Page 1 of 2 12 LastLast
Results 1 to 20 of 36

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Connect and control your iPhone from anywhere SSH/VNC

  1. #1
    Default Connect and control your iPhone from anywhere SSH/VNC
    I want to update before I post: i have tested and this is completely functional, and it is SECURE because of the SSH tunnel (even though VNC is not usually encrypted, the tunnel encrypts it)

    thats right guys, I am the first as far I as I can tell to figure this one out

    We can all SSH and VNC to our phones using openSSH and Veency via WiFi or WiFi device (in some cases a cable)...

    But what I am here to demonstrate is a command via the MobileTerminal.app within the jailbroken iphone that can created a REVERSE SSH connection using the 3G internet (Edge Works and Tested) that can send any protocol through (including just logging into it via SSH)

    Here is what you will need to control your iPhone no matter where it goes (stolen or not):

    Jailbroken iPhone with cydia
    OpenSSH installed on phone
    Veency (now with passwords)
    Mobile Terminal.app installed on phone
    An SSH server running on the computer/device you want to use to remotely access your iPhone (preferably on a port other than 22 for security and other reasons)
    Forward a port (or DMZ) to your local IP and SSH port (only if using a router)


    Once you have all those things...

    open MobileTerminal.app within iPhone, login to root using alpine as the password (change later using passwd command) NOTE: you may also use mobile user name with same alpine password). You can do this by typing "login root", enter, then "alpine" as the password.

    If you are logged in as root type the following ignoring the ( ) 's and placing the correct characters in place of them:


    ssh -p (SSHPORT#) (User\ Name)@(Domain/IP of SSH computer) -R 1201:localhost:22

    or for background command

    ssh -p (SSHPORT#) (User\ Name)@(Domain/IP of SSH computer) -f -N -R 1201:localhost:22

    OR for VNC access (full control of your stolen/lost iPhone)

    ssh -p (SSHPORT#) (User\ Name)@(Domain/IP of SSH computer) -R 1201:localhost:5900

    or background command:

    ssh -p (SSHPORT#) (User\ Name)@(Domain/IP of SSH computer) -f -N -R 1201:localhost:5900



    NOTE: you can change the 1201 port to anything you prefer, make sure to change in further steps...

    Once it connects, you will have to type "yes" for the first time connecting, type your password for your computer... If you see you are now logged into your home computer via your iPhone, you can close the terminal via the home button (you do not need to run backgrounder for the terminal to stay connected) and continue to the next steps..

    That command above forwarded the iPhone's SSH protocol/port to your localhost's computer's port, allowing you to login to the iPhone's SSH server by entering the following into your Mac/PC's Terminal CLI:

    ssh -p 1201 root@localhost

    or to forward the VNC connection/port go into your VNC client of choice and enter this information:

    server: localhost (or you can type 127.0.0.1)
    port: 1201 (or watever port you put earlier to tunnel from)
    password: (I have herd you can put anything, no PW settings for Veency yet, but this is not needed because of the SSH encryption and specific IP tunneled to)


    vwalla, you have now connected to your iPhone's SSH server via its own SSH IP within a reverse tunnel...this method can be used to bypass any routers or firewalls set up by ATT

    This same method can be used once VEENCY is installed using port 1202:localhost:5900 ... meaning!!!

    YOU CAN CONNECT TO YOUR iPHONE's VNC and SSH server no matter where it goes, as long as you run an SSH server from your home (or other) computer!!! This is bypassing the 3G restrictions ie. firewalls/routing system.

    am i the first to see this?

    Questions for smart people =)

    1) Is there a way for me to add this reverse command to my iPhone's startup? this would allow me to always connect to it even if the thief turns it off and then on.

    2) Would this command work if they changed the sim card after stealing my phone?

    3) This command may need to be ran every time the 3G IP changes, but as far as I can tell, SSH tunnels stay open even if the user turns off 3G and then turns it back on, as long as the IP is the same and the source is the same... IS THERE ANYTHING ELS WE CAN DO WITH THIS SSH Reverse Tunnel via 3G internet?

    4) almost forgot... Is there anyway to do a reverse Proxy command from the iPhone Terminal... basically tethering my IP via my home computers internet... example:

    ssh user@homecomputer -D 9999

    i have tried things like ssh user@homecomputer -RD 9999 with no luck.. any ideas? I know there are other ways to tether your internet that involve connecting to a device via WiFi... but thats too easy =P


    please correct me if im wrong... but this opens up new doors to the iPhone's 3G network and iPhone capabilities!

