Guide to setting up Secure SSH between iPhone and your Mac

Working SSH Instructions by NerveGas

Previous instructions on the net have required the use of restore mode to set
binary permissions. Unfortunately, restore mode doesn’t work with all public
versions of iPhoneInterface I’ve tried. The instructions below work by
overwriting an existing binary on the system with chmod, and then calling it
with the appropriate arguments to set permissions. The result is a fully
functional SSH setup. You can then proceed to uploading your own world builds,
or other programs to execute via commandline.

Step 1: Key Creation

On your Mac or PC, download dropbear from here:

http://matt.ucc.asn.au/dropbear/dropbear.html

Run: ./configure && make

You don’t need to install the software, just run:

./dropbearkey -t rsa -f dropbear_rsa_host_key
./dropbearkey -t dss -f dropbear_dss_host_key

And copy the two new key files into your iPhoneInterface directory.

Step 2: Uploading dropbear and friends

Download the iphone-ssh kit and the iphone binaries kit:

http://www.abigato.com/iphone-ssh-kit-vr1.tar.bz2
http://netkas.freeflux.net/blog/

Rename sh6 from the kit to sh.

Use the jailbreak application to break out of jail, and then open
iPhoneInterface to connect.

mkdir /etc/dropbear
cd /etc/dropbear
putfile dropbear_rsa_host_key
putfile dropbear_dss_host_key
cd /bin
putfile chmod
putfile sh
cd /usr/bin
putfile dropbear

Step 3: Overwriting ‘update’ with ‘chmod’

While still connected to iPhoneInterface, make a backup copy of
/usr/sbin/update:

cd /usr/sbin
getfile update

Rename this to update.original on your local filesystem

Now copy the ‘chmod’ binary to ‘update’ and upload it back to the
iPhone:

cd /usr/sbin
putfile update

Step 4: Overwriting the update configuration

Now the ‘update’ binary is really ‘chmod’, and has execute permissions! We
just need to tell the iPhone to chmod next time it boots. To do this, we
download /System/Library/LaunchDaemons/com.apple.update.plist and add our
own arguments to ProgramArguments:

0 /usr/sbin/update
1 555
2 /bin/chmod
3 /bin/sh
4 /usr/bin/dropbear

Save the new plist and upload it back to the iPhone:

cd /System/Library/LaunchDaemons
putfile com.apple.update.plist

While we’re here, lets also:

putfile au.asn.ucc.matt.dropbear.plist

Step 5: Reboot the iPhone twice.

The first reboot should set the permissions on the dropbear and related
binaries. The second reboot should start dropbear, so you can ssh to it:

ssh -l root [IP ADDRESS]
The root password is ‘dottie’.

Step 6: Replace the original update and com.apple.update.plist files

Don’t forget to put the old update files back. Rename update.original back
to update, and delete the extra ProgramArguments you added to
com.apple.update.plist. Now put them back:

cd /System/Library/LaunchDaemons
putfile com.apple.update.plist

cd /usr/sbin
putfile update

Step 7: Change the root password

If you don’t like ‘dottie’, you can generate a new encrypted password
by running:

perl -e ‘print crypt(”MYPASSWORD”, “XU”);’

Where MYPASSWORD is the new password you want, and XU is a random two-letter
salt. Copy the encrypted output and replace the existing one in
/etc/master.passwd on the phone.

Source: Pastebin.com