thats right guys, I am the first as far I as I can tell to figure this one out

We can all SSH and VNC to our phones using openSSH and Veency via WiFi or WiFi device (in some cases a cable)...

But what I am here to present is a command via the MobileTerminal.app within the jailbroken iphone that can created a REVERSE SSH connection using the 3G internet (Edge not tested).

Here is what you will need to control your iPhone no matter where it goes (stolen or not):

Jailbroken iPhone with cydia
OpenSSH installed on phone
Veency (now with passwords)
Mobile Terminal.app installed on phone
An SSH server running on the computer/device you want to use to remotely access your iPhone (preferably on a port other than 22 for security and other reasons)
Forward a port (or DMZ) to your local IP and SSH port (only if using a router)

Once you have all those things...

open MobileTerminal.app within iPhone, login to root using alpine as the password (change later using passwd command) NOTE: you may also use mobile user name with same alpine password). You can do this by typing "login root", enter, then "alpine" as the password.

If you are logged in as root type the following ignoring the ( ) 's and placing the correct characters in place of them:

ssh -p (SSHPORT#) (User\ Name)@(Domain/IP of SSH computer) -R 1201:localhost:22

or for background command

ssh -p (SSHPORT#) (User\ Name)@(Domain/IP of SSH computer) -f -N -R 1201:localhost:22

OR for VNC access (full control of your stolen/lost iPhone)

ssh -p (SSHPORT#) (User\ Name)@(Domain/IP of SSH computer) -R 1201:localhost:5900

or background command:

ssh -p (SSHPORT#) (User\ Name)@(Domain/IP of SSH computer) -f -N -R 1201:localhost:5900

NOTE: you can change the 1201 port to anything you prefer, make sure to change in further steps...

Once it connects, you will have to type "yes" for the first time connecting, type your password for your computer... If you see you are now logged into your home computer via your iPhone, you can close the terminal via the home button (you do not need to run backgrounder for the terminal to stay connected) and continue to the next steps..

That command above forwarded the iPhone's SSH protocol/port to your localhost's computer's port, allowing you to login to the iPhone's SSH server by entering the following into your Mac/PC's Terminal CLI:

ssh -p 1201 root@localhost

or for VNC now go into your VNC client of choice and enter this information:

server: localhost (or you can type 127.0.0.1)
port: 1201 (or watever port you put earlier to tunnel from)
password: (I have herd you can put anything, no PW settings for Veency yet)

vwalla, you have now connected to your iPhone's SSH server via its own SSH IP within a reverse tunnel...this method can be used to bypass any routers or firewalls set up by ATT

This same method can be used once VEENCY is installed using port 1202:localhost:5900 ... meaning!!!

YOU CAN CONNECT TO YOUR iPHONE's VNC and SSH server no matter where it goes, as long as you run an SSH server from your home (or other) computer!!!

am i the first to see this?

Questions for smart people =)

1) Is there a way for me to add this reverse command to my iPhone's startup? this would allow me to always connect to it even if the thief turns it off and then on.

2) Would this command work if they changed the sim card after stealing my phone?

3) This command may need to be ran every time the 3G IP changes, but as far as I can tell, SSH tunnels stay open even if the user turns off 3G and then turns it back on, as long as the IP is the same and the source is the same... IS THERE ANYTHING ELS WE CAN DO WITH THIS SSH Reverse Tunnel via 3G internet?

4) almost forgot... Is there anyway to do a reverse Proxy command from the iPhone Terminal... basically tethering my IP via my home computers internet... example:

ssh user@homecomputer -D 9999 ---this works but i need the opposite direction

i have tried things like ssh user@homecomputer -RD 9999 with no luck.. any ideas? I know there are other ways to tether your internet that involve connecting to a device via WiFi... but thats too easy =P


please correct me if im wrong... but this opens up new doors to the iPhone's 3G network and iPhone capabilities!

Leave a comment if you have any defiant answers or questions, otherwise, if you are feeling special, email me at michael_withe21@hotmail.com with any questions or answers to my genius idea... or if you want to claim doing it before me =)


UPDATE: it seems if im connected to 3G then i swap to WiFi, the existing tunnel remains, but I am unable to connect. ONCE I SWITCH BACK, WITHOUT RE-EXECUTING THE COMMAND, the tunnel is still connected and allows remote access. So I tried the other way, WiFi first, execute, then switched to 3G and then activated Wifi again, Tunnel remained!! interesting!! but if the source changes and doesnt return to the IP of the original "command giver's" IP address, the command will need to be executed again:

Seems this is something that an hourly process can fix... the process could run every hour, or somehow know when the internet source changes, whether it be to wifi, 3g or edge... Before the tunnel is re-created, the old "tunnel" would have to be closed via terminal/command, assuming you CANT use the same port to forward to (1201 in this case) while the localhost still sees it as connected. An hourly process would not be battery consuming and would allow for higher chances of getting phone back. NOTE: This will have to use a NoPassword DSA/RSA key, iphone supports all bits. DSA is known to be safer and has "never" been "cracked" =P

For those setting up an SSH server on Windows Operating Systems:

When you install Cygwin, make sure to follow their instructions, you must install it with its own directory, and make sure you have installed the correct SSH packets required to run an ssh server within cygwin... here is a good link for step-by-step Cygwin installation:

http://pigtail.net/LRP/printsrv/cygwin-sshd.html

OR (older version)

http://erikjheels.com/?p=470

WHEN you have problems or differences WITH THE ABOVE INSTALLATION RULES, read these posts:

http://www.nabble.com/Wrong-Permission-on-the--var-directory-td18713386.html

http://davedotnet.blogspot.com/2006/06/installing-loopback-adaptor-in-windows.html

http://www.inkompetent.de/knowledge_base/software/vnc_loop_back.html

If you have completed that, and you are having troubles, contact me via email michael_withe21@hotmail.com


UPDATE: Veency now has a password implication within the "preferences", so now all we need is to automate reverse ssh commands at iphone bootup and change of IP.

well done. You must have a lot of time on your hands :rolleyes:

Not to put a downer on the whole thing but why would you want to do this? If its stolen then its gone! Very slim chance you will get it back and if they have some common sense then they would wipe it and start frest pritty quickly??

Everything thats on your phone is on your pc/mac and synced so its not like you dont have access to it in the first place if your at your pc? :confused:

Just curious thats all :rolleyes:

Andy

well done. You must have a lot of time on your hands :rolleyes:

Not to put a downer on the whole thing but why would you want to do this? If its stolen then its gone! Very slim chance you will get it back and if they have some common sense then they would wipe it and start frest pritty quickly??

Everything thats on your phone is on your pc/mac and synced so its not like you dont have access to it in the first place if your at your pc? :confused:

Just curious thats all :rolleyes:

Andy

I dont have too much time lol =), but i am very familiar with SSH connections do to my ITT network degree =P

Are you kidding? you could wipe your phone clean with this feature!! if someone steals your iPhone, they have access to your email/contacts/notes/apps and much more!! with this feature you could login to your iPhone and wipe it clean and or check GPS location via the Maps function... meaning, if you loose your iphone, YOU CAN KNOW WHERE IT IS!!!

Not to mention my iphone actually has remote access to my home computer via SSH/VNC tunnel, and the password is saved within Jaadu (that reminds me, anyone know of a cydia app that will do the same as jaadu?). So i definitely want to know where it is via GPS or wipe it clean... But if you read my post, I was also asking if the person simply switched the sims if the command would still work.. and i think they answer is yes, so its probable this feature could have saved some peoples lives =P

Of course the most common thief would probably turn it off or take out sim, they may wait untill they get to the saftey of their house to do so... so if you install a wiper app and this command is executed at every bootup, then you can get find your phone and/or wipe it clean... i dunno about you, but i have allot on my iphone that i dont want other people to see...

Plus, this feature should open up new concepts for running servers behind the 3G restricted firewall... cheers!

Are you kidding? you could wipe your phone clean with this feature!! if someone steals your iPhone, they have access to your email/contacts/notes/apps and much more!! with this feature you could login to your iPhone and wipe it clean and or check GPS location via the Maps function... meaning, if you loose your iphone, YOU CAN KNOW WHERE IT IS!!!