    Leave a comment if you have any defiant answers or questions, otherwise, if you are feeling special, email me at [email protected] with any questions or answers to my genius idea... or if you want to claim doing it before me =)


    UPDATE: it seems if im connected to 3G then i swap to WiFi, the existing tunnel remains, but I am unable to connect. ONCE I SWITCH BACK, WITHOUT RE-EXECUTING THE COMMAND, the tunnel is still connected and allows remote access. So I tried the other way, WiFi first, execute, then switched to 3G and then activated Wifi again, Tunnel remained!! interesting!! but if the source changes and doesnt return to the IP of the original "command giver's" IP address, the command will need to be executed again:

    Seems this is something that an hourly process can fix... the process could run every hour, or somehow know when the internet source changes, whether it be to wifi, 3g or edge... Before the tunnel is re-created, the old "tunnel" would have to be closed via terminal/command, assuming you CANT use the same port to forward to (1201 in this case) while the localhost still sees it as connected. An hourly process would not be battery consuming and would allow for higher chances of getting phone back. NOTE: This will have to use a NoPassword DSA/RSA key, iphone supports all bits. DSA is known to be safer and has "never" been "cracked" =P



    UPDATE: Veency now has a password implication within the "preferences", so now all we need is to automate reverse ssh commands at iphone bootup and change of IP.
    Last edited by michaelwithe21; 09-01-2009 at 05:27 PM.

  2. The Following User Says Thank You to michaelwithe21 For This Useful Post:

    slidingmike (09-24-2009)

  3. #2
    Sounds pretty good. I'm not sure what would happen if you run that ssh command and it's already successfully forwarded and the connection is active. If the answer is "nothing" and the command simply exits silently then you can probably find a way to configure launchd to run it every x minutes to ensure the tunnel is always correctly mapped to the current ip.

    As for question 1, launchd can also be used to dictate what runs at start, 2, the commands issued by launchd are done no matter what sim card is inserted assuming the thief has an Internet plan. 3, if you set launchd to run the command every x minutes you won't need to run it every time the ip changes. An I don't know what you're trying to do with 4

    hopefully this gets somewhere because it sounds promising

  4. The Following User Says Thank You to crashspeeder For This Useful Post:

    michaelwithe21 (09-02-2009)

  5. #3
    thanks crashspeeder!

    The reverse tunnel would have to be executed only when needed, if it runs more than once with the same "ports" forwarded/reversed it will see that it is still trying to connect to the ports and will deny the protocol action. My hopes may be weak, but i believe the SSH tunnel will continue the same tunnel even if the IP of the 3G network changes... this seems far-fetched i know (i cant spell)... but i will run my own tests and see when the command needs to be executed... once its executed it works fine until i "exit" out of the terminal command, but while idle, it seems to do "nothing" as you stated, it just waits for the computer to connect to its local host, if anything, i believe its "wasting" the power on the computer's side, not the iphone's.

    launchd! i had no idea that that even existed on the iphone! sweet, any good links to how to edit the launchd file to add a terminal command?? or any good links to where i could propose an app to make this convenient?

    as for question 4, i was basically asking how to create a "reverse" proxy connection... by default, the command usually GRABS another computer's internet/IP via its SSH server... well I want a command that I can execute ON the iPhone that will SEND my iPhone's Proxy connection via a tunnel to another server (my home computer running a ssh server). IE: After executing the command on the iPhone (and entering my password for my home server), I can then go to my home computer and configure my sock proxy preferences to use the localhost and the port I designated. The usual command to GRAB an SSH SERVER PROXY is this:

    ssh User@DomainIP -D 9999

    9999 being the port that I am going to need to connect to on the computer which executed the command, and it is GRABBING the USER@DOMAINIP's Internet/IP.

    I realize that this would only change my IP address and wouldnt really be "tethering" its internet (seeing as my home computer has to be connected to the internet via other means for this to work), but I enjoy not using my home IP at times, and if i could have a single command that would SEND my proxy from my iPhone to my Computer, well than I would just dandy!!

    IE: The command I demonstrate above is really "reverse", so what IM looking for is the opposite!

    BUT MORE IMPORTANTLY FIGURE OUT HOW TO ADD THIS COMMAND TO STARTUP NO MATTER WHERE THE IPHONE GOES!!!

    thanks ahead of time guys!



    Update: this is the closest I got to figuring it out via another post, he added an application to start up but never got it working properly or there was a problem with his app because someone els got a different app to work... I NEED HELP PEOPLE!! I DONT WANT TO WASTE TOO MUCH TIME TESTING THE BOOTUP, IM SURE SOMEONE HAS A STEP BY STEP SOMEWHERE!! =P

    [ame]http://forums.ilounge.com/showthread.php?t=223380[/ame]


    http://www.ehmac.ca/mac-ipod-help-tr...t-working.html


    http://www.modmyi.com/forums/file-mo...t-launchd.html


    [ame]http://forums.macrumors.com/showthread.php?t=736096[/ame]


    IF anyone thinks they know enough about scripting (all i know is do shell script ""lol) to tap on this please feel free to post or email me [email protected]
    Last edited by michaelwithe21; 07-09-2009 at 02:40 PM. Reason: Automerged Doublepost

  6. #4
    One way to determine if the connection is up is to run the following command:

    netstat -d -n -f inet | grep "ESTABLISHED" | grep "TheRemoteIP.TheRemotePort" | awk '{ print $5 }'

    so if your OpenSSH is listening on 9999, you might have something like

    netstat -d -n -f inet | grep "ESTABLISHED" | grep "10.31.2.18.9999" | awk '{ print $5 }'

    If it's connected, it will return the IP.PORT string back, otherwise there will be no output. It's crude, but it works. I couldn't tell you how to implement it at this point, but hopefully it'll help someone get this off the ground and running at startup or on a timer or something.

