Results 1 to 3 of 3
Discuss SSH security? at the iPhone 4 - Hackint0sh.org; Hello I've made some research about the SSH security on jailbroken iPhones. But the only ...
  1. #1
    Rookie Array

    Join Date
    Jun 2010
    Posts
    20
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default SSH security?

    Hello I've made some research about the SSH security on jailbroken iPhones. But the only info I found was about changing the root password. Well IMO it's not enough since it's possible to bruteforce it. Now I'm asking you if it's possible to close ports, or at least change the SSH port? Also is there any way to limit connection attempts for SSH? Also any tips for further security is appreciated. I have average knowledge about Linux but am new to iPhone.

    Thanks



  2. #2
    Super Moderator Array n1ckn4m3's Avatar

    Join Date
    Mar 2009
    Location
    USA
    Posts
    2,717
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    145

    Default

    Quote Originally Posted by Antarktikali View Post
    Hello I've made some research about the SSH security on jailbroken iPhones. But the only info I found was about changing the root password. Well IMO it's not enough since it's possible to bruteforce it. Now I'm asking you if it's possible to close ports, or at least change the SSH port? Also is there any way to limit connection attempts for SSH? Also any tips for further security is appreciated. I have average knowledge about Linux but am new to iPhone.

    Thanks
    It is running OpenSSH to provide the SSH server access, so you can log into the device and edit the SSH configuration file to run on a non-standard port just like you would on a Linux machine, then just restart the phone or toggle SSH. Secondarily, install SBSettings and it will allow you to toggle the SSH server itself and enable or disable it at any given time. Most users disable SSH until they are connecting. This is inherently more safe than changing ports or refusing users who fail to authenticate multiple times.

    As far as limiting connection attempts, I'm not certain. I know that utilities such as fail2ban will do so on linux machines, but I'm not certain of an iPhone equivalent.
    The preceding forum post has been brought to you by the letter "N" and the number 42.

    iPhone 4, 32GB (iOS 6.1.2 | evasi0n | SHSH: 4.0 - 6.1.2)
    iPad 2 3G, 64GB (iOS 6.1.2 | evasi0n
    |
    SHSH: 4.3 & 4.3.3 - 6.1)

    Restore problems? Read this: http://www.hackint0sh.org/f137/130802.htm

    Did we solve your problem? Got a dollar or two spare? Please Donate!


  3. #3
    Super Moderator Array Olethros's Avatar

    Join Date
    Sep 2007
    Location
    Norway
    Posts
    8,360
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    439

    Default

    What I would recommend instead is firstly changing the password. Then setting up public/private key pair authentication Quick Logins with ssh Client Keys
    once you know this works, disable password authentication for SSH.

    This is not a complete solution but it does prvent password sniffing, brute force attacks on the password and shifts the security focus to your desktop machine (or wherever you have stored the other half of the key pair)
    Please read the stickies & search forum before posting!
    How to report an iTunes restore/update fail in a useful manner
    -

    iPad 3G 64GB (4.3.3, Redsn0w) oldest SHSH 3.2.2
    iPhone 4 32GB (4.2.1, Redsn0w JB-monte) oldest SHSH 4.1
    iPhone 3GS 32GB (4.3.3; Pwnagetool) factory unlocked oldest SHSH 3.1
    iPhone 8GB (3.1.3; Pwnagetool) AT&T Locked - Unlocked with bootneuter

    -
    Did we solve your problem? Got a dollar or two spare ? Donate!

 

 

Similar Threads

  1. Replies: 0
    Last Post: 11-08-2011, 09:00 AM
  2. security
    By vfxpro in forum Installation
    Replies: 0
    Last Post: 05-08-2010, 06:42 PM
  3. MacNN: Swann Security debuts DVR4-2500 security recorder kit
    By hackint0sh in forum Latest Headlines
    Replies: 0
    Last Post: 12-29-2009, 05:20 AM
  4. Xtreme OS X Security
    By bofors in forum Genuine Mac Support
    Replies: 3
    Last Post: 07-13-2008, 12:33 AM
  5. Security through obscurity
    By ger0nim0 in forum General
    Replies: 6
    Last Post: 07-04-2007, 09:11 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 09:13 PM.
twitter, follow us!