Apple already beat you to it:
http://www.apple.com/mobileme/whats-new/

You can track it on a map, wipe it remotely, send messages to it if it has a lock code, etc. :)

Apple already beat you to it:
http://www.apple.com/mobileme/whats-new/

You can track it on a map, wipe it remotely, send messages to it if it has a lock code, etc. :)

And it also costs $99 a year for this feature. Great find, I never thought about using SSH this way.

And it also costs $99 a year for this feature. Great find, I never thought about using SSH this way.

Yes it does, but you can track it on a map and send message alerts to the device, both of which you cannot do with SSH. Not to mention the Push email, 20GB storage space, web hosting, etc that adds to MobileMe's value. :)

However, I suppose if you want something "quick and dirty" and cheaper, then this should work for some folks.

Yes it does, but you can track it on a map and send message alerts to the device, both of which you cannot do with SSH. Not to mention the Push email, 20GB storage space, web hosting, etc that adds to MobileMe's value. :)

However, I suppose if you want something "quick and dirty" and cheaper, then this should work for some folks.

ok, bytethese, lets get something strait... you obviously know nothing about SSH or CLI or VNC... so please do some research before posting childish comments... so if you want to track the thief's location, you use VNC to open "maps", click the pretty little blue button and BAM! was that hard? SSH can delete files, send protocols like VNC for full access, including activating a WIPE app, and TYPING ANY MESSAGE YOU WANT TO THE thief... In fact, Im positive with JUST SSH CLI on my iPhone, I can do more than mobile me ever could using a bunch of random servers... people... dont listen to bytethese anymore... i have lost respect for him in a matter of 2 posts...lol

as far as the push email... this is free with a gmail or yahoo account (one is fetch but big wup), and the 20gb of space?! r u kidding? flash drives people... why would you want your personal data on an external server unless its for a business... "web hosting" lol, what do you know about web hosting friend? host your own server or find a FREE one and use apache (free)... Mac = Unix, Unix kinda ='s Linux, Linux = Free, OPEN SOURCE BSD!! why would anyone pay to do things unless they dont know how to do them by themselves... which is easy to learn...

srry for the rant... but people who advertise that kind of proprietary crap (mobile me) bugz the hell out of me!

LOL, "cheaper"?!? try FREE! lol... "dirty" lol... dirty is using some feature that relys on 3rd party servers and applications to work... this is a brute server set up by YOU and YOUR computer, no one els is involved... this is the only "clean" method of doing this... dont hate because u didnt think of it... or dont understand how it works... =P

this is brilliant people!!!

Lets get it known so that an app can be designed based on this technology to boot up with the iphone and create the tunnel every time its turned on...

PS: I beleive if the tunnel is not in use it will not drain the battery (which already is weak) =P

ok, bytethese, lets get something strait... you obviously know nothing about SSH or CLI or VNC... so please do some research before posting childish comments... so if you want to track the thief's location, you use VNC to open "maps", click the pretty little blue button and BAM! was that hard? SSH can delete files, send protocols like VNC for full access, including activating a WIPE app, and TYPING ANY MESSAGE YOU WANT TO THE thief... In fact, Im positive with JUST SSH CLI on my iPhone, I can do more than mobile me ever could using a bunch of random servers... people... dont listen to bytethese anymore... i have lost respect for him in a matter of 2 posts...lol
Excuse me? I'm simply pointing out that MobileMe already does this and does it well. Not sure how that is childish but ok.

So in your example, the thief sees what you are doing on the phone while they try to use it? So they turn it off and format before they get home. Apple's way, thief doesn't know you are tracking them unless you send them a message alert stating so.

You don't have to listen to me, I'm just a grad student in Forensic Computing specializing in iPhone forensics and have been around these formus for a few years. Listen to whomever you like. *shrugs*

as far as the push email... this is free with a gmail or yahoo account (one is fetch but big wup), and the 20gb of space?! r u kidding? flash drives people... why would you want your personal data on an external server unless its for a business... "web hosting" lol, what do you know about web hosting friend? host your own server or find a FREE one and use apache (free)... Mac = Unix, Unix kinda ='s Linux, Linux = Free, OPEN SOURCE BSD!! why would anyone pay to do things unless they dont know how to do them by themselves... which is easy to learn...
You are barking up the wrong tree my friend. I own several .com's and know how to host a page on a home box. It was too time consuming to keep up with. Unless of course you do not check your logs, know what you are doing, etc. I can't run a website off a flash drive there so that's where the 20GB comes from...

You also have it backwards, Linux kinda = Unix. BSD is a Unix kernel, not a Linux kernel. Mac is built on BSD.

srry for the rant... but people who advertise that kind of proprietary crap (mobile me) bugz the hell out of me!

LOL, "cheaper"?!? try FREE! lol... "dirty" lol... dirty is using some feature that relys on 3rd party servers and applications to work... this is a brute server set up by YOU and YOUR computer, no one els is involved... this is the only "clean" method of doing this... dont hate because u didnt think of it... or dont understand how it works... =P
See above.

this is brilliant people!!!

Lets get it known so that an app can be designed based on this technology to boot up with the iphone and create the tunnel every time its turned on...

PS: I beleive if the tunnel is not in use it will not drain the battery (which already is weak) =P

Sorry for the rant, but people who know not what they speak of annoy the ever living crap out of me. :) Can an app be created? Sure, possibly someone will and I'd definitely check it out if available.

Excuse me? I'm simply pointing out that MobileMe already does this and does it well. Not sure how that is childish but ok.

So in your example, the thief sees what you are doing on the phone while they try to use it? So they turn it off and format before they get home. Apple's way, thief doesn't know you are tracking them unless you send them a message alert stating so.

You don't have to listen to me, I'm just a grad student in Forensic Computing specializing in iPhone forensics and have been around these formus for a few years. Listen to whomever you like. *shrugs*


You are barking up the wrong tree my friend. I own several .com's and know how to host a page on a home box. It was too time consuming to keep up with. Unless of course you do not check your logs, know what you are doing, etc. I can't run a website off a flash drive there so that's where the 20GB comes from...

You also have it backwards, Linux kinda = Unix. BSD is a Unix kernel, not a Linux kernel. Mac is built on BSD.



Sorry for the rant, but people who know not what they speak of annoy the ever living crap out of me. :) Can an app be created? Sure, possibly someone will and I'd definitely check it out if available.


OK, what you SAID was "both of which you cannot do with SSH." which you can do with SSH using any protocol of your choice... your statement clearly implied that this method could NOT do what MobileMe could do... this is incorrect, so i corrected you... just take it like a champ... reply with maybe something like "what I meant to say" or "what I should have said" and then continue with the fact that one costs money, and one is free...

lol, i dont care how much u know about servers, if you think you need to pay 100 bux a year for 20 gb of webspace than go right ahead... lol... as long as you know your previous post said something that was not true about the given method... lol... what i care about is people who try to promote a product when it can be done for free...

OK, what you SAID was " both of which you cannot do with SSH." which you can do with SSH using any protocol of your choice... so i will continue to read...

Correct, and you cannot. The method you described differs in implementation. :)

Correct, and you cannot. The method you described differs in implementation. :)

NO it doesnt... are u fricken insane?

SSH Protocol allows for the two things you stated... send a message (via more means than mobile me can) and use a SSH tunnel of a new protocol within the SAME tunnel to access the screen... which MOBILE ME cannot do... give it up bro, its ok, u were wrong, i wont tell anyone els lol...

plus you can wipe only the files you want to wipe clean... when mobile me requires full wipe... i dunno how that would be useful but hey, its more control...

Go ahead and keep buying applecare for support and mobile me for remote login... spending money on features that are less secure due to their nature... like people using MobileMe fore remote login to their computers... when you could simply host an SSH server and allow access for VNC only from localhost 127.0.0.1... also of course changing default ports for both protocols and only forwarding those TCP to those non-default ports... running a firewall and allowing only certain IP's and IP ranges... obviously one is more time consuming, but once implemented, its safer and more reliable... and I dont think there is much debate over that.

But ya know what, if time is what your concerned about (which you mentioned earlier) then why even jailbreak your iPhone?...lol just pay for all your apps and just pay for everything... including the breath your wasting...

NO it doesnt... are u fricken insane?

SSH Protocol allows for the two things you stated... send a message (via more means than mobile me can) and use a SSH tunnel of a new protocol within the SAME tunnel to access the screen... which MOBILE ME cannot do... give it up bro, its ok, u were wrong, i wont tell anyone els lol...

plus you can wipe only the files you want to wipe clean... when mobile me requires full wipe... i dunno how that would be useful but hey, its more control...