  7. #5
    Thanks vaelek, i will definitely try it, even though I already have a means of checking the connection via my firewall logs and listening connections.. port 9999 is the default internal Sock Proxy, an ssh server should not be ran on that port.

    I am going to test it via switching from Edge to 3G and back, if the tunnel stays connected during session and after the switch (IP's are different)... than it should only be run once, and if the user wishes to attempt a new connection, it should be sourced by a different port than the original (in this case its 1201,1202, and so on..). NOTE: Ports under 1200 (guessing) requires root privileges from the server's end, and require a vulnerability to use. IE... dont use anything below =).

    I have written a script for the iPhone that can be ran with a SSH no-password dsa key. Without keys, the iPhone holder would be prompted for SSH password every time the iPhone was launched. An app called iTerm.app can generate public keys already...

    I have always used: do shell script commands for everything i needed. this script was tested on a mac assuming a flash drive named "secure" contains a dsa key, and that key is copied into the ~/.ssh folder.


    NOTE:

    Ignore the ( )s and replace the entire object.

    example:

    -p (sshListening#) (User\ Name)@(RemoteComputersshIP/Domain)

    should look like:

    -p 3000 John\ [email protected]

    NOTICE THE \, use it if you have a space in your user name (Admin's):






    Start Script----

    do shell script "mkdir -p ~/.ssh"
    do shell script "cp -r /volumes/id_dsa ~/.ssh"
    do shell script "chmod 700 ~/.ssh"
    do shell script "chmod 600 ~/.ssh/id_dsa"
    do shell script "ssh -p (sshListening#) (User\ Name)@(RemoteComputersshIP/Domain) -f -N -R 1201:localhost:5900 &> /dev/null &"
    do shell script "ssh -p (sshListening#) (User\ Name)@(RemoteComputersshIP/Domain) -f -N -R 1202:localhost:22 &> /dev/null &"
    do shell script "ssh -p (sshListening#) (User\ Name)@(RemoteComputersshIP/Domain) -f -N -R 1203:localhost:548 &> /dev/null &"


    End Script-----




    for those curious:
    the -f runs in the background or something =P
    the -N does something with not showing the terminal while running the shell command or something
    the &> /dev/null &" was the only way i could get No Password keys to work with a script without prompting.

    This same script can be saved as a .app (bundle so as to hold the keys generated) or a .command within applescrit... so can you guys make an app with just this script? ie. put it into the boot up some how of the iphone!!!

    I usually use the startup folders and launch daemons for my mac to add a .command file or an .app to the startup with the right chmod's... i hope the iphone has something similar. I found this:

    http://www.telesphoreo.org/pipermail...er/000305.html

    almost there... i still need help!!
    Last edited by michaelwithe21; 07-10-2009 at 02:28 AM.

  8. #6
    UPDATE: So through testing...

    The tunnel stays connected no matter where the phone goes, AND EVEN WHEN YOU LOCK THE PHONE!!!

    just like when you SSH into your phone, when you lock your screen, the ssh is unable to work, BUT, the path is still there and the connection is stable.... meaning, this command only needs to be ran ONCE!!! If the user unlocks the iphone, all you have to do is connect... BUT WITHOUT HIM UNLOCKING IT... this is what happens...

    **UPDATE PASSWORDS FOR VNC HAVE BEEN IMPLEMENTED, no need for thief to hit accept**

    GET THIS KNOWN PEOPLE!!! THIS MEANS WE CAN RUN SERVERS TO ONLY SPECIFIC REMOTE USERS (Our home/work computers)!!!
    Last edited by michaelwithe21; 09-01-2009 at 05:39 PM.

  9. #7
    I demonstrated controlling your iphone over 3G internet on this video on youtube:

    [ame=http://www.youtube.com/watch?v=2bxBr5ARrjA]YouTube - Control your lost or stolen iPhone using ssh/Veency over 3G[/ame]

    hopefully bugz will be out soon!

    Posted an updated YouTube going over some of the veency bugz worked out

    [ame=http://www.youtube.com/watch?v=4sBInVH6ND0]YouTube - Track/Control Your iPhone Update Veency Anwhere free[/ame]


    UPDATE: it seems if im connected to 3G then i swap to WiFi, the existing tunnel remains, but I am unable to connect. ONCE I SWITCH BACK, WITHOUT RE-EXECUTING THE COMMAND, the tunnel is still connected and allows remote access. So I tried the other way, WiFi first, execute, then switched to 3G and then activated Wifi again, Tunnel remained!! interesting!! but if the source changes and doesnt return to the IP of the original "command giver's" IP address, the command will need to be executed again:

