Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
iPhone Newsforums, a part of the
Even I have changed my password. I am a first time jb'er and this is not that hard people. If you keep ssh on all the time bad things are...
11-23-2009, 08:45 AM #21
Even I have changed my password. I am a first time jb'er and this is not that hard people. If you keep ssh on all the time bad things are gunna happen
11-23-2009, 08:53 AM #22
I hate the way the press are advertising this as a problem with "jailbroken phones". Bit like saying "Windows hackers rejoice" when someone thunderbird have a bug in thier code. Yes they have a jailbroken but its not that, thats causing the problem.
11-23-2009, 09:10 AM #23
I have a question just in case ppl have problem changing the root password.
I've notice that wen you install sbsettings and you swipe your finger accros the stattus bar u get a pop up window or some like that with short cuts to wifi, 3G, Brightness and SSH now will this do the trick on stoping hackers on hacking ur phone if you turn SSH off ? Me personally i keep it turned off even tho i have the root password changed i only turn it on if i use SSH .
Can some one answear this qustion if they know it .
Thank you very much ......
11-23-2009, 09:11 AM #24
I haven't needed ssh on my phone in some time! I use iphone browser to transfer files to my phone, mobile terminal has been good enough for other things so far.
11-23-2009, 09:42 AM #25
- Join Date
- Oct 2008
- Brooklyn, New York
- Thanked 2 Times in 1 Post
Just change the password open cydia download mobile terminal and then erica tools when done open terminal enter the command passwd, press enter then after put old one in Alpine then your new one (please remember the new password) now more worry 's about silly apple tricks like 1.1.1, oops can not talk about that.
11-23-2009, 09:49 AM #26
willing to bet any money that Apple is making these bugs.
11-23-2009, 09:49 AM #27
11-23-2009, 10:18 AM #28
ridiculous... well i gues having a computer in our pocket has finally caught up with us... we now have to deal with all the problems of a computer...This is getting a lil' ridiculous...
11-23-2009, 10:19 AM #29
Damn these "WORMS" are annoying!
I havent switched my root PW on my Mom's iPhone, but she doesnt even use SSH! I have it installed and it is ALWAYS off.
When I get a new iPhone, my PW will be 10chars long... maybe like all my other passwords, 26chars long...
PEOPLE! CHANGE THE PASS IF YOU USE SSH!
Then we wont have these "WORMZ"!
Also, maybe in the next ver of oPenSSH there will be an add-on so that before completing installation you would have to MAKE YOUR OWN PASSWORD!
Just my .02cents
11-23-2009, 11:01 AM #30
You should not only change your root password, but edit your /etc/ssh/sshd_config to turn off Password based auth and only use Public Key auth.
1) You first need to creat a public key and private key pair. You can do this on almost any computer that has an ssh client.
If you use OS X or any UNIX/Linux type system, please see this link. On windows, Putty and Winscp come with a key generator that creates proper keys that they can use; see the link also, but ignore all parts expect those that tell you what to do on your iPhone/iPod, just make sure your ssh/sftp client is set it use your Private Key!
> Setting up SSH keys <
2) Open (or download from your device and open in your favorite editor) /etc/ssh/sshd_config
3) Look for a line containing PasswordAuthentication, make sure it's not commented and set to no, so it looks like:
4) Look for a line containing PubkeyAuthentication, make sure it's also not commented out and make sure it's set to yes, so it looks like:
*** If you run into any problems logging in with root, you can use Mobile Term or iFile to edit /etc/ssh/sshd_config to set PasswordAuthentication to yes if need be, which is recommended when first testing your key to make sure it works while still allowing you the fall back of regular password auth. Once you verify Key auth is working, turn off Password auth.
Also, regardless if you go with Key based auth or not, when you are out in public, it can be better to just turn off SSH altogether - very easy to do with something like SBSettings - you can't pick the lock if there is no door.
IMHO it only makes sense to have SSH on when you're at home or other trusted locations.
Last edited by szr; 11-23-2009 at 11:06 AM.
11-23-2009, 11:08 AM #31
If you cant change your iPhone's root password, you should not be installing OpenSSH in the first place.
Just my $0.02
11-23-2009, 11:19 AM #32
thanks, but this has been going round for at least a fortnight, ive had it :L and i dont live in the netherlands theres the easy but *** way getting out without donating, which is restoring which is ***! Unless you have ROCK backing up your stuff
11-23-2009, 12:11 PM #33
Would it not be possible to automatically prompt the user upon installation of OpenSSH to change the root and mobile passwords?
Just a thought...
11-23-2009, 12:31 PM #34
I think the solution would be to incorporate a password change feature in the jailbreak utilities from now on.
The Following User Says Thank You to bengo For This Useful Post:
11-23-2009, 12:33 PM #35
11-23-2009, 12:34 PM #36
great, this is all we need to give Apple an excuse for making iphones un-jailbreakable.
11-23-2009, 12:50 PM #37
11-23-2009, 01:32 PM #38
well...here it all goes again. fortunately w/ the previous 2 viruses you got a nifty pic letting you know you were infected. itll be too late, especially financially for those that get this sand worm.killall Terminal
11-23-2009, 02:51 PM #39
how come these carriers don't protect their customers and their own network by locking down these ports and protocols? duh!
11-23-2009, 02:51 PM #40