Go ahead and keep buying applecare for support and mobile me for remote login... spending money on features that are less secure due to their nature... like people using MobileMe fore remote login to their computers... when you could simply host an SSH server and allow access for VNC only from localhost 127.0.0.1... also of course changing default ports for both protocols and only forwarding those TCP to those non-default ports... running a firewall and allowing only certain IP's and IP ranges... obviously one is more time consuming, but once implemented, its safer and more reliable... and I dont think there is much debate over that.

But ya know what, if time is what your concerned about (which you mentioned earlier) then why even jailbreak your iPhone?...lol just pay for all your apps and just pay for everything... including the breath your wasting...

*sigh* You must be a teenager or not a native English speaker. if it's the later, I apologize.

Yes, your idea is different. Like I said, the thief would see you moving things around and changing menus on your iPhone phone when you connected via VNC (which you may not even be able to do since AT&T may block inbound VNC requests anyway). Speaking of secure, you know that VNC is not encrypted correct?

It's ok to be wrong, you are young and we will understand. As for only erasing a few files, trust me, you want to delete everything. I'm assuming you've never performed a live forensic recovery on the iPhone's file system and recovered deleted files? You do know that the iPhone takes a screenshot when you close apps correct? Thus is you just happened to log into your bank account, I could recover those .jpg's and piece together information. But I also assume you know that the keyboard cache can be recovered as well and that I could potentially have usernames and passwords to use combined with that data I just pieced together.

Please don't assume other items as well, it only makes an ass out of you. :) I have never purchased AppleCare nor would I ever need it. If I needed it, I wouldn't have much of a job presently.

Why would I jailbreak my phone? Many reasons, some of which seemed to have been lost on you. You need to jailbreak to forensically analyze the device for one. Another is to theme my phone and make custom sounds/tones. But hey, to each their own.

Is your idea a good one? Sure! Is your logic sound? Hardly.

*sigh* You must be a teenager or not a native English speaker. if it's the later, I apologize.

Yes, your idea is different. Like I said, the thief would see you moving things around and changing menus on your iPhone phone when you connected via VNC (which you may not even be able to do since AT&T may block inbound VNC requests anyway). Speaking of secure, you know that VNC is not encrypted correct?

It's ok to be wrong, you are young and we will understand. As for only erasing a few files, trust me, you want to delete everything. I'm assuming you've never performed a live forensic recovery on the iPhone's file system and recovered deleted files? You do know that the iPhone takes a screenshot when you close apps correct? Thus is you just happened to log into your bank account, I could recover those .jpg's and piece together information. But I also assume you know that the keyboard cache can be recovered as well and that I could potentially have usernames and passwords to use combined with that data I just pieced together.

Please don't assume other items as well, it only makes an ass out of you. :) I have never purchased AppleCare nor would I ever need it. If I needed it, I wouldn't have much of a job presently.

Why would I jailbreak my phone? Many reasons, some of which seemed to have been lost on you. You need to jailbreak to forensically analyze the device for one. Another is to theme my phone and make custom sounds/tones. But hey, to each their own.

Is your idea a good one? Sure! Is your logic sound? Hardly.

dude... ur retarded... i tested it... of course it blocks VNC and any other ports like SSH or anything... THATS WHY YOU CREATE THE REVERSE TUNNEL, thats why this idea is so brilliant... ur just lonely i guess and want to debate it... TESTED IT AND WORKS FINE...

o ya, and of course the theif will see you clicking... but the odds that its not in his pocket are slim... but keep coming up with comments that dont relate to the true ability of this connection... and other protocols which this reverse connection could take advatage of... of course you will have to jailbreak your phone (u know what that is right? lol) so that you can download and run a VNC server... this means you could RUN ANY SERVER YOU WANT as long as you tunnel to the remote computer before trying to connect to the computers localhost...


LOL OF course VNC is not encrypted you retard!! THATS WHY YOU FORWARD THROUGH THE SSH TUNNEL SO IT IS ENCRYPTED... have u ever used a network before? DO SOME RESEARCH... my LOGIC IS TESTED AND IT WORKS... YOUR MAKING comments that do not relate to the original statement.. which was... you saw no need to do this because mobileme allready does it, and then claimed that this method does not work... IT IS SECURE, IT IS ENCRYPTED.. god ANYTHING YOU PUT THROUGH AN SSH TUNNEL GETS ENCRYPTED... in fact, i use private keys with PW so my buddies can connect if the need to (dont like giving out my pw)..

I do know alot about networks, you obviously might know more about ferenzics and spelling... but other than that, it seems your knowledge of the way SSH/tunnels/firewalls/networks work is minimal... so please feel free to do some research after u embarrass yourself

I SAID IN MY COMMENT... that you COULD individually delete files you wanted to get rid of... I continued to say that this shows more control but is not necessarily what you would want to do... but keep correcting my spelling... at least you can pretend to know one language

as for jailbreaking the iphone... there are many reasons, yes, but my "joke" referred to the fact you like to save time and are willing to pay for stupid crap that can be done manually... but keep it up! i love talking about stuff that has nothing to do with the original point.

but ya know what, keep drifting from the original point... which was that you claim my method cannot work and does not have the capability of messaging/finding location/wiping clean... which you can still admit was incorrect... o no, you cant, because your one of those people who just doesn't care what other people think... and im proud of you, you have grown into a being who can make himself believe lies, even if the evidence is right in front of his face... i wish i could do that!

I am not trying to be smart, im trying to provide correct information to the people reading this breakthrough in 3G ability... but please feel free to think its an attack at your intelligence... THIS METHOD WORKS PEOPLE, AND ITS FREE, AND ITS SAFE, O YA, DID I MENTION FREE


OK, i need to be clear, this method works, and is tested, this guy is sending me Private messages stating mobileterminal.app cannot create these connections and that it is impossible... but please dont take my word for it... set up a quick ssh server on your computer, and try it out for yourself... this opens new doors for servers being actually ran on the iPhone's 3G network no matter where it goes...

PS: see this thread about why the iPhone takes screen shots without user's consent every time the home button is hit the home button, NOT when you "close apps"... for no other reason other than to use the fade effect... and my way does support wiping those cache as well... retard

http://www.screencapturenews.com/2008/09/29/apple-iphone-takes-screenshots-without-user-consent/

dude... ur retarded... i tested it... of course it blocks VNC and any other ports like SSH or anything... THATS WHY YOU CREATE THE REVERSE TUNNEL, thats why this idea is so brilliant... ur just lonely i guess and want to debate it... TESTED IT AND WORKS FINE...

o ya, and of course the theif will see you clicking... but the odds that its not in his pocket are slim... but keep coming up with comments that dont relate to the true ability of this connection... and other protocols which this reverse connection could take advatage of... of course you will have to jailbreak your phone (u know what that is right? lol) so that you can download and run a VNC server... this means you could RUN ANY SERVER YOU WANT as long as you tunnel to the remote computer before trying to connect to the computers localhost...


LOL OF course VNC is not encrypted you retard!! THATS WHY YOU FORWARD THROUGH THE SSH TUNNEL SO IT IS ENCRYPTED... have u ever used a network before? DO SOME RESEARCH... my LOGIC IS TESTED AND IT WORKS... YOUR MAKING comments that do not relate to the original statement.. which was... you saw no need to do this because mobileme allready does it, and then claimed that this method does not work... IT IS SECURE, IT IS ENCRYPTED.. god ANYTHING YOU PUT THROUGH AN SSH TUNNEL GETS ENCRYPTED... in fact, i use private keys with PW so my buddies can connect if the need to (dont like giving out my pw)..

I do know alot about networks, you obviously might know more about ferenzics and spelling... but other than that, it seems your knowledge of the way SSH/tunnels/firewalls/networks work is minimal... so please feel free to do some research after u embarrass yourself

I SAID IN MY COMMENT... that you COULD individually delete files you wanted to get rid of... I continued to say that this shows more control but is not necessarily what you would want to do... but keep correcting my spelling... at least you can pretend to know one language

as for jailbreaking the iphone... there are many reasons, yes, but my "joke" referred to the fact you like to save time and are willing to pay for stupid crap that can be done manually... but keep it up! i love talking about stuff that has nothing to do with the original point.

but ya know what, keep drifting from the original point... which was that you claim my method cannot work and does not have the capability of messaging/finding location/wiping clean... which you can still admit was incorrect... o no, you cant, because your one of those people who just doesn't care what other people think... and im proud of you, you have grown into a being who can make himself believe lies, even if the evidence is right in front of his face... i wish i could do that!