    Seems this is something that an hourly process can fix... the process could run every hour, or somehow know when the internet source changes, whether it be to wifi, 3g or edge... Before the tunnel is re-created, the old "tunnel" would have to be closed via terminal/command, assuming you CANT use the same port to forward to (1201 in this case) while the localhost still sees it as connected. An hourly process would not be battery consuming and would allow for higher chances of getting phone back. NOTE: This will have to use a NoPassword DSA/RSA key, iphone supports all bits. DSA is known to be safer and has "never" been "cracked" =P
    Last edited by michaelwithe21; 07-17-2009 at 04:54 PM. Reason: Automerged Doublepost

  10. #8
    ************************************************** **********************************
    ************************************************** ******************************************
    ************************************************** **********************************
    ************************************************** ***************************************
    ************************************************** **********************************
    ************************************************** ******************************************
    ************************************************** **********************************

    The following post was a question that I was asked on another forum, I would like to repost it here:


    Quote:
    Originally Posted by JSteezy

    Michael do u think u cud help me...? I tried making the tunnel wit mobileterminal. I logged into root and typed in
    ssh -p 5900 Owner@**.***.***.*** -R 5002: localhost: 23

    But it keeps telling me "Bad Remote Forewarding Specification"

    I've googled trying to figure out how to fix this but haven't found anything yet.

    Any help you cud give me wud be greatly be appreciated...i saw ur videos and it looks like it cud be REALLY useful! One thing that wud help too is if u cud make a video explaining how to set up the tunnel and how to get it working...it wud prolly make this process ten times easier seeing it done.

    Thanks,




    ************************************************** **********************************
    ************************************************** ******************************************
    ************************************************** **********************************
    ************************************************** ***************************************
    ************************************************** **********************************
    ************************************************** ******************************************
    ************************************************** **********************************



    REPLY FROM ME:


    the only reason i didnt make a video with those instructions is because it would show my IP address, so instead i just put the command in the background...

    I have to assume you are jailbroken, you have Veency and openSSH installed on your iphone...

    YOUR command has many errors... the most obvious being the spaces before and after the localhost, here are the correct commands

    Command for forwarding iPhone's VNC server to an SSH server on port 22 (this port 22 can remain default for VNC ONLY):

    ssh -p 22 Owner@IPAddress -f -N -R 1201:localhost:5900

    THE -f -N will make the reverse connection stay connected (warning, using -f -N will require full restarts on both ends to kill connection) 1201 being the port on your computers localhost and 5900 being the iphone's VNC server that is being forwarded

    Command for forwarding iPhone's SSH to an SSH server on port 2222 (Setup SSH server on any other than 22 as to not require root permissions and/or conflict when forwarding same ports) NOTE: this will allow for remote SSHing to your iPhone no matter where it goes.

    ssh -p 2222 OwnerIPAddress -f -N -R 1202:localhost:22

    1201 being the port you will ssh into on your computers localhost.


    Once tunnels are created, use these to connect your computer to its localhost:

    Open a VNC Client and use this information

    VNC IP: localhost or 127.0.0.1
    VNC Port: 1201
    VNC Password: (Blank)

    Open Terminal and enter this command to ssh to the iPhone:

    ssh -p 1202 root@localhost


    Hope this helps!




    ************************************************** **********************************
    ************************************************** ******************************************
    ************************************************** **********************************
    ************************************************** ***************************************
    ************************************************** **********************************
    ************************************************** ******************************************
    ************************************************** **********************************




    Another user commented on the security of this method, i would like to repost it here:

    Quote:
    Originally Posted by H2os

    Well, I have to say the concept is pretty smart.
    But did you think about the consequences?
    By setting-up a SSH session to your server / PC you are giving the THIEF ACCESS TO YOUR PC!
    Only thing he has to do is start the terminal app and he's on YOUR MACHINE! He can then install some keyloggers, spyware or whatever!

    Please be wise, and close or delete this thread. The concept is smart, but it has not been thought over well enough and is NOT SAFE



    ************************************************** **********************************
    ************************************************** ******************************************
    ************************************************** **********************************
    ************************************************** ***************************************
    ************************************************** **********************************
    ************************************************** ******************************************
    ************************************************** **********************************




    MY REPLY TO HIS POST:


    Please be wise and NEVER ask n e 1 to DELETE/CLOSE their post, especially if you are half retarded.


    The Tunnel Command I show above DOES NOT ALLOW THE THEIF TO LOGIN TO YOUR SSH, IT RUNS IT IN THE BACKGROUND OFF OF ROOT... so the theif would need your IP/sshpassword/rootpassword and so on to access your home server... If the theif opens up terminal, he will see the same thing as n e one's iphone... test method before claiming something people! =P

    SSH servers are one of the MOST secure "servers" that you can run to remotely access your home computer. I have used an SSH server on my home computer using a non-default port, DSA keys with pass-phrases (which is really paranoid), A firewall only allowing ATT and other IP addresses.

    Running any server on your computer is "less secure", so unless your a CEO of a billion dollar corporation, keep it on a default port with a password. Computer security relies on the user not the computer, dont hand your passwords out, and set up your SSH server on a non-default port and you will be fine...

