iPhone SSH
August 28, 2007 2:34 PM   Subscribe

After installing OpenSSH on your iPhone, is there a way to disable it except when needed?

In order to easily put files on my iPhone, I installed the BSD subsystem, ssh, and a terminal. Of course, I changed the root password. But I find it strange that I can log on to the iPhone through ssh all the time, not just when I have launched the terminal and run ssh in some way. Is there a way to turn off the ssh service except when needed? I am bothered by the security and possible battery life implications. Or am I misunderstanding what is going on?
posted by yesno to Technology (11 answers total) 1 user marked this as a favorite
 
You're going to have to add some more detail, namely what you mean by "log on to the iPhone" and "just when I have launched the terminal." Are you talking about two separate environments?
posted by rhizome at 3:12 PM on August 28, 2007


(i assume they want the bsd equivalent of "chkconfig -d sshd")
posted by andrew cooke at 3:35 PM on August 28, 2007


and if i google that the answer is here - just change the "yes" to "no", i assume.
posted by andrew cooke at 3:36 PM on August 28, 2007


is that clear? you want to follow those instructions except use sshd_enable="NO". disclaimer: i have no idea if this also applies to iphones.
posted by andrew cooke at 3:38 PM on August 28, 2007


battery life implications, incidentally, are unlikely to be important. if you are worried about security you may want to configure sshd to only allow certain users, etc. example config. i'll shut up now...
posted by andrew cooke at 3:42 PM on August 28, 2007


OpenSSH on the iPhone wouldn't be much different from OpenSSH anywhere else - there's a daemon called sshd that deals with incoming ssh connections. you could always chmod -x it (on my Mac, it's in /usr/sbin but might be elsewhere) and reboot. then chmod +x and reboot to re-enable. it'll also put a script somewhere to automatically start it on boot; you could always just do chmod -x on it and then run it manually (/bin/bash whatever-the-script-is-called start, probably) when needed.
posted by mrg at 3:46 PM on August 28, 2007


The iPhone doesn't have a typical init.d setup.

I think this file is controlling the launch of sshd: /Library/LaunchDaemons/com.openssh.sshd.plist
posted by Good Brain at 4:03 PM on August 28, 2007


Yeah, it uses launchd, which seems to be assuming an inetd/xinetd-like role in this case. I think maybe just moving or getting rid of the sshd plist will take care of the issue
posted by Good Brain at 4:08 PM on August 28, 2007


The plist that ships with OpenSSH for iPhone specifies it as an "on-demand" launchd service, meaning it runs when someone tries to contact the correct port. You can see it in /Library/LaunchDaemons/com.openssh.sshd.plist. So it isn't sitting there draining your battery all day, and I wouldn't worry about this, beyond of course changing the passwords on the root and mobile accounts.
posted by evariste at 4:56 PM on August 28, 2007


@rhizone

What it means is, you can log into the iPhone remotely through ssh. Launching the terminal means running a terminal emulator directly on the iPhone.

@evariste

Ok, thank you for the information and piece of mind.
posted by yesno at 5:48 PM on August 28, 2007


Update: I confirmed evariste's information by running "top" on the vt-100 emulator on the iPhone and seeing that ssh would only start up when I made a connection from my computer.
posted by yesno at 6:30 PM on August 28, 2007


« Older Hey, I could be wrong   |   Flashcard software for OSX and Palm? Newer »
This thread is closed to new comments.