I am not trying to be smart, im trying to provide correct information to the people reading this breakthrough in 3G ability... but please feel free to think its an attack at your intelligence... THIS METHOD WORKS PEOPLE, AND ITS FREE, AND ITS SAFE, O YA, DID I MENTION FREE


OK, i need to be clear, this method works, and is tested, this guy is sending me Private messages stating mobileterminal.app cannot create these connections and that it is impossible... but please dont take my word for it... set up a quick ssh server on your computer, and try it out for yourself... this opens new doors for servers being actually ran on the iPhone's 3G network no matter where it goes...

.
.

It's at this point in the "conversation" that I recommend the following information:
http://tinyurl.com/bxo6sd

It's at this point in the "conversation" that I recommend the following information:
http://tinyurl.com/bxo6sd

agreed... but please do not comment on this method "not working" or "not worth it" if you have not tested it even if you think you know... please and thank you...

if anyone needs help setting this up let me know, otherwise, please someone who has connections tell someone special about this to make an app for even the most novice of a user to use... if that made any sense.

NOTE: The way people should login to their computers includes one forwarded port (if you have a router) to a non-default SSH port/server. Once this is set, you can now launch any VNC server application (system preferably) on a non-default port. DO NOT FORWARD THE VNC PORT, VNC IS NOT ENCRYPTED, so you will need to tunnel the VNC port through your SSH when connecting to it... then use your non-hosted (remote) computer to create the tunnel within terminal (or putty or watever) and forward your VNC port to any LOCALHOST port ex: 1201:127.0.0.1:(vncPort). This method is the same used in this demonstration, except it is being reversed, allowing only the connected SSH server to have access to any of the forwarded iPhone ports... Reverse SSH tunnels have been used for a very long time to bypass a routers/firewalls, this includes the iPhone's 3G network and or routing system... like if ya wanted to help a friend or sibling (by remote control) that doesn't know what a router is =P, just have them enter that reverse command in the terminal with your IP/Username/port/password/key... unless your the guy above me, in which case just give up, because he likes to believe fictional things like star wars... i feel his pain...

That reminds me, does anyone know how to change the default listening ports for SSH (openSSH) or VNC (Veency) on the iPhone?

NOTE2: o ya, and you can use the terminal to connect to an ssh and forward you VNC connection on your home computer to your iphone's localhost (just tested)... so ya dont have to purchase Jaadu to have SSH/VNC compatibility... instead just save the command within mobileterminal.app... genius!

Wow. Has the OP forgotten to take his medicine today?

Wow. Has the OP forgotten to take his medicine today?

only way i could think up this junk... lol

Some sites that may help me understand how to add a command or app to iPhone bootup:

http://forums.ilounge.com/showthread.php?t=223380


http://www.ehmac.ca/mac-ipod-help-troubleshooting/69768-launchd-created-plist-not-working.html


http://www.modmyi.com/forums/file-mods/265121-autostart-launchd.html


http://forums.macrumors.com/showthread.php?t=736096



IF anyone thinks they know enough about scripting (all i know is do shell script ""lol) to tap on this please feel free to post or email me michael_withe21@hotmail.com

HERE IS WHAT I HAVE SO FAR:


I am going to test it via switching from Edge to 3G and back, if the tunnel stays connected during session and after the switch (IP's are different)... than it should only be run once, and if the user wishes to attempt a new connection, it should be sourced by a different port than the original (in this case its 1201,1202, and so on..). NOTE: Ports under 1200 (guessing) requires root privileges from the server's end, and require a vulnerability to use. IE... dont use anything below =).

I have written a script for the iPhone that can be ran with a SSH no-password dsa key. Without keys, the iPhone holder would be prompted for SSH password every time the iPhone was launched. An app called iTerm.app can generate public keys already...

I have always used: do shell script commands for everything i needed. this script was tested on a mac assuming a flash drive named "secure" contains a dsa key, and that key is copied into the ~/.ssh folder.


NOTE:

Ignore the ( )s and replace the entire object.

example:

-p (sshListening#) (User\ Name)@(RemoteComputersshIP/Domain)

should look like:

-p 3000 John\ Doe@76.99.000.00

NOTICE THE \, use it if you have a space in your user name (Admin's):





Start Script----

do shell script "mkdir -p ~/.ssh"
do shell script "cp -r /volumes/id_dsa ~/.ssh"
do shell script "chmod 700 ~/.ssh"
do shell script "chmod 600 ~/.ssh/id_dsa"
do shell script "ssh -p (sshListening#) (User\ Name)@(RemoteComputersshIP/Domain) -f -N -R 1201:localhost:5900 &> /dev/null &"
do shell script "ssh -p (sshListening#) (User\ Name)@(RemoteComputersshIP/Domain) -f -N -R 1202:localhost:22 &> /dev/null &"
do shell script "ssh -p (sshListening#) (User\ Name)@(RemoteComputersshIP/Domain) -f -N -R 1203:localhost:548 &> /dev/null &"


End Script-----




for those curious:
the -f runs in the background or something =P
the -N does something with not showing the terminal while running the shell command or something
the &> /dev/null &" was the only way i could get No Password keys to work with a script without prompting.

This same script can be saved as a .app (bundle so as to hold the keys generated) or a .command within applescrit... so can you guys make an app with just this script? ie. put it into the boot up some how of the iphone!!!

I usually use the startup folders and launch daemons for my mac to add a .command file or an .app to the startup with the right chmod's... i hope the iphone has something similar.

almost there... i still need help!! email me michael_withe21@hotmail.com

I'm getting:
"Warning: remote port forwarding failed for listen port 1201"

(after i have successfully logged on SSH to my desktop)

Im deff subscribing.

Yes mobile me is 99 a year which sucks balls but if your able to remotely control it.

You can find out where its located.

Therre are a few programs plus you can always use the maps app, then click the blue GPS to pinpoint where your at and viola you know where your phone is.

Correct me if I'm wrong but surely SSH/Veency/MobileMe cannot work if the phone is on standby?
The whole point in knowing where your phone is.

Also lol @ this entire thread.

Good info though, I used Veency for a short period but found it waaay to slow.

Correct me if I'm wrong but surely SSH/Veency/MobileMe cannot work if the phone is on standby?
The whole point in knowing where your phone is.

Also lol @ this entire thread.

Good info though, I used Veency for a short period but found it waaay to slow.

Not to mention you have to have a signal for either to work, right?

So assuming the thief doesn't just pull out the sim card, disable the find a phone in settings, or ya know with AT&T go inside somewhere, then this would work. right? :D

I'm getting:
"Warning: remote port forwarding failed for listen port 1201"

(after i have successfully logged on SSH to my desktop)

NOTE: make sure to run your computer SSH server on something other than 22 (because this is the port you are forwarding from the iPhone) ie. I dont think you can forward you SSH port if its what is being used for the tunnel... Ex. ssh -p 22 User@IP -R 1201:localhost:22 THE -p 22 SHOULD NOT BE USED, see this method of changing your SSH listening port for Mac OSX, if you are using Cygwin and i can let you know how to change as well:

http://rhodzy.co.uk/archives/305

If you feel your server is running up to par (see above), its probably caused by Veency or Open_ssh not running (or not running properly) on the iPhone... So restart both computer and iPhone, make sure Veency and open_ssh is installed properly (reinstall and restart)... Then try the commands one more time... (make sure to turn off auto-lock)

Were you trying to forward 5900 (VNC) or 22 (SSH)? NOTE: Do not use 127.0.0.1 for lcoalhost, use "localhost".

Ex:

-R 1201:localhost:5900
-R 1202:localhost:22


As for the other comments, your right, you cannot ssh into your iphone while it is "locked", but there are applications that will bypass this feature and allow you to still lock your phone while the OUTGOING ssh connection is still maintained... which will further more allow the VNC to connect via the reverse tunnel.

As far as I know, MobileMe does not support "controlling" your iPhone in the way that Veency allows... but has many other features that may benefit a lazy person =P.