    For the SUPER PARANOID with Router's and Firewalls:


    Setup SSH on port above 50000 (thwarts basic port scanners), forward ONLY that port to ONLY a single internal IP

    ONLY Allow ONE account (admin or not) to have access to this server (this can be done through mac/systempreferences/sharing)

    Create DSA Private Keys with Pass-phrases. Passworded DSA keys have never been cracked, RSA have been, but ONLY with NO-PASSWORDED keys.

    Allow ONLY DSA keys (not passwords) to your server by editing the sshd_config file within private/etc

    PasswordAuthentication no
    #PermitEmptyPasswords no

    Setup VNC server on any port above 50000, allowing ONLY access from localhost 127.0.0.1 (require loopback SSH)

    ONLY Allow Certain ranges of IP's to access your server (any incoming firewall like flyingbuttress)
    AT&T IP Ranges:
    32.0.0.0 - 32.255.255.255
    166.128.0.0 - 166.128.255.255
    166.135.0.0 - 166.135.255.255
    166.191.0.0 - 166.191.255.255
    166.134.0.0 - 166.134.255.255
    166.205.0.0 - 166.205.255.255
    166.190.0.0 - 166.190.255.255


    If you are not behind a router AND do not have a firewall, I would not recommend running ANY servers on your home computer. But if you are going to run one, this is by far one of the most secure servers of the world...

    We are only as "safe" or "secure" as the Admin makes us, doesnt matter what OS your running, you NEED a firewall, and you NEED to change your passwords every once in a while...

    THIS POST IS NOT DEDICATED TO DEBATING THE SECURITY OF SERVERS, IT IS HERE TO DESCUS HOW TO USE SSH into the iPHONE NO MATTER WHERE IT GOES!!

    But... if you ask me, its the safest thing in the world =P




    ************************************************** **********************************
    ************************************************** ******************************************
    ************************************************** **********************************
    ************************************************** ***************************************
    ************************************************** **********************************
    ************************************************** ******************************************
    ************************************************** **********************************



    UPDATE: it seems if im connected to 3G then i swap to WiFi, the existing tunnel remains, but I am unable to connect. ONCE I SWITCH BACK, WITHOUT RE-EXECUTING THE COMMAND, the tunnel is still connected and allows remote access. So I tried the other way, WiFi first, execute, then switched to 3G and then activated Wifi again, Tunnel remained!! interesting!! but if the source changes and doesnt return to the IP of the original "command giver's" IP address, the command will need to be executed again:

    Seems this is something that an hourly process can fix... the process could run every hour, or somehow know when the internet source changes, whether it be to wifi, 3g or edge... Before the tunnel is re-created, the old "tunnel" would have to be closed via terminal/command, assuming you CANT use the same port to forward to (1201 in this case) while the localhost still sees it as connected. An hourly process would not be battery consuming and would allow for higher chances of getting phone back. NOTE: This will have to use a NoPassword DSA/RSA key, iphone supports all bits. DSA is known to be safer and has "never" been "cracked" =P


    For those setting up an SSH server on Windows Operating Systems:

    When you install Cygwin, make sure to follow their instructions, you must install it with its own directory, and make sure you have installed the correct SSH packets required to run an ssh server within cygwin... here is a good link for step-by-step Cygwin installation:

    How to install OpenSSH sshd server and sftp server on a Windows 2000 or Windows XP or Windows Vista

    OR (older version)

    How To Set Up VNC Over SSH On Windows XP @ErikJHeels

    WHEN you have problems or differences WITH THE ABOVE INSTALLATION RULES, read these posts:

    Nabble - Cygwin list - Wrong Permission on the /var directory

    Dave.Net: Installing a Loopback Adaptor in Windows Vista

    Solution to problem: VNC connection failed: Local loop-back connections are disabled.

    If you have completed that, and you are having troubles, contact me via email [email protected]
    Last edited by michaelwithe21; 07-18-2009 at 12:26 PM. Reason: Automerged Doublepost

  11. The Following User Says Thank You to michaelwithe21 For This Useful Post:

    Crafty42 (09-02-2009)

  12. #9
    Default Veency 3G[S] has no known issues...
    Quote Originally Posted by michaelwithe21 View Post
    We can all SSH and VNC to our phones using openSSH and Veency (3G [S] having problems with Veency) via WiFi or WiFi device (in some cases a cable)...
    Quote Originally Posted by michaelwithe21 View Post
    Veency (glitchy because Im using a 3GS mobilesubstrate)
    I use a 3G[S], and I know of no issues with either MobileSubstrate or Veency on that system. Can you please send me an e-mail describing your problems? I'm going to guess that your problems are due to some other extension that is unstable.

  13. The Following User Says Thank You to saurik For This Useful Post:

    michaelwithe21 (09-01-2009)

  14. #10
    Default @saurik
    im glad to here from u saurik! =)

    ya, when first released, the 3GS with 3.0 was having issues with Veency/mobilesubstrate... Once mobilesubstrate was updated, the vnc client/connection stopped crashing...

