So its been fairly quiet then all the sudden a flood of “bug reports”, “security alerts”, or just “questions” on why SSH on reboot forces SSH to “ON” every reboot. First, this is by design and is not a bug. Please stop mailing me this as a bug report.
Here are the reasons for the feature working the way it does:
1) SBSettings and the SBSettings toggles are separate apps. SBSettings cannot configure the toggles without a significant amount of work which will not be done anytime soon. Therefore defaults for each toggle must be used.
2) No one should be rebooting their device very often. I reboot mine maybe once a week. So the SSH coming on when I don’t want it is very seldom.
#3 is a bit longer. But in short, you want SSH on reboot. If your device is hosed for whatever reason, this is likely the only way to fix it without a full restore. It is a protection mechanism for you.
During the boot up, there is a long period during the apple logo where the device connects to the network and you can SSH in. That’s the main window of protection. Here are some examples:
Example #1:
Lets say you installed Intelliscreen and now your device won’t boot (this is a paste real-world example). You just get apple logo and then it reboots. It doesn’t use mobile substrate so there’s no safe mode. Instead, it reboots over and over. During the apple logo you can SSH in (for about 2 minutes and then you’re cut off). Here you can do a few things:
1) apt-get remove com.intelliborn.intelliscreen <– uninstalls intelliscreen
2) If you know where the files are, you can manually delete them.
The device boots! (Note: I used Intelliscreen but it could be something else)
Example #2:
Another example, your springboard plist is totally corrupted and the result is the same. Apple logo and infinite reboot. Via SSH you can remove /var/mobile/Library/Preferences/com.apple.springboard.plist
Example #3:
Lets say you don’t know what’s wrong. In SSH you could tail -f /var/log/syslog (or enable syslog and enable it) and get some hints. The possibilities are really limitless.
In short, SSH on reboot prevents you from having to restore your device in critical error. If you don’t like it, as soon as your device boots up, disable SSH.
On another note, the SSH daemon is extremely low power and low overhead. It does not use any battery if there are no SSH sessions connected. Personally, I don’t even disable SSH. I like it always running. If you’re paranoid, change your root password.
BigBoss Authors: Mark Bruce & Kory LeeTags: SBSettings SSH, SSH on reboot
November 30th, 2008 at 7:56 pm
SSH has saved me a few times (I believe it was LyricWiki back on 1.1.4). Instead of having to completely reinstall everything after uninstalling LyricWiki, I was able to simply remove the launchdaemon via ssh.
I know that people should be able to figure out how to change their root passwords by now, but why don’t you look into making a quick and dirty gui for passwd? Something that not only changes your password, but remembers it too. (It’s more secure than leaving it alpine)
November 30th, 2008 at 8:31 pm
Haha. You’re a real **** about IntelliScreen. I’ve used it for months and have no problems. It hasn’t stuffed up the machine on boot since early beta stage. It doesn’t even have memory problems any more.
Love your work by the way, totally – your advice and your apps are great. Your vendetta against IntelliScreen though, not so much.
November 30th, 2008 at 8:34 pm
I was going to ask that lolz, but i’m sure loads of guides are already made .ask mr.google
November 30th, 2008 at 8:55 pm
Well said BB.
November 30th, 2008 at 9:26 pm
You say that SSH is toggled on automatically by design as a failsafe? But that only really holds water if you also design sbsettings to toggle on wifi after every reboot. which it does not.
Maybe you should design it to toggle that(wifi) on after reboot as well.
November 30th, 2008 at 9:29 pm
You say that SSH is toggled on automatically by design as a failsafe? But that only really holds water if you also design sbsettings to toggle on wifi after every reboot. which it does not.
Maybe you should design it to toggle wifi on after reboot as well. Because as I understand it, SSH is worthless without wifi enabled.
(Im not being sarcastic, I really think that it would be a good idea to have these two items toggled on after reboot as per your above examples)
November 30th, 2008 at 9:40 pm
I like IntelliScreen, but I don’t know why they removed the dependency on MobileSubstrate. I can’t use IS without having my iPhone randomly locked when I try to wake it up…
November 30th, 2008 at 10:57 pm
BigBoss,
You might find my usage patterns and perspective interesting:
1. I used the ‘SSH on reboot toggle’ in bossprefs since the start. This functionality as a toggle regardless of the reason for using it is -disabled- by having SBsettings installed, in effect you cant have SBsettings if you want to use this.
2. At boot I have always accessed the filesystem via USB with iphonebrowser (on google code) and never saw the reason (for me personally) to use SSH and have an extra security hole after every boot. I have gotten my phone out of an ALOD boot loop several times this way.