Also, I realize that Veency CURRENTLY prompts users before the VNC connection through the tunnel can be established. But I believe that this is ONLY because it does not currently support passwords... as soon as saurik gets around to it... it should no longer be required, just like open_ssh

So im assuming this app would bypass the ssh sleep feature (somehow), and allow the user to unlock the screen via the VNC session.

NOTE: make sure to run your computer SSH server on something other than 22 (because this is the port you are forwarding from the iPhone) ie. I dont think you can forward you SSH port if its what is being used for the tunnel... Ex. ssh -p 22 User@IP -R 1201:localhost:22 THE -p 22 SHOULD NOT BE USED, see this method of changing your SSH listening port for Mac OSX, if you are using Cygwin and i can let you know how to change as well:

http://rhodzy.co.uk/archives/305

If you feel your server is running up to par (see above), its probably caused by Veency or Open_ssh not running (or not running properly) on the iPhone... So restart both computer and iPhone, make sure Veency and open_ssh is installed properly (reinstall and restart)... Then try the commands one more time... (make sure to turn off auto-lock)

Were you trying to forward 5900 (VNC) or 22 (SSH)? NOTE: Do not use 127.0.0.1 for lcoalhost, use "localhost".

Ex:

-R 1201:localhost:5900
-R 1202:localhost:22


Thanks for your reply! I am very interested in trying to get this in working order. I'm actually running a FreeSSHd on my Windows XP. I have the listening port set to 23. I am logging onto my desktop with no problems, except for this error: ""Warning: remote port forwarding failed for listen port 1201""

The command I used on my MobileTerminal is:
ssh -p 23 lintrix@***.***.***.*** -R 1201:localhost:22 (*** representing my home IP address)

I am only trying to reverse tunnel SSH and not VNC yet (since Saurik's VNC program isn't working so hot with the 3GS)

Not sure why my phone is having trouble setting up a forwarding.

Thanks for your reply! I am very interested in trying to get this in working order. I'm actually running a FreeSSHd on my Windows XP. I have the listening port set to 23. I am logging onto my desktop with no problems, except for this error: ""Warning: remote port forwarding failed for listen port 1201""

The command I used on my MobileTerminal is:
ssh -p 23 lintrix@***.***.***.*** -R 1201:localhost:22 (*** representing my home IP address)

I am only trying to reverse tunnel SSH and not VNC yet (since Saurik's VNC program isn't working so hot with the 3GS)

Not sure why my phone is having trouble setting up a forwarding.

First, change your listening port (ssh) to something above 1201 like 5000, this will allow non-root administration.

Ok, well I would prefer if you ran a Unix system ie mac linux... but if you cant... please learn/run cygwin (which is a full cli interface)

The problem with windows, is the loopback adapter needs to be created first before you can "tunnel" anything... i will try to provide links that influenced me in the right direction to do this:

http://davedotnet.blogspot.com/2006/06/installing-loopback-adaptor-in-windows.html

http://www.inkompetent.de/knowledge_base/software/vnc_loop_back.html

http://pigtail.net/LRP/printsrv/tunnel-smb.html

You will have to sift through everything and make sure to do your own google research regarding "SSH" and "Windows loopback adapter"

Windows = winblows =P

If you believe you have properly created a loopback adapter for localhost (which may not be 127.0.0.1).. and still are having problems, contact me via michael_withe21@hotmail.com

First, change your listening port (ssh) to something above 1201 like 5000, this will allow non-root administration.

I've tried to make the ssh port and tried to forward to 5002, which came up with the same error, failed to open port.


Ok, well I would prefer if you ran a Unix system ie mac linux... but if you cant... please learn/run cygwin (which is a full cli interface)

Thanks, i will install this tonight. Its a pretty big download if i install the whole package =P


You will have to sift through everything and make sure to do your own google research regarding "SSH" and "Windows loopback adapter"

Windows = winblows =P

If you believe you have properly created a loopback adapter for localhost (which may not be 127.0.0.1).. and still are having problems, contact me via michael_withe21@hotmail.com
Hm... the freeSSHd service actually has a "tunneling" service. I'm not sure what exactly it does but i highly doubt it creates any kind of loopback device drivers for windows. I'll play around with it for awhile.

UPDATE: So through testing...

The tunnel stays connected no matter where the phone goes, AND EVEN WHEN YOU LOCK THE PHONE!!!

just like when you SSH into your phone, when you lock your screen, the ssh is unable to work, BUT, the path is still there and the connection is stable.... meaning, this command only needs to be ran ONCE!!! If the user unlocks the iphone, all you have to do is connect... BUT WITHOUT HIM UNLOCKING IT... this is what happens...

Once the tunnel is created from terminal, the iPhone CAN be locked, when the remote user tries to connect to the iPhone via cotvnc or jolly, it will prompt the locked iPhone user to accept or deny, if accept is hit, the remote user can slide the bar to unlock...

SO, whenever saurik gets around to allowing passwords with Veency, it should no longer ask for iPhone holders permission to connect remotely... allowing for remote connection to your iPhone no matter who has it or where he is...

GET THIS KNOWN PEOPLE!!! THIS MEANS WE CAN RUN SERVERS TO ONLY SPECIFIC REMOTE USERS (Our home/work computers)!!!

Double posted my update.. you cant "delete" a post you made?!?!? you can only "edit" it?? no way, gatta be a way =P

I still can't my iPhone to open a remote port, but you'll be happy to hear, Michael, that Saurik has updated Veency to work great with 3GS.

Would you be able to access the iPhone camera as well? That would be neat.

Update:

Well I have some progress now. As you may know, i am running Windows XP, and apparently freeSSHd isn't very good for this so i installed Cygwin & openSSH.

I no longer get could not open remote port, however i get this error when trying to connect with command:

$ ssh -p 1201 localhost
ssh_exchange_identification: Connection closed by remote host

and on MobileTerminal i get this when it happens:
connect_to localhost: unknown host (nodename nor servname provided, or not known)


HOWEVER: VNC/Veency DOES work! Although extremely slow and i have to accept connection from "127.0.0.1" on the iPhone, it works. ( for a limited time )

After awhile i get an error:

$ Write failed: Operation not permitted

and both the VNC and SSH connection are terminated.

Would you be able to access the iPhone camera as well? That would be neat.

Technically you can do anything because you have administrator access to your phone at your fingertips.

As of right now the only tools available right now for that is to connect to your phone via VNC/Veency and choose Camera.

Update:

Well I have some progress now. As you may know, i am running Windows XP, and apparently freeSSHd isn't very good for this so i installed Cygwin & openSSH.

I no longer get could not open remote port, however i get this error when trying to connect with command:

$ ssh -p 1201 localhost
ssh_exchange_identification: Connection closed by remote host

and on MobileTerminal i get this when it happens:
connect_to localhost: unknown host (nodename nor servname provided, or not known)


HOWEVER: VNC/Veency DOES work! Although extremely slow and i have to accept connection from "127.0.0.1" on the iPhone, it works. ( for a limited time )

After awhile i get an error:

$ Write failed: Operation not permitted

and both the VNC and SSH connection are terminated.


first, make sure you are logged in as "root" (login root) on your iphone when giving commands, also make sure you are admin on the remote computer...

are you using DSA/RSA keys or passwords for ssh?

The "accept connection" feature will be disabled when veency supports passwords.

VNC allows you to connect to the camera, it allows you to connect to anything, but if the thief is looking at the screen, he will see the same as the VNC remote.

Still working it out guys... but the connection seems to maintain, the only draw back seems to be located in the veency application, which is requiring permission every session created... but the TUNNEL is remaining, and the ssh allows VNC to tunnel through!

UPDATE:

I applied DSA keys, ran the script, and now a .command file can be launched from the iPhone's terminal to start SSH tunnel to computer...

I will be posting a youtube video demonstrating some of it very soon!

I demonstrated controlling your iphone over 3G internet on this video on youtube:

http://www.youtube.com/watch?v=2bxBr5ARrjA

hopefully bugz will be out soon!

btw Michael, its working for me now. abeit extremely slow at times.

Quick question though, wouldn't the "thief" technically be able to operate on your home computer under your username if you did this?

I demonstrated controlling your iphone over 3G internet on this video on youtube:

http://www.youtube.com/watch?v=2bxBr5ARrjA

hopefully bugz will be out soon!

You could edit out a lot of things from your video and make it 2 minutes :p

:cool: ;)

btw Michael, its working for me now. abeit extremely slow at times.

Quick question though, wouldn't the "thief" technically be able to operate on your home computer under your username if you did this?


