are known wide and far, and that's not a problem… until you give people another avenue to login, which you do by installing sshd. I haven't read any pro/con on changing the passwords for root and mobile, but I fear that it will break iTunes synchronization in some way, which I would prefer to avoid.
StrictModes no is because / is globablly-writeable on the iPhone, which means that sshd will refuse to touch any SSH key no matter where you put it. Changing this is safer than changing the permissions, in case it breaks or is broken by a subsequent Apple update.
PS, this post is an invitation to ask for my help neither to SIM unlock your iPhone (I have not done, nor have any reason to do, that) nor to install third-party software. I'm pretty sure that if you can't get the software present working using the documentation present, there's a good chance you will be endangering yourself and your investment by doing so (precisely because of security concerns like those described here).
Post a Comment