    I havent updated my posts yet, i will do so =)

    BTW: did you implement the password for VNC just for me? Probably not =)

    Please anyone who can help further this into a simple app/mod that creates reverse SSH commands (VNC Forwarded/Encrypted locally) to a home SSH server... the concept is simple yet brilliant, and it seems to "bypass" 3G's security that stops remote access to the devices servers/listening ports.

    ** Of course you will have to be running specific firewall properties and use pass-phrased DSA keys within root (non-default password)... and you should change default port on home computer allowing only DSA keys and not password... once stolen and tracked, delete the authorized_keys2 file to ensure that the user is not a linux head and somehow netstats/hacks root with all your server connection info and gains access to id_dsa key.**

    ** Running servers is never a good idea for someone who doesnt know how to maintain a firewall or proper certificates, but SSH is one of the most secure methods of administrating a system.**

    Thank you saurik for your tip to autossh

    please let me know how to implement this to the iphone/root user

    AutoSSH seems to be just is needed for this mod to work perfectly


    PS: Saurik, you havnt "thanked" anyone ever in these forums!! =P
    Last edited by michaelwithe21; 09-02-2009 at 12:33 PM. Reason: Automerged Doublepost

  15. #11
    Hi,

    I've posted a short how-to that details the steps to use autossh for VNC.

    Tip: Connect to your iPhone using VNC and SSH llemarie’s weblog

    Using this, every time the connection is dropped for any reason (loss of wifi, loss of 3G, etc...), autossh will try to reconnect regularly. The script starts at boot time, there is no user interaction needed.

    Regards,
    Lionel.

  16. The Following User Says Thank You to llemarie For This Useful Post:

    michaelwithe21 (09-06-2009)

  17. #12
    llemarie, didnt realize autossh was already implemented...

    thanks for the lack of reference to the creator/idea starter...

    not cool

  18. #13
    I apologies, you're absolutely right, I should have mentioned Saurik in my post. I will correct this mistake shortly.

    Lionel.

  19. The Following User Says Thank You to llemarie For This Useful Post:

    michaelwithe21 (09-06-2009)

  20. #14
    NO llemarie, i meant ME =P

    I was the FIRST to realize that you could use a reverse SSH tunnel to run ANY server over 3G/Edge, basically cracking it... then all i needed was a small process to give command...

    i was writing a backdoor/worm script for OSX/Linux users, which turned on and set passwords/keys for vnc/ssh, even if they left their house or their IP changed, this startup script gave me full control... kinda cool

    Just an Idea - TSF - Mac Security Forums

    Thats when i realized the iphone bsd worked the same..

    the concept was ALL me =)

    please leave these links below and my name michaelwithe21/yartpb as reference:

    Connect and control your iPhone from anywhere SSH/VNC

    [ame=http://forums.macrumors.com/showthread.php?p=8139924#post8139924]How to add command/script to iPhone startup? - Mac Forums[/ame]

    [ame=http://www.iphonealley.com/forums/showthread.php?t=11917]SSH and VNC your iPhone from anywhere! Never released - iPhone Alley Forums[/ame]

    http://www.*************/showthread.php?p=166949

    [ame=http://forums.macrumors.com/showthread.php?p=8393624#post8393624]Run/Host any server externally over 3G/Edge - Mac Forums[/ame]



    [ame=http://www.youtube.com/watch?v=2bxBr5ARrjA]YouTube - Control/Track your Lost or Stolen iPhone free ssh/Veency over 3G[/ame]

  21. #15
    I have a number of issues with referencing you in my post.

    - I didn't get the idea from you. But that's a trivial matter, I'm still happy to link to others discussing the same subject.

    - Your intentions don't come across as entirely respectable. Indeed, I take issue with anything relating to worms/backdoors/viruses.

    - The fact alone that autossh has been available for a long time on the iPhone means that you are unlikely to be the first to have had the idea. I, for one, have been using SSH tunnels over 3G to access my phone from day 1. The only reason why there's a sudden interest in a persistent connection is that Veency now supports password authentication.

    I'm going to consider this the end of the matter. There's no point diverting from the original topic of this thread for such a mundane issue.

    Lionel.

  22. #16
    awww, i thought i was the first to think of it... hmm, i cant believe i havnt seen one topic about it... but my "intentions" on the "virus" were to show a vulnerability to mac, which i sent them a copy =P

    i guess i have to believe that you have been using 3G to access your iphone through Reverse SSH tunnels further more forwarding a vnc service to track/control...

    btw... can you please over look your instructions...

    1) in autossh, the home ssh listening port is after -M right, im using a non-default port?

    2) is there any reason why no passphrazed dsa keys wouldnt work (u used rsa)?

    3) or what if i change the name of the .sh file? (note: i did go through both .plist and .sh file to change anything that said autohome/.sh)

    I cant get it to work with autossh:

    after giving chmoding both .plist and .sh to 644 and testing dsa keys with manual reverse tunnel (worked fine)... I tried to complete the steps:

    iPhone:/bin root# sh othername.sh
    iPhone:/bin root#

    i checked netstat with no luck, and tried to connect to localhost:1201 using chicken of the vnc (mac) with no luck...