IF you use the command that i gave (just -R), yes, if the theif opens up the mobileterminal app and sees that it is still logged into your computer... BUT

I used -R for testing reasons... Once you know it works, USE THIS COMMAND TO RUN IN BACKGROUND

ssh user@IP -f -N -R 1201:localhost:5900

ANYONE KNOW if you can use -fNR instead of -f -N -R?

This command does not show your computer's information, nor does it stay "logged in"... NOTE: it does show your computers ssh banner if you have one... BTW: I am currently using DSA ssh Keys (back and forward) with an SSH banner, the sshd_config file seams to be working flawlessly... NOTE: still unable to change iphone's default SSH listening port... hmm gatta do some research.

You could edit out a lot of things from your video and make it 2 minutes :p

:cool: ;)

hey man, im just a network IT guy, not a director =P

updated youtube video, fixed lock screen glitch... but still waiting for veency to support passwords

http://www.youtube.com/watch?v=4sBInVH6ND0

hey man, im just a network IT guy, not a director =P

I look forward to easy instructions as the bugs get worked out with the password and whatnot :cool:

thanks for this :)

I look forward to easy instructions as the bugs get worked out with the password and whatnot :cool:

thanks for this :)

i know! i wish i could do the same =P

Michael do u think u cud help me...? I tried making the tunnel wit mobileterminal. I logged into root and typed in
ssh -p 5900 Owner@**.***.***.*** -R 5002: localhost: 23

But it keeps telling me "Bad Remote Forewarding Specification"

I've googled trying to figure out how to fix this but haven't found anything yet.

Any help you cud give me wud be greatly be appreciated...i saw ur videos and it looks like it cud be REALLY useful! One thing that wud help too is if u cud make a video explaining how to set up the tunnel and how to get it working...it wud prolly make this process ten times easier seeing it done.

Thanks,

Michael do u think u cud help me...? I tried making the tunnel wit mobileterminal. I logged into root and typed in
ssh -p 5900 Owner@**.***.***.*** -R 5002: localhost: 23

But it keeps telling me "Bad Remote Forewarding Specification"

I've googled trying to figure out how to fix this but haven't found anything yet.

Any help you cud give me wud be greatly be appreciated...i saw ur videos and it looks like it cud be REALLY useful! One thing that wud help too is if u cud make a video explaining how to set up the tunnel and how to get it working...it wud prolly make this process ten times easier seeing it done.

Thanks,

the only reason i didnt make a video with those instructions is because it would show my IP address, so instead i just put the command in the background...

I have to assume you are jailbroken, you have Veency and openSSH installed on your iphone...

YOUR command has many errors... the most obvious being the spaces before and after the localhost, here are the correct commands

Command for forwarding iPhone's VNC server to an SSH server on port 22 (this port 22 can remain default for VNC ONLY):

ssh -p 22 Owner@IPAddress -f -N -R 1201:localhost:5900

THE -f -N will make the reverse connection stay connected (warning, using -f -N will require full restarts on both ends to kill connection) 1201 being the port on your computers localhost and 5900 being the iphone's VNC server that is being forwarded

Command for forwarding iPhone's SSH to an SSH server on port 2222 (Setup SSH server on any other than 22 as to not require root permissions and/or conflict when forwarding same ports) NOTE: this will allow for remote SSHing to your iPhone no matter where it goes.

ssh -p 2222 OwnerIPAddress -f -N -R 1202:localhost:22

1201 being the port you will ssh into on your computers localhost.


Once tunnels are created, use these to connect your computer to its localhost:

Open a VNC Client and use this information

VNC IP: localhost or 127.0.0.1
VNC Port: 1201
VNC Password: (Blank)

Open Terminal and enter this command to ssh to the iPhone:

ssh -p 1202 root@localhost


Hope this helps!

Thank you for replying! And soo quickly too!! =D

So i logged into root.
Then i typed in the first command you gave me:
ssh -p 22 Owner@**.***.***.*** -f -N -R 1201:local host:5900

And it came back with a message saying:
"connect to host on (my i.p address) port 22: connection refused"

I dont really know what this means...or if its going to require me to do something else. (sorry..these questions probably sound really stupid to you)

I'm waiting to typing in the second command you gave me. I'm not sure if it will work properly without the first one, so I don't know how that one will turn out.

Thank you SOOOO much,

Well, I have to say the concept is pretty smart.
But did you think about the consequences?
By setting-up a SSH session to your server / PC you are giving the THIEF ACCESS TO YOUR PC!
Only thing he has to do is start the terminal app and he's on YOUR MACHINE! He can then install some keyloggers, spyware or whatever!

Please be wise, and close or delete this thread. The concept is smart, but it has not been thought over well enough and is NOT SAFE

Well, I have to say the concept is pretty smart.
But did you think about the consequences?
By setting-up a SSH session to your server / PC you are giving the THIEF ACCESS TO YOUR PC!
Only thing he has to do is start the terminal app and he's on YOUR MACHINE! He can then install some keyloggers, spyware or whatever!

Please be wise, and close or delete this thread. The concept is smart, but it has not been thought over well enough and is NOT SAFE

yeah... except you cant just install stuff on os x with out your password, and since he isnt logged into terminal as sh then there is no real worry..

Well, I have to say the concept is pretty smart.
But did you think about the consequences?
By setting-up a SSH session to your server / PC you are giving the THIEF ACCESS TO YOUR PC!
Only thing he has to do is start the terminal app and he's on YOUR MACHINE! He can then install some keyloggers, spyware or whatever!

Please be wise, and close or delete this thread. The concept is smart, but it has not been thought over well enough and is NOT SAFE

Please be wise and NEVER ask n e 1 to DELETE/CLOSE their post, especially if you are half retarded.


The Tunnel Command I show above DOES NOT ALLOW THE THEIF TO LOGIN TO YOUR SSH, IT RUNS IT IN THE BACKGROUND OFF OF ROOT... so the theif would need your IP/sshpassword/rootpassword and so on to access your home server... If the theif opens up terminal, he will see the same thing as n e one's iphone... test method before claiming something people! =P

SSH servers are one of the MOST secure "servers" that you can run to remotely access your home computer. I have used an SSH server on my home computer using a non-default port, DSA keys with pass-phrases (which is really paranoid), A firewall only allowing ATT and other IP addresses.

Running any server on your computer is "less secure", so unless your a CEO of a billion dollar corporation, keep it on a default port with a password. Computer security relies on the user not the computer, dont hand your passwords out, and set up your SSH server on a non-default port and you will be fine...

For the SUPER PARANOID with Router's and Firewalls:


Setup SSH on port above 50000 (thwarts basic port scanners), forward ONLY that port to ONLY a single internal IP

ONLY Allow ONE account (admin or not) to have access to this server (this can be done through mac/systempreferences/sharing)

Create DSA Private Keys with Pass-phrases. Passworded DSA keys have never been cracked, RSA have been, but ONLY with NO-PASSWORDED keys.

Allow ONLY DSA keys (not passwords) to your server by editing the sshd_config file within private/etc

PasswordAuthentication no
#PermitEmptyPasswords no

Setup VNC server on any port above 50000, allowing ONLY access from localhost 127.0.0.1 (require loopback SSH)

ONLY Allow Certain ranges of IP's to access your server (any incoming firewall like flyingbuttress)
AT&T IP Ranges:
32.0.0.0 - 32.255.255.255
166.128.0.0 - 166.128.255.255
166.135.0.0 - 166.135.255.255
166.191.0.0 - 166.191.255.255
166.134.0.0 - 166.134.255.255
166.205.0.0 - 166.205.255.255
166.190.0.0 - 166.190.255.255


If you are not behind a router AND do not have a firewall, I would not recommend running ANY servers on your home computer. But if you are going to run one, this is by far one of the most secure servers of the world...

We are only as "safe" or "secure" as the Admin makes us, doesnt matter what OS your running, you NEED a firewall, and you NEED to change your passwords every once in a while... opening ports for torrents or other reasons leave you open... UPNP is too slow to rely on

THIS POST IS NOT DEDICATED TO DEBATING THE SECURITY OF SERVERS, IT IS HERE TO DESCUS HOW TO USE SSH into the iPHONE NO MATTER WHERE IT GOES!!

