LinkBack URL
About LinkBacksHello I've made some research about the SSH security on jailbroken iPhones. But the only info I found was about changing the root password. Well IMO it's not enough since it's possible to bruteforce it. Now I'm asking you if it's possible to close ports, or at least change the SSH port? Also is there any way to limit connection attempts for SSH? Also any tips for further security is appreciated. I have average knowledge about Linux but am new to iPhone.
Thanks
Results 1 to 3 of 3
Discuss SSH security? at the iPhone 4 - Hackint0sh.org; Hello I've made some research about the SSH security on jailbroken iPhones. But the only ...
- 06-12-2010 09:32 PM #1Rookie Array
- Join Date
- Jun 2010
- Posts
- 20
- Post Thanks / Like
- Downloads
- 0
- Uploads
- 0
- Rep Power
- 0
SSH security?
- 06-14-2010 02:46 PM #2Super Moderator Array
- Join Date
- Mar 2009
- Location
- USA
- Posts
- 2,709
- Post Thanks / Like
- Downloads
- 0
- Uploads
- 0
- Rep Power
- 144
It is running OpenSSH to provide the SSH server access, so you can log into the device and edit the SSH configuration file to run on a non-standard port just like you would on a Linux machine, then just restart the phone or toggle SSH. Secondarily, install SBSettings and it will allow you to toggle the SSH server itself and enable or disable it at any given time. Most users disable SSH until they are connecting. This is inherently more safe than changing ports or refusing users who fail to authenticate multiple times.
Originally Posted by Antarktikali 
As far as limiting connection attempts, I'm not certain. I know that utilities such as fail2ban will do so on linux machines, but I'm not certain of an iPhone equivalent.The preceding forum post has been brought to you by the letter "N" and the number 42.
iPhone 4, 32GB (iOS 6.1.2 | evasi0n | SHSH: 4.0 - 6.1.2)
iPad 2 3G, 64GB (iOS 6.1.2 | evasi0n | SHSH: 4.3 & 4.3.3 - 6.1)
Restore problems? Read this: http://www.hackint0sh.org/f137/130802.htm
Did we solve your problem? Got a dollar or two spare? Please Donate!
-
- 06-15-2010 10:02 AM #3Super Moderator Array
- Join Date
- Sep 2007
- Location
- Norway
- Posts
- 8,360
- Post Thanks / Like
- Downloads
- 0
- Uploads
- 0
- Rep Power
- 438
What I would recommend instead is firstly changing the password. Then setting up public/private key pair authentication Quick Logins with ssh Client Keys
once you know this works, disable password authentication for SSH.
This is not a complete solution but it does prvent password sniffing, brute force attacks on the password and shifts the security focus to your desktop machine (or wherever you have stored the other half of the key pair)Please read the stickies & search forum before posting!
How to report an iTunes restore/update fail in a useful manner
-
iPad 3G 64GB (4.3.3, Redsn0w) oldest SHSH 3.2.2
iPhone 4 32GB (4.2.1, Redsn0w JB-monte) oldest SHSH 4.1
iPhone 3GS 32GB (4.3.3; Pwnagetool) factory unlocked oldest SHSH 3.1
iPhone 8GB (3.1.3; Pwnagetool) AT&T Locked - Unlocked with bootneuter
-
Did we solve your problem? Got a dollar or two spare ? Donate!
Reply With Quote
Similar Threads
-
MacRumors: Security Researcher Reveals iOS Security Flaw, Gets Developer License Revo
By hackint0sh in forum Latest HeadlinesReplies: 0Last Post: 11-08-2011, 10:00 AM -
security
By vfxpro in forum InstallationReplies: 0Last Post: 05-08-2010, 06:42 PM -
MacNN: Swann Security debuts DVR4-2500 security recorder kit
By hackint0sh in forum Latest HeadlinesReplies: 0Last Post: 12-29-2009, 06:20 AM -
Xtreme OS X Security
By bofors in forum Genuine Mac SupportReplies: 3Last Post: 07-13-2008, 12:33 AM -
Security through obscurity
By ger0nim0 in forum GeneralReplies: 6Last Post: 07-04-2007, 09:11 AM
Bookmarks