    I then rebooted/turned off /on the phone, with no connections formed, hmmm...

    tried running it without sh aka # othername.sh and tried bash othername.sh...

    none of which made a connection...

    once again... it works when i give command:

    ssh -p MYHOMESSHPORT User@IP -fNR PortToConnectTo:localhost:5900

    NOTE: MY VNC CLIENT ALLOWS ME TO SPECIFY PORT via localhost:1201

    but for some reason it wont work, maybe im missing something... here is my autorssh.sh:

    #!/bin/sh
    export HOME=/var/root
    export AUTOSSH_GATETIME=0
    autossh -M SecretHomeSSHPort -f -2 -N -C -R *:1202:localhost:22 -R *:1201:localhost:5900 User@MyHomeSSHServerIP

    here is my /System/Library/LaunchDaemons/com.autorssh.startup.plist:

    <?xml version=”1.0″ encoding=”UTF-8″?>
    <!DOCTYPE plist PUBLIC “-//Apple Computer//DTD PLIST 1.0//EN” “http://www.apple.com/DTDs/PropertyList-1.0.dtd”>
    <plist version=”1.0″>
    <dict>
    <key>Label</key>
    <string>com.autorssh.startup</string>
    <key>Program</key>
    <string>/bin/autorssh.sh</string>
    <key>RunAtLoad</key>
    <true/>
    </dict>
    </plist>

    NOTE: i havnt tried it with the tabs aka, what is being used now is:

    <?xml version=”1.0″ encoding=”UTF-8″?>
    <!DOCTYPE plist PUBLIC “-//Apple Computer//DTD PLIST 1.0//EN” “http://www.apple.com/DTDs/PropertyList-1.0.dtd”>
    <plist version=”1.0″>
    <dict>
    <key>Label</key>
    <string>com.autorssh.startup</string>
    <key>Program</key>
    <string>/bin/autorssh.sh</string>
    <key>RunAtLoad</key>
    <true/>
    </dict>
    </plist>

    4) are the tabs required for the script to run properly? (i test it l8r)

    tried both Wifi and 3G, worked manually, does work with autossh...

    please help!!!
    Last edited by michaelwithe21; 09-06-2009 at 07:18 AM.

  23. #17
    Hi,

    ssh -p MYHOMESSHPORT User@IP -fNR PortToConnectTo:localhost:5900
    Using autossh is like using ssh. It calls ssh with the parameters you pass it, adding additional forwarded ports it uses to test the state of the connection (provided by the -M port parameter).

    In you case you want:

    autossh -M KEEPALIVEPORT -p MYHOMESSHPORT User@IP -fNR PortToConnectTo:localhost:5900

    I would use -C as well, compressing the data over slow connections should provide a measurable speed improvement.

    Hope this helps,
    Lionel.

  24. The Following User Says Thank You to llemarie For This Useful Post:

    michaelwithe21 (09-06-2009)

  25. #18
    Default thanks
    "Using autossh is like using ssh. It calls ssh with the parameters you pass it, adding additional forwarded ports it uses to test the state of the connection (provided by the -M port parameter)."

    THANK YOUR REPLYING, I REALLY REALLY WANT THIS TO WORK =P

    ok... so im a bit confused...

    i now understand that -M does not represent the ssh port, but now your saying that it "adds additional forwarded ports it uses to test the state of the connection"...

    1) Does this mean i need to forward another port on my home router (other than the ssh server port)??

    2) what is this KEEPPORTALIVE? you used 20000?? wtf?? please explain what I should use!! =) for right now im gunna try what u used =/

    3) WTF does -2 do to an ssh tunnel? are you sure I should not use the same format you used? ex -f -2 -N -C -R

    4) should the *'s be there in the autossh.sh tunnel?

    here is my new .sh:

    #!/bin/sh
    export HOME=/var/root
    export AUTOSSH_GATETIME=0
    autossh -M 20000 -p HomeSSHPort -f -2 -N -C -R *:1203:localhost:22 -R *:1201:localhost:5900 User@ExternalIP

    I will also try:

    autossh -M 20000 -p HomeSSHPort -fNCR 1201:localhost:5900 User@ExteralIP

    Update: So it is finally making connections via autossh.sh, BUT...

    im still curious about the -2 command for ssh, what does it do?

    I understand that compression and decompression on both ends is faster if you have minimal bandwidth... but if battery life is a concern, the compression is always in place right? or is the compression only used when vnc client connects to localhost?

    Im gunna run a couple runs on 3G and see if -C is ANY faster... seeing as we have to compress on the iphone (Reverse tunnel)... but any thoughts?

    again, please that -2 concerns me, as does not knowing what PORTTOSTAYALIVE 20000 is doing???


    Update: So it is finally making connections via autossh.sh, BUT...

    the start-at-boot is not running at all... do i have do something more to make the .sh start at startup??

    im still curious about the -2 command for ssh, what does it do?