But... if you ask me, its the safest thing in the world =P

Thank you for replying! And soo quickly too!! =D

So i logged into root.
Then i typed in the first command you gave me:
ssh -p 22 Owner@**.***.***.*** -f -N -R 1201:local host:5900

And it came back with a message saying:
"connect to host on (my i.p address) port 22: connection refused"

I dont really know what this means...or if its going to require me to do something else. (sorry..these questions probably sound really stupid to you)

I'm waiting to typing in the second command you gave me. I'm not sure if it will work properly without the first one, so I don't know how that one will turn out.

Thank you SOOOO much,

First off, your command is incorrect AGAIN... please be carefull when typing it in... your command has a SPACE between localhost.... this should not be there... Also, make sure your IP address is your EXTERNAL IP, not internal... google "what is my ip" and use that IP...

So lets assume you think you did enter the correct command, the error you show states your SSH server is not running properly... DO THIS:

go into your computer's terminal, type:

ssh -p 22 User\ Name@localhost

Example: ssh -p 22 Michael\ Withe@localhost

PAY CLOSE ATTENTION TO THE \, it needs to be there LIKE THAT for spaces to work within a User Name.

Tell me what happens after you hit enter, this is a command that will check to see if you are running the server localy at all... if you are, you should be prompted for password, if you get rejected, your SSH server may not be properly set up.

Please make sure you understand SSH and running a server behind a firewall/router before attempting this.

Follow me on Twitter people for simple questions:
Twitter:
yartpb

Email:
michael_withe21@hotmail.com

NOTE: still unable to change iphone's default SSH listening port... hmm gatta do some research.

Changing the ssh port should be no different from any other linux machine...

vi /etc/ssh/sshd_config


a few lines down you will see port 22, change that to whatever you wish... voila!

I haven't tested this yet, but no reason it should not work.

Changing the ssh port should be no different from any other linux machine...

vi /etc/ssh/sshd_config


a few lines down you will see port 22, change that to whatever you wish... voila!

I haven't tested this yet, but no reason it should not work.

oh i tested it =P, was the first thing i tried =/

ya, mac requires alot more to change listening port... I changed it on the iPhone's:
Private/etc/ssh/sshd_config

rebooted my phone, and still no listening change... hmm, maybe someone els can take a shot at it...

welp, i got a project for lunch now it seems

MobileMe runs you ~$60 on amazon, or $5 a month for a pinpoint on a map showing where your phone is, remote wipe, back to my mac, etc.

MobileMe runs you ~$60 on amazon, or $5 a month for a pinpoint on a map showing where your phone is, remote wipe, back to my mac, etc.

do not advertise products on this thread... they are charging for a FEATURE that is already built-in... sounds like something windows would do =P... Manually running your own server takes advantage of the same technology that MobileMe is using to charge you a yearly fee for.

Go pay for your email two because it has a "delete" function...lol...

This method allows more than MobileMe offers, including FULL control over iPhone screen and TRUE GPS location with Terminal access, offering more options to delete and watch iphone filesystem...

Personally, i want to see what the thief does with my phone, and hopefully he will give some incriminating evidence via this connection... I can chose to shut him down at any time, by using killall commands and rm commands.

PLEASE KEEP THE TOPIC STRAIT =P

EDIT: lol, i just noticed he has a MBP, MBA, mini, iphone 3g, iphone 3g S AND ipod touch... no wonder he likes MobileMe, he buys everything apple sells =P

When 4G is out, this actually may become functional enough to use as a form of connecting to your iPhone all the time... of course if the thief is using wifi this will show realtime screen refresh with almost no lag.... but for right now, this could be implemented into an app or startup command for the iPhone and be used for very slow screen control and location awareness (assuming 3G only). Which is better than not knowing where your iphone is... IE: DONT TAKE THINGS PERSONALLY =D

After a little digging around, I have found these changes needing to be made:

1) /etc/ssh/sshd_config
-> Best to change port here (though it isnt used i guess...)
2) /Library/LaunchDaemons/com.openssh.sshd.plist
->change the service ssh to ssh2
3) /etc/services
-> add in your service ssh2 for both udp and tcp with appropriate ports


The iPhone aparently uses the Launcher Daemon to launch certain processes whenever a port is probbed. In this case, ssh is bound to 22 by the /etc/services file.
I think by changing that to invoke a different service, the phone would then use that new port. However, this seems to not quite work for me, I think i am missing one more place to change it maybe?

After a little digging around, I have found these changes needing to be made:

1) /etc/ssh/sshd_config
-> Best to change port here (though it isnt used i guess...)
2) /Library/LaunchDaemons/com.openssh.sshd.plist
->change the service ssh to ssh2
3) /etc/services
-> add in your service ssh2 for both udp and tcp with appropriate ports


The iPhone aparently uses the Launcher Daemon to launch certain processes whenever a port is probbed. In this case, ssh is bound to 22 by the /etc/services file.
I think by changing that to invoke a different service, the phone would then use that new port. However, this seems to not quite work for me, I think i am missing one more place to change it maybe?

man, i did my own "digging" and couldnt find ISH! i suck at research =P

The etc services is one of the txts needed to be picod while changing default listening port on mac ssh... hmm i will try your method, and see how many other similarities i can find with the mac vs iphone process...

know if i can get pico on my iphone? i installed some terminal utilities via cydia, but pico dont work... i could do some digging, but im too lazy... hoping someone els has already done it =P

LOL, i just typed in iphone pico and got this, but i dunno if this is after he did something more...:

Over on #iphone-shell, user Doggkruse was wondering how to get pico to work on his iPhone. Problem was that the iPhone had no terminal definitions on-board. So every time he ran pico, he got "Unknown termtype vt100" errors. For those of you curious how to fix this problem, here's the solution. On your iPhone, create the folder /usr/share/terminfo/76 and copy /usr/share/terminfo/76/vt100 from your Mac over to the iPhone. Once there, set your term environment variable to vt100. In csh, this is set term=vt100. It varies, obviously, by shell. Once this is done, you should be able to use pico in normal full-screen mode. For those of you full-screen addicts, there's now vim and pico. For the rest of us, there's ed--the editor of kings. User DrunkDwarf was nice enough to put up a copy of vt100 for Windows users here. Thanks DrunkDwarf!

PS: people should be checking "netstat" on their iphone terminal... im seeing alot of weird connections established

UPDATE: it seems if im connected to 3G then i swap to WiFi, the existing tunnel remains, but I am unable to connect. ONCE I SWITCH BACK, WITHOUT RE-EXECUTING THE COMMAND, the tunnel is still connected and allows remote access. So I tried the other way, WiFi first, execute, then switched to 3G and then activated Wifi again, Tunnel remained!! interesting!! but if the source changes and doesnt return to the IP of the original "command giver's" IP address, the command will need to be executed again:

Seems this is something that an hourly process can fix... the process could run every hour, or somehow know when the internet source changes, whether it be to wifi, 3g or edge... Before the tunnel is re-created, the old "tunnel" would have to be closed via terminal/command, assuming you CANT use the same port to forward to (1201 in this case) while the localhost still sees it as connected. An hourly process would not be battery consuming and would allow for higher chances of getting phone back. NOTE: This will have to use a NoPassword DSA/RSA key, iphone supports all bits. DSA is known to be safer and has "never" been "cracked" =P

personally i use vi/vim for text editing, so cant help you with your pico problem.

on another note, i should research how it is done one mac, probably easier than reinventing the wheel.

when you switch to wifi, your phones IP changes, therefore your tunnel wont recognize you, but when you switch back, it goes back to your old address and all is peachy.

personally i use vi/vim for text editing, so cant help you with your pico problem.

on another note, i should research how it is done one mac, probably easier than reinventing the wheel.

here is the site i posted earlier that described how to change default listening port on Leopard OSX (cygwin is just the sshd_config file):

http://rhodzy.co.uk/archives/305

i will check out vi/vim!

cheers

Im testing an app I found called iHound from app store (installous), it claims to track your stolen iPhone... If you are willing to pay for it, go ahead, if you are curious of other methods, pm me... I will let you guys know how it works out!

Never-mind, a user account is required and free only till the point of tracking the phone... does not work unless you pay... bastards

So lets assume you think you did enter the correct command, the error you show states your SSH server is not running properly... DO THIS:

go into your computer's terminal, type:

ssh -p 22 User\ Name@localhost

Example: ssh -p 22 Michael\ Withe@localhost

PAY CLOSE ATTENTION TO THE \, it needs to be there LIKE THAT for spaces to work within a User Name.

