Changing SSH password in 1.1.3 JB?

Discussion in 'iPod touch Firmware 1.1.3 Discussions' started by lvlln, Jan 27, 2008.

  1. lvlln

    lvlln New Member

    Joined:
    Nov 10, 2007
    Messages:
    312
    Likes Received:
    1
    I'm running and enjoying Devteam's 1.1.3 JB, but I haven't been able to figure out how to change the SSH password from alpine to my own. I know that in 1.1.2, there was an SSH app that came preinstalled if you wished, which gave you the option of turning SSH on and off, as well as changing the password. But 1.1.3 had nothing like that. I installed OpenSSH from Installer, but obviously that didn't add any icon to Springboard.

    So does anyone know how I would go about doing that?
  2. lvlln

    lvlln New Member

    Joined:
    Nov 10, 2007
    Messages:
    312
    Likes Received:
    1
    Sorry to bump, but I still have yet to see any mention of this subject by anyone in any thread in any of the subforums.
  3. toehead

    toehead New Member

    Joined:
    Dec 27, 2007
    Messages:
    267
    Likes Received:
    0
    on top of that, the passwd command is broken. Dont use it.
  4. gbevin

    gbevin New Member

    Joined:
    Nov 5, 2007
    Messages:
    2
    Likes Received:
    0
    I'd like to find a fix for that too, I hate it that root is accessible with the default password. If I forget to turn off SSH, anyone has access to my iPod.
  5. Darkdoom

    Darkdoom New Member

    Joined:
    Dec 16, 2007
    Messages:
    21
    Likes Received:
    1
    Device:
    iPod touch
    Dont forget, that only everyone in your current WLAN.

    I'm using SSH only at home in my private WLAN so i dont mind changing the PW.

    BTW...you should be able to set your PW during the Jailbreake 1.1.2

    MfG Darkdoom
  6. kappatango

    kappatango New Member

    Joined:
    Jan 2, 2008
    Messages:
    998
    Likes Received:
    6
    This is a good point and worth re-iterating.

    SSH access is only viable if connected to the same network on the PC, as it uses a local IP via the router.

    If you are connected to your secure home network, only other computers on that network can gain access.

    On the other hand, if you are connected to your School / work / public wireless, then you could be leaving yourself open....

    KappaTango
  7. johnInSJ

    johnInSJ Member

    Joined:
    Dec 15, 2007
    Messages:
    551
    Likes Received:
    9
    Device:
    iPhone 4 (Black)
    I'm not up to speed on darwin (linux guy here) - is there any kind of packet firewall? Maybe we can port it to the touch, then you'd be able to add some firewall rules and limit access to port 22 to only from a single trusted ip address.

    Or, alternately, we could change the sshd prefs to run sshd on a non-standard port, which at least will make it harder. I'll look into that this morning.
  8. Gaming Warrior

    Gaming Warrior New Member

    Joined:
    Dec 8, 2007
    Messages:
    159
    Likes Received:
    12
    the passwd cmd worked for me in 1.1.3.
  9. toehead

    toehead New Member

    Joined:
    Dec 27, 2007
    Messages:
    267
    Likes Received:
    0
    really?

    There is a warning that says "do not use passwd under 1.1.3 or you will get a constantly rebooting springboard"

    glad it worked for you.
  10. johnInSJ

    johnInSJ Member

    Joined:
    Dec 15, 2007
    Messages:
    551
    Likes Received:
    9
    Device:
    iPhone 4 (Black)
    Assuming you have OpenSSH installed...

    In an ssh session or Term-vt100 do

    edit /private/etc/services (I use vi, use whatever works for you)

    search for ssh ( there are two lines, right next to each other)
    Code:
    ssh              22/udp     # SSH Remote Login Protocol
    ssh              22/tcp     # SSH Remote Login Protocol
    
    change both 22s to something else over 1000 under 9999
    For example
    Code:
    ssh              1122/udp     # SSH Remote Login Protocol
    ssh              1122/tcp     # SSH Remote Login Protocol
    
    Save, exit ssh if you ssh'ed in, stop/restart sshd on the touch or reboot touch

    Now, you should be able to ssh in on that nonstandard port ONLY
    Code:
    $ ssh -l root 10.0.0.25
    ssh: connect to host 10.0.0.25 port 22: Connection refused
    $ ssh -p 1122 -l root 10.0.0.25
    root@10.0.0.25's password: 
    Last login: Tue Jan 29 08:44:44 2008 from 10.0.0.1
    # 
    # exit
    Connection to 10.0.0.25 closed.
    
    Not perfect, but at least you're not just hanging out there in the breeze

    Please Register or Log in to view images



    If you're feeling like playing with preshared keys, you can disable login and only support preshared keys - I have not tried that yet, but it looks like /etc/sshd_config is used so you could follow one of these guides:

    http://www.openfsg.org/index.php/Ssh_without_passwords

    That would make it much safer indeed!

Share This Page