3. I have to reboot my device a lot for authentic appstore games that use a lot or too much memory and wont play well unless you restart before using the game. It sux, but it’s true. Many even say to do this.
This is why I had posted asking for the toggle back before, but now that I see your reasons, I wanted to share my use cases.
-WM
December 1st, 2008 at 12:32 am
That´s what it asked some time ago. It´ll be very useful to have WiFi switched on automatically on reboot. Hope it´ll be implemented soon.
Regards
December 1st, 2008 at 1:36 am
I am not against Intelliscreen. I just used it as an example since it doesn’t support mobile substrate safe mode. If an update comes out that does bork your device, you will need SSH to fix it. That’s all. I could have used Kate or something else for an example.
December 1st, 2008 at 1:37 am
That’s a pretty good idea. Unfortunately, it’s much easier said than done.
December 1st, 2008 at 1:40 am
I’ll address each of these by numbers since it’s not really correct:
1) Installing SBSettings does not change what bossprefs did. Simply don’t use the SSH toggle, or turn it off in the “more” app and use bossprefs. You can put bossprefs in your “dock icons” section if you want in SBSettings. Only toggling SSH will make this setting change… until you use bossprefs to disable SSH again.
2) You can only solve problems that way that you know where the file is. apt-get remove will not work in USB.
3) You do not have to reboot your device to free up memory. A simple respring will also kill all apps and all running tasks freeing up memory the same way as in a reboot. A reboot is unneeded and overkill. And on that note, what in the world do you have installed that you have so much memory used up that you cant play simple games? Sheesh? You definitely need to take a close look at what you have running. This is *not* how things are supposed to operate.
December 1st, 2008 at 4:14 am
Actually, it is really easy to do via SSH or mobile terminal. You just type ‘su root’, enter the root password (probably alpine) then enter ‘passwd’. From this point forward, there are on-screen prompts for the password and a confirmation. To change the mobile password (also a good idea) enter ‘passwd mobile’.
December 1st, 2008 at 7:03 am
Thanks, BB. I’m glad to know there are some very good reasons for having SSH available on restart. Your examples were helpful to me. I was a bit frustrated at first about having SSH on all the time after restart, even after changing my passwords. Keep up the great work!
December 1st, 2008 at 8:23 am
You could use the Safe Mode to play heavy games. It was just implemented, under Power, that way, extensions that run on MobileSubstrate won’t load and won’t use memory.
December 1st, 2008 at 8:49 am
Every time i gave Intelliscreen a new chance, i got problems with it.
I prefer Homescreen 2.0, it makes the most things possible like Intelliscreen, but uses Winterboard.
* Now includes the number of messages, missed calls, email, etc.
* Ability to hide and display 5 weather forecast, and full calendar
* New icon set “minis” (apple’s dashboard weather icons
* supports status notifiers 0.2.10, adds support to the following events:
* Unread Email
* Missed call/voicemail
* Calendar alerts – [i]it’s there but I still have no idea on how to invoke this
* SMS: MobileSMS / iRealSMS / biteSMS
* MMS: SwirlyMMS
* IM: BeejiveIM / Fring / Palringo
* RSS: NetNewsWire
* Silent mode (ringer off)
http://macthemes2.net/forum/viewtopic.php?id=16789820
try it, you will love it!
December 1st, 2008 at 12:17 pm
if anyone really wants to have ssh disabled all the time, just install the ToggleSSH app from bigboss repo. This will disable it even after a reboot if anyone is that obsessed about it. you can still use sbsettings to enable it and disable it… but youll have to use ToggleSSH for the disable to survive reboots.
December 2nd, 2008 at 7:48 am
Pretty please with sugar on top, add a option smoewhere of disabling SSH on reboot, like there was in BossPrefs. Why?
For instance, at the moment right now ph0n3.h4ck3r@gmail.com is exploiting the default password alpine on iPhones with SSH enabled in The Netherlands. The entire publicly accessible IP-range of the iPhone devices of T-Mobile was scanned to exploit vulnerable iPhones.
Mine was one of them. I thought I would be relatively safe, even with the default password (to prevent malfunctioning apps etc) since I only turned SSH on when I needed it and had it disabled on reboot in BossPrefs. After installing SBSettings it has been turning SSH on after reboot within me noticing. Now I’m trying to figure out what data they might have copied while I was sleeping with SSH on..
So again.. PRETTY PLEASE WITH SUGAR ON TOP, make it possible to disable this behaviour from SBSettings as well.