Tell me what happens after you hit enter, this is a command that will check to see if you are running the server localy at all... if you are, you should be prompted for password, if you get rejected, your SSH server may not be properly set up


In mobileterminal i typed:
ssh -p 22 Owner@(my external IP) -f -N -R 1201:localhost:5900

Told me connection refused.

Then went to Command Prompt in Accessories on my comp and typed in the command u told me to type in.
It looked like this:
C:\Documents and Setting\Owner>shh -p 22 Owner@localhost

Hit Enter and got this:
' ssh' is not recognized as an internal or external command, operable program or batch file.

And then i went n looked at setting up SSH in google and it led me to Cygwin...which i saw in earlier posts so i downloaded it..(took really long time)

And now i have no clue what to do...


I know..I'm really bad at this...I'm sorry that I have no clue what I'm doing...but I REALLY want to be able to do this...and have been searching for MONTHS on how to do this...without finding anything...and now I found someone whos managed to make it work....so thank you for all your time and ur patience.....

In mobileterminal i typed:
ssh -p 22 Owner@(my external IP) -f -N -R 1201:localhost:5900

Told me connection refused.

Then went to Command Prompt in Accessories on my comp and typed in the command u told me to type in.
It looked like this:
C:\Documents and Setting\Owner>shh -p 22 Owner@localhost

Hit Enter and got this:
' ssh' is not recognized as an internal or external command, operable program or batch file.

And then i went n looked at setting up SSH in google and it led me to Cygwin...which i saw in earlier posts so i downloaded it..(took really long time)

And now i have no clue what to do...


I know..I'm really bad at this...I'm sorry that I have no clue what I'm doing...but I REALLY want to be able to do this...and have been searching for MONTHS on how to do this...without finding anything...and now I found someone whos managed to make it work....so thank you for all your time and ur patience.....

you should allow PM's, your problem is spacific, seeing as I have tested it via cygwin (not with iPhone though)... Before I can help you any further, I need you to make sure you can connect to your SSH server locally...

That command you showed:

C:\Documents and Setting\Owner>shh -p 22 Owner@localhost

Should look like C:\cygwin\SOMETHINGHome>ssh -p 22 owner@localhost

When you install Cygwin, make sure to follow their instructions, you must install it with its own directory, and make sure you have installed the correct SSH packets required to run an ssh server within cygwin... here is a good link for step-by-step Cygwin installation:

http://pigtail.net/LRP/printsrv/cygwin-sshd.html

OR (older version)

http://erikjheels.com/?p=470

WHEN you have problems or differences WITH THE ABOVE INSTALLATION RULES, read these posts:

http://www.nabble.com/Wrong-Permission-on-the--var-directory-td18713386.html

http://davedotnet.blogspot.com/2006/06/installing-loopback-adaptor-in-windows.html

http://www.inkompetent.de/knowledge_base/software/vnc_loop_back.html

Once you have completed that, contact me via email michael_withe21@hotmail.com

Once the server is set up properly, this is a really easy process. Windows for the past million years has yet to implement SSH (yet they still use unencrypted telnet) into their command line/Operating system... those proprietary bastards want us to use slow VPN

Wow! This really works!!! Thanks for all your help Michael! ;D

For those setting up an SSH server on Windows Operating Systems:

When you install Cygwin, make sure to follow their instructions, you must install it with its own directory, and make sure you have installed the correct SSH packets required to run an ssh server within cygwin... here is a good link for step-by-step Cygwin installation:

http://pigtail.net/LRP/printsrv/cygwin-sshd.html

OR (older version)

http://erikjheels.com/?p=470

WHEN you have problems or differences WITH THE ABOVE INSTALLATION RULES, read these posts:

http://www.nabble.com/Wrong-Permission-on-the--var-directory-td18713386.html

http://davedotnet.blogspot.com/2006/06/installing-loopback-adaptor-in-windows.html

http://www.inkompetent.de/knowledge_base/software/vnc_loop_back.html

If you have completed that, and you are having troubles, contact me via email michael_withe21@hotmail.com


NOTE: check out http://www.orbicule.com/undercover/iphone/ , think its using the same technology, minus Our server plus Their own

yeah... except you cant just install stuff on os x with out your password, and since he isnt logged into terminal as sh then there is no real worry..

Installing things is the least of your worries.
I would really not like them snooping around in my personal documents, e-mail and browsing history. These are all stored in your profile ever heard of cookie stealing? Becomes pretty easy then. Besides that, I could create à symlink to my uploaded malicious file which replaces a word document and let the malicious file start the word document.

@Michael: do not pretend I am some kind of n00b, i am working as ethical hacker and have seen many uses of ssh fail because of unthouhtfullness.
Besides that, I did test it. In your command to connect the iPhone through ssh, You fail to daemonize it with the & sign, so it stays running within the terminal. Even if you did daemonize it, you could lookup the PID with ps -aux | grep ssh, and connect to the process for example with strace. I think there would even be a way of reattaching to the process, although I have no time now to look that up on the net.

In your command to connect the iPhone through ssh, You fail to daemonize it with the & sign, so it stays running within the terminal. Even if you did daemonize it, you could lookup the PID with ps -aux | grep ssh, and connect to the process for example with strace. I think there would even be a way of reattaching to the process, although I have no time now to look that up on the net.

Before i continue... i want you to understand, the thief has NO ACCESS to your home server... the ports are tunneled, and the "login" is closed, as long as you use my background commands... you can even close the terminal, the thief has no way of knowing its connected (unless this becomes more popular)...

BUT lets say HE DOES KNOW, what could he do? what would I do? I being the thief would go into the mobileterminal (because if you have changed your root/mobile passwords, he would not be able to "ssh" into the phone via wifi) and type netstat...

netstat DOES give this information...

[Established] state tp4 iPhoneIPaddress - MyHomeIPaddress.Port (stays established even if localhost is not in use)

AND A BUNCH OF OTHER CONNECTIONS WITH SAME FORMAT

so, because i have my ssh server on non-default port, all he would know is that the phone is connected to (Blank) IP address on a (Blank) port..

Now, dont get on a rant about what someone could do with your IP address, because thats just one of many connections and IP's listed... and when on a non-default port he has no idea what protocol is being used or if that IP is really owners... of course he could continue to port scan/who.is the ip, but still, i dont see this is a vulnerability... when my iphone gets lost/stolen, I wont let more than 5 minutes pass before im logged onto it looking at what there doing or tracking their position... and of course, i could close the connection at any time / change passphraze/dsa/rsa's and he never has access again. He would have to do all damage within a half an hour TOPS assuming he gets in without knowing any passwords or keys...

Again, he would have to know a heck of alot about terminal commands just to get AN IP ADDRESS (still not knowing what it belongs to), lol, and i dont think any linux/mac geeks are going to be STEALING iphones from people like me...

On the note of terminal:

My new commands include the "background" version, which will sign out of the computer's ssh and even attach to something that isnt the "terminal"...

How i tested this... ran reverse background command from iphone:

ssh User@name -f -N -R 1201:localhost:5900

once i enter my private dsa key passphrase (which you can require on your phone via the sshd_config file) the terminal goes back to iphone root... i can then further more "exit" every terminal (4 built in) and then [EXIT] the app completely by giving command [EXIT] (not just "exit")..

POINT: With the terminal completely killed/restarted, the connection remained and i was able to connect via my computers localhost...

i dont know what -f -N does that allows it to work outside of the mobileterminal app...

But if i restart my iphone or turn it off, the tunnel is broken... so it would have to be given at each bootup and each change of IP (source).

I appreciate your criticism, but i am a firm believer that some app heads could make this applicable... i know very little about how the OS runs, and even more little about how to write script... so my job here is to get the connection bugz out and do some tests and hand them over to someone els with right know-how.

NOTE: the ONLY time i use an & sign is when using an empty rsa/dsa key and am implicating the command to a script (do shell script)... but maybe im missing your point...

Here is the thread I started when i realized reverse ssh tunnels could bypass firewalls on the host side:


http://www.macshadows.com/forums/index.php?showtopic=9775


PS: i fiddle with port scanners and using routers against people (people without routers are just retarded)... but i wouldnt call that "hacking", more "snooping".. btw, you joined in jul 2009, your macrumors status is still "newbie"... not implying anything =P

Q: how do i add a command/script to iphone startup?