Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
09-24-2009, 08:50 PM #1Veency over 3G/Edge working w/ iDNS
I only started using Veency a few weeks ago but was bummed that it wouldn't work over the cell network due to the fact that incoming connection requests are blocked.
The guys over at this thread had the brilliant idea of creating a reverse SSH tunnel and automatically keeping that connection alive using Auto SSH and a couple of scripts. I wasn't able to get that working personally so I tried another route: VPN home server. The problem with VPN is that my local telco (Rogers) no longer allows the use of VPN over 3G unless you subscribe to their VPN service for an extra $10 /month! Crooks. In the end, I got the service turned on for free which gave me access to a new APN that would assign my phone a publicly accessible IP. This entailed some changes to the iPhone's APN settings but unfortunately the tech support agent I was talking to had no clue how to push the APN configuration over to my phone. So I used this link to create my own custom APN profile: Unlockit - APN Changer for your iPhone (visit via your iPhone)
Now that VPN was working over 3G and Edge I was finally smiling. The only thing I had to figure out now was how to get the phone to automatically connect to my VPN server at startup AND keep the connection alive as I roam about my coverage area. After fiddling unsuccessfully with some plist files in the iPhone's LaunchDaemons folder I realized it was unnecessary... now that I have a public IP for my phone I should be able to establish a direct connection with veency on demand without wasting precious battery power on a persistent connection. It worked! Big smile
So I'd killed two birds with one stone. Now all I had to do was get around the pesky issue of dynamic IPs... no problem. I downloaded a handy little app called iDNS from Cydia which regularly updates the phone's IP with my free No-ip host name.
That's it! Now if my phone ever gets stolen or misplaced I'll stand a good chance of retrieving it. Hope some of you found this helpful!
10-02-2009, 11:54 AM #2safe? secure?
Update: I followed your link, ON MY iPHONE =)... and created a custom APN, i just dont see how this could create a public IP, or somehow disable the firewall 3G has built in to not accept incoming... but i will let you guys know as soon as i finish testing it...
i have herd of such things, note: im the guy from the other forums of reverse ssh tunnels to your iphone...
my method only allows a specific reversed server to have access to the iphone... NOT THE WHOLE WORLD!!
running a REAL server on a PUBLIC ip address requires a firewall...
I question the security of this idea, and the safety of your iphone... asuming this gets more attention soon, it will be a hotspot for hackers...
Please, I will do my best to get this forum linked to some security info sites (android) and see if there are any obviouse wholes... ie, someone can crack into your iphone without a password...
NOTE TO darko:
If you are using the above method... please make sure to change your mobile and root password on your iphone, and of course disable any listening server services when you do not need them
Last edited by michaelwithe21; 10-02-2009 at 12:45 PM.
10-04-2009, 12:56 PM #3
lol first calm down a bit, you seem to get worked up over this in every forum post of yours I've read. Maybe it's just the frequent use of CAPS?
As I mentioned in my post, I had to contact my telco to get a public IP. Normally they (Rogers) charge $10/mo for this but I got it for free. I believe AT&T does as well but I can't be sure. You need this if you want to be able to use your phone's VPN over 3G. From what I understand it is they that block incoming connection requests as well as GRE packets over the 3G network. Afterward I had to update my APN settings myself because the CSR I was talking to had no clue what I was talking about. The link I provided is to a free service that will let you customize your own APN file and then push it to your phone. It works well. Alternatively, you can manually edit your APN settings or find an app through Cydia to do this.
As for your security concerns... yes, definitely change your SSH password. I'm sure that creating a SSH tunnel to your computer is safer but it lacks the convenience of being able to connect to (find) your phone from any machine besides your own. It also requires you to maintain a persistent connection which probably drains the battery much more quickly.
Anyway, this is an ISP approved service that they offer publicly so I assume that they're running their own security measures at some level. If not, iPhone hacking is pretty rare so I'm not concerned and will rely on application level password protection for now. I've also got Hackulo's security app installed for good measure (not exactly sure what it protects against though). If a better, more eloquent solution presents itself I'll adopt it but for now this is as close to ideal as I can get. Just throwing it out there for anyone else interested in trying.
10-04-2009, 02:57 PM #4
you definitely nailed all of my concerns, and as long as you understand the security issue, all is well..
as far as the service provider putting up their own defenses on a public IP, i dont really think they can, a true Public IP with no router is OPEN... hackulo's pkg is ur best approach for the time being...
I have herd of people demanding a Public IP from AT&T, and i hope to do this soon, because as you said, the ssh tunnel itself does not drain battery (just when its connected to), but the auto ssh or daemon which would maintain it would definitely take its toll on the iphones small battery life...
thanks for your reply!!
I LOVE CAPS =)
08-05-2012, 03:20 AM #5
First of all my apologies for grave digging but this thread is a valuable source I cant find anywhere else!
I'm struggling a little with this and any help would be appreciated! I rekon I'm 90% of the way there!
Phone : 4s
Firmware : 5.1
JB : Absynthe
Open SSH : Y
Veency : Y
Mobile Terminal : Y
Cable modem--> Router--> Repeater--> PC(HOME)/TV/XBOX & WIFI
On my PC I have VNC Viewer and UltraVNC viewer
Step 1 : ssh -p 22 [email protected] -f -N -R 1201:localhost:5900 (92.235.xxx.xxx is the PC external IP not the LAN IP)
Step 2 : ssh -p 2222 92.235.xxx.xxx -f -N -R 1202:localhost:22
Step 3 : iPhone --> Settings --> Veency --> Double check its enabled with a basic pw
Step 4 : Fire up Ultra VNC viewer and set 127.0.0.1:1201 (SEE FIG.1)
Step 5 : Receive connection error (SEE FIG.2)
Step 6 : Open PuTTy to check connection ssh -p 1201 [email protected] --> Unable to open connection to localhost. Host does not exist.
Would anybody be able to shed some light on this?
Thanks in advance,
08-06-2012, 12:12 AM #6
Hey Jason, it feels like a long time ago that I did this and can't remember much about my config. But the key was in having my cell provider enable public IP for my phone. Not sure if your provider allows public access to mobile IPs but without it you won't be able to reach the phone when it's on a mobile network.
I don't have a public IP anymore nor do I run Veency. Ultimately I realized I dont use it much and I got a $10 /mo credit for cancelling it. Now that the 'find my iphone' feature is available to all iphone users it seems less necessary to run Veency unless you want to do more than locate your phone.
Sorry I'm not able to help further but if you do get yours working please share it in this thread! Good luck
 Btw, what're the ssh commands about? In my setup I didn't create any tunnels, I simply accessed Veency server running on the phone directly. I also noticed in Your screenshot that there are 2 colons before the port number, is that right? [/edit]
Last edited by ddarko777; 08-06-2012 at 12:23 AM.
08-06-2012, 08:27 AM #7
Thanks for the reply! Ye its an old thread! My provider is UK network GiffGaff who run off the back of the more popular o2 network. Iam awaiting word back from them re a public IP.
The find iPhone feature is handy but it would e great to access a mobile from a pc, say if it was a workplace where mobiles were prohibited and jammers were in effect and you decided to leave your phone in the glove-box! :-P
Th SSH commands were my first attempt at creating a tunnel which resulted in me destroying the living daylights of every possible network setting so I wont be touching that again! The double colon is a strange one I agree but that's what the program takes.
As soon as I hear back from GiffGaff I'll update.