December 3rd, 2008 at 7:21 am
I just wrote a big article on why this is not happening. “Pretty please” will not change that. If you are worried about being hacked then do one of these things:
1) Use SBSettings to disable SSH. It’s convenient.
2) Change your root password using the passwd command in SSH or Terminal. If you don’t know how to do this, perhaps you don’t need SSH in the first place.
December 3rd, 2008 at 8:11 am
But my WiFi isn’t on when i boot my device. So IF my device doesn’t boot, how to connect with my iPhone if I have SSH on, but WiFi off..?
December 3rd, 2008 at 8:12 am
And can’t you make something that when the device is fully boot, that SSH (and maybe WiFi) will quit?
December 4th, 2008 at 3:47 am
is not easy to change the root’s pass on our Iphone, this is the problem….. or not?
December 4th, 2008 at 7:52 pm
Thanks 2 your 2 examples, SSH on reboot saved my ass. I had to leave for work real early today and the phone wouldn’t boot. I didn’t have time to recover and was getting ready to pop the SIM into my backup phone. Instead I removed Intelliscreen and com.apple.springboard.plist and wham, up and running in minutes. Thanks again.
December 6th, 2008 at 5:23 pm
GRRrrr…..
The docs need to not mislead users. They indicate just root’s password needs changing. My mistake trusting them. Having taken my iphone onto hostile territory with wifi, ssh enabled and mobile set to the default password, I’m worried and pissed. :-( maybe I should change even for users with shell=false too.
December 6th, 2008 at 5:30 pm
I really dont understand why so many people prefer to browse their phones this way.You need special client (at least putty)login and password all the time etc.
What i use is the T-Pot its an addon for total commander and very simply to use,simpler than ssh for sure.Or is it only me how use it?
December 6th, 2008 at 5:32 pm
And you dont need to turn ssh on reboot on…
December 6th, 2008 at 10:33 pm
That’s a good point. Changing mobile password is a good idea, too.
December 6th, 2008 at 10:33 pm
This is good for browsing files but not for issuing commands.
December 8th, 2008 at 10:17 am
Hi.. Great app… Just one cuestion. Is there any plug-in or somethin if I just wanna use the toggles and not the info window?
December 9th, 2008 at 9:52 am
Can you put a password protection on this? So if someone tries to open SBSettings while I’m not around it asks for a password?? That would be fantastic. Thank you!!
December 11th, 2008 at 9:09 pm
Dox are good now.
G: some of us have used ssh for years. With scp, keys, support and a track record…
December 11th, 2008 at 10:33 pm
I’m posting the wrong place but desperately I need help.
I seems my SSH is not working properly after the dec 10.08 critical update. My SFTP client can not log to the iPhone- cute FTP & Secure FTP connection on Total Commander. I can have access to the iPhone only trough FireFTP(Firefox plugin). i’m finding that very difficult to use in comparison the other clients. Can someone tel what changed with last update & is it possible, and how to revert back?
December 12th, 2008 at 11:02 am
but i’m reading that changing the root password on 2.2 (and earlier) is dangerous… i see bricking and restoring popping up in discussions about making the phone safer when SSH is left on all the time… my iphone shows up in my finder (which i love for quick wallpaper and SMSbackground additions) but also makes it so that anyone in the airport can see my phone and log in using the well known root/alpine
my options are to turn off SSH (toggle doesnt seem to work) or preferably change the root password so i only i can log in
do you have a link to a safe process for changing the phone’s log in info through SSH?
thank you :)
December 14th, 2008 at 6:53 pm
Changing the root (and mobile) password is safe. Just don’t forget them.
December 14th, 2008 at 8:54 pm
any idea what the safest way is?
December 18th, 2008 at 1:24 am
Seriously – why won’t you add this feature? If people want to screw their chances of fixing their phones because SSH isn’t running during that crucial reboot cycle period, then let them screw themselves. I don’t understand your desire to wield the final decision and power over people.
Also, an alternative compromise would be to have an option which allows SSH to be active for X minutes after power on — so you could set it to 5 minutes and then 5 minute after boot have SSH disable itself. This would give a compromise between the power on enabled by default and the security people who don’t want to walk around with SSH enabled because they FORGOT they have to disable it after they reboot their phone (which they may do when they are busily trying to call someone).
You could even have a big warning sign pop up to explain to people why they would NOT want to disable SSH enablement on bootup.
Reconsider with these suggestions and thoughts?
December 21st, 2008 at 2:42 pm
Anyone here had aptBackup fail on recovery and have their iPhone never get past the pwnapple?
I ssh’d in — SpringBoard is at 50%, I see nothing useful in CrashReporter. It reboots every 10 minutes.
I have tried apt-get update, clean, etc, but it still hangs. How do you use apt-get to clear out everything Cydia installed?
January 21st, 2009 at 8:25 pm
This is a great explanation for not fixing it, but it didnt seem to be a safety issue when bossprefs was around and you had the option to disable it on restart.
January 21st, 2009 at 8:27 pm
Also, all of my other toggles are able to stay in the last known state on a reboot why cant ssh do this? Doesnt make sense to me.
November 8th, 2009 at 9:09 pm
So is this still a good idea, now that worms are spreading for Jailbroken phones with SSH enabled?
September 12th, 2010 at 6:21 pm
meow
October 13th, 2010 at 6:04 am
When a friend asks how to transfer files onto their iPhone I always recommend using NetaTalk (assuming they own a Mac). It’s a heck of a lot more user friendly than needing to install a separate FTP client.
However the default password for NetaTalk is the same used via SSH, ‘alpine’. And with MobileTerminal broken on iOS 4.0 and Rock crippled, the easiest way to change your password is to install SSH so you can use remote terminal commands to do so. However once that’s done if you’re dedicated to using Netatalk and never SSH, then turning SSH on upon reboot is still just one more security hole. Sure, you can uninstall it, but… seriously? Just because I don’t foresee using it doesn’t mean that one wants to delete it!
November 29th, 2010 at 3:56 am
Well, this is annoying.
I just spent the better part of an hour finally sitting down and digging into why launchd wasn’t honoring RunAtLoad=false or Disabled=true in the sshd plist; since SBSettings and the Cydia autostart were the only things starting at boot that weren’t from Apple, a “strings” across sbsettingsd revealed pretty clearly what was going on. Then, a little searching brought me to this article.
Seriously? You’re going out of your way to override the users’ explicitly-configured wishes?
For what it’s worth, my use case is straightforward: my work network doesn’t permit non-kerberized SSH daemons, and actively scans for them. If they detect one, the device is removed from the network, which makes for a nice surprise and a fair bit of annoyance when I’ve rebooted over a weekend and forgotten to manually disable sshd.
Since openssh wasn’t built with tcp wrappers, I can’t just block connections from the network in question to prevent the issue. Disabling sshd at boot is the next obvious option, since I can always enable it on demand, and I simply don’t care about recoverability: I’ll reinstall if needed. But, you’ve gone out of your way to remove that option.
Uninstalling openssh is overkill; I do use it, but enable it on demand. I’d prefer not to uninstall sbsettings over it, either, but I’m slowly getting there. My current workaround is a script that wraps sbsettingsd and disables sshd shortly after sbsettings enables it. Not perfect, but should be close enough as long as I don’t blindly upgrade sbsettingstoggles.
This might be a useful thing for novice users, but be damned if it’s not utterly frustrating for someone who understands what they’re doing and has a legitimate use case that’s being thwarted.
December 13th, 2010 at 3:57 pm
And that’s EXACTLY the way it should work. SSH should be on during boot and then when everything is booted it auto shuts off. Everyone is happy in that scenario.
Since you’ve gone to the trouble of making that script, would you be so kind as to put up a link to download it with some simple instructions? I think everyone who hates the current operation would appreciated your efforts.
April 1st, 2011 at 11:18 pm
I second that. I’ve been trying to do the same thing for quite some time. But my limited skill & knowledge with such matters has held me back. My reasons aren’t relevant, it’s a matter of freedom. The entire reason I jailbreak is to remove restrictions, not gain them. It would be greatly appreciated if you could post your work somewhere. Instructions are optional, appreciated but optional.
April 14th, 2011 at 12:59 pm
Wow! Great thkniing! JK
October 4th, 2011 at 9:58 pm
I was recommended this blog via my cousin. I’m no longer sure whether this submit is written by way of him as nobody else realize such distinctive about my trouble. You are incredible! Thanks!
January 24th, 2012 at 8:35 pm
You really make it appear really easy together with your presentation however I to find this matter to be really one thing that I think I would never understand. It kind of feels too complicated and very wide for me. I am having a look ahead in your subsequent publish, I’ll attempt to get the cling of it!
January 31st, 2012 at 5:59 pm
Just desire to say your article is as astonishing. The clarity for your put up is just excellent and i can think you are knowledgeable in this subject. Fine together with your permission let me to snatch your RSS feed to stay updated with approaching post. Thanks one million and please continue the rewarding work.
February 14th, 2012 at 1:16 am
You really make it seem really easy along with your presentation but I in finding this topic to be really something which I feel I would never understand. It seems too complicated and extremely large for me. I am having a look forward for your next publish, I’ll try to get the cling of it!