    I understand that compression and decompression on both ends is faster if you have minimal bandwidth... but if battery life is a concern, the compression is always in place right? or is the compression only used when vnc client connects to localhost?

    Im gunna run a couple runs on 3G and see if -C is ANY faster... seeing as we have to compress on the iphone (Reverse tunnel)... but any thoughts?

    again, please that -2 concerns me, as does not knowing what PORTTOSTAYALIVE 20000 is doing???
    Last edited by michaelwithe21; 09-06-2009 at 02:47 PM. Reason: Automerged Doublepost

  26. #19
    Hi,

    Sorry for the delay.

    About the keep-alive port, please read up on autossh in the documentation: autossh(1): monitor/restart ssh sessions - Linux man page
    The -M argument opens the port for you, that's all you need to do. It uses it to test that the connection is up. When the connection goes down, it attempts to restart ssh to renew the tunnels. You don't need to open a new port for it on your router, it's part of the tunnels. I simply used the port from the docs, it's arbitrary.

    -2 is an ssh argument, please read up on it here: ssh(1): OpenSSH SSH client - Linux man page
    It simply sets the protocol version to SSH2.

    -f tells autossh to run in the background.

    -N is important, it tells SSH to not start a shell. This goes together with my instructions to set the user shell to /bin/false for added security.

    Adding * before the tunnel parameters changes the bind address. It can be necessary if the machine running VNC is not the SSH home server.

    -

    Running the script at startup is another problem. What you can do is add "touch /var/root/test.txt" to your sh script. That way after boot you can check that the file was created. If it is created you can try adding:
    export AUTOSSH_LOGLEVEL=7
    export AUTOSSH_LOGFILE=/var/root/autossh.log

    That will show what connection errors there are.

    Obviously, check the shell script ownership (should be root), should be executable (chmod 755), should be in /bin to be accessed at boot time, check the startup script for spelling, etc...


    By the way. The name of the script in my instructions is autohome.sh, calling it simply .sh is not very descriptive.

    Regards,
    Lionel.

  27. #20
    i apologize for the generalization of my .sh file, i changed autohome.sh to autorssh.sh...

    WAIT!! **DO U MEAN THE TOP OF MY autohome.sh file is WRONG? it shows below that the first line is:

    #!/bin/sh

    Should that be

    #!/bin/autorssh.sh

    ??????

    Thank you for being responsive, i cant tell u how much i appreciate this!!

    I will try chmoding the autorssh.sh file 755, ive been using 644...

    New questions:

    1) What is the purpose of the "push" feature you mentioned in tip forum if your iphone already starts it on boot?

    2) Did you get this to work on boot? (you are kinda unclear in tutorial)

    3) When I manually run autorssh.sh from terminal, and i change IP/Internet source the connection drops until i return to the source i gave the command during... why do u think that is?

    4) IMPORTANT** When i am on my home computer clients, and i wish to connect, I still use localhost:1201 and ssh -p 1203 root@localhost right? IE, because I used an * do i need to connect to my computers local IP (192.blabla) or localhost? NOTE: both of those commands work when i run the autorssh.sh file manually from mobileterminal


    here r copies of my 2 files... (minus my personal info):

    /bin/autorssh.sh

    #!/bin/sh
    export HOME=/var/root
    export AUTOSSH_GATETIME=0
    autossh -M 20000 -p SecretSSHPort -f -2 -N -C -R *:1203:localhost:22 -R *:1201:localhost:5900 User@IP

    CHMOD 755


    /System/Library/LaunchDaemons/com.autorssh.startup.plist (TAB represents space out)

    <?xml version=”1.0″ encoding=”UTF-8″?>
    <!DOCTYPE plist PUBLIC “-//Apple Computer//DTD PLIST 1.0//EN” “http://www.apple.com/DTDs/PropertyList-1.0.dtd”>
    <plist version=”1.0″>
    <dict>
    TAB<key>Label</key>
    TAB<string>com.autorssh.startup</string>
    TAB<key>Program</key>
    TAB<string>/bin/autorssh.sh</string>
    TAB<key>RunAtLoad</key>
    TAB<true/>
    </dict>
    </plist>

    chmod 644

    should the top line be something els? should "label" be something els? ignore if answer is no =)

    PLEASE HELP =P

    UPDATE:

    OK, so i got boot up to work, it was 755 permissions on .sh file, you should include this in your tutorial for stupid people like me...

    BUT, every time i switch to another source or IP, the phone will not connect, example:
    I boot iphone and my wifi is on, i can connect, if i turn off wifi, i cannot connect, if i turn wifi back on, i can connect...

    it seams every time i switch IP/source, i cannot connect, and i am forced to rollback to original source that was used when .sh was given!!

    maybe autossh just takes some to time to adjust, but i waited for quite some time... maybe this is what you were referring to when you said "push" feature...
    Last edited by michaelwithe21; 09-06-2009 at 07:19 PM.

Page 1 of 2 12 LastLast
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •