OpenSSH won't work 99% of the time!!

[coolthing76]

Same Results

yezza

Same thing here.


1. Tried connecting via SSH - no go (connection closed by remote host).

2. Re-installed openSSH. Did not reboot.

3. Successfully connected via SSH.

4. (Skipped) Did an iTunes sync.

5. (Skipped)Successfully reconnected via SSH.

6. Rebooted phone.

7. Unsuccessful attempt to connect via SSH (connection closed by remote host).


Anyways, my goal is to do this:
http://aikhan.wordpress.com/2009/06/01/developing-iphone-applications-on-linux/

I can live with reinstalling OpenSSH every time i reboot my iPhone which I rarely do

This took some time already any ideas from anyone is welcome for sure.

Thank you everyone

 

[mappyman]

Delete the ".ssh" directory if you have one in roots home directory.

drwxr-xr-x 2 root sys 68 Sep 26 07:04 empty

Also does the above directory have the same permission as mine, its located in /var

 

[foob]

Can you ssh in as mobile instead of root? Can you ssh from the phone to the pc using MobileTerminal?

 

[MrThompsonR]

Also, your IP address can change from day to day. Make sure the one you are using is still correct.

Depending on your router/ DHCP settings your ip address will change every few minutes... Just verify the "current" assigned ip address before trying to connect to your phone... and make sure you turn off the "auto lock."

 

[yezza]

Can you ssh in as mobile instead of root? Can you ssh from the phone to the pc using MobileTerminal?

ssh from mobile terminal gives me "connection refused".

ssh mobile@192.168.... gives me the same result as root:

"connection closed by remote host"

 

[sanctifi3d]

I have the very same problem I've been trying to fix it for ovewr a week now cant seem to get it to work any suggestions? I restored a couple of times and none fixed it

 

[NCUSA]

Why don't you try with USB way to connect your iPhone..

I'm using iFunBox and it works great, it's like WinSCp so you don't need to worry..
Here is the video that's going to help you: http://www.youtube.com/watch?v=mNBZ-D8uEBM

 

[baoshi]

Hi Guys,
I found this thread when I'm googling the same problem.
My observation is that each time I cannot ssh to iPhone, the reason is /usb/sbin/sshd gets deleted
FYI I'm running OS 3.1.2 and iTunes 9.1

 

[yezza]

Hi Guys,
I found this thread when I'm googling the same problem.
My observation is that each time I cannot ssh to iPhone, the reason is /usb/sbin/sshd gets deleted
FYI I'm running OS 3.1.2 and iTunes 9.1

Hello baoshi,

Yes you're right (good spotting), I have the same thing happening.

I am on 3.1.2 and iTunes 9.1 also, but I have had this problem whilst on iTunes 9.0 too. I'm still hoping for a solution.

 

[bbhepa]

I have the exactly same problem here, and have been trying to solve it for over a week now.

I guess baoshi found the source of our headache.

Messages such as "ssh_exchange_identification: Connection closed by remote host" is very very misleading; the "ssh_exchange_identification" only tells us where the ssh client was executing when "Connection closed by remote host" happened. The connection close is an asynchronous event and it is not related to "ssh_exchange_identification" in any logical way.

What's happening here is that the server side (the iphone) accepts and establish a connection from the ssh client by means of the inetd process, and the inetd simply shutting down the connection because the actual server program, the sshd, that should serve this connection does not exist.

In addition to the /usr/sbin/sshd, I noticed /usr/libexec/sshd-keygen-wrapper is spontaneously removed also.

The next problem is

"Who the heck is removing these files, and why?"

 

[bbhepa]

Folks, the problem is solved, at least those caused by spontaneously disappearing /usr/sbin/sshd. It is done by the worm type malware called "ikee" or something like it.

Google it in the web, or refer to pages like:

http://forums.justcommodores.com.au/lan-lounge/118975-iphone-ikee-worm-fix.html

In my case, I usually change password asap, but it seems like it hit me within the split second time rag.

My personal thoughts about this incident is that the openssh package should be installed as disabled, then enabled at users command.

Good luck to those having the same problem.

 

[yezza]

Awesome

Folks, the problem is solved, at least those caused by spontaneously disappearing /usr/sbin/sshd. It is done by the worm type malware called "ikee" or something like it.

Google it in the web, or refer to pages like:

http://forums.justcommodores.com.au/lan-lounge/118975-iphone-ikee-worm-fix.html

In my case, I usually change password asap, but it seems like it hit me within the split second time rag.

My personal thoughts about this incident is that the openssh package should be installed as disabled, then enabled at users command.

Good luck to those having the same problem.

Thanks bbhepa, that seems to have fixed my problem

I was under the impression that my wallpaper would change to Rick Astley if I had the worm (and my wallpaper had not changed), but gave the removal process a whirl anyway.

 

[rocteur]

I would try uninstalling OpenSSH one more time (and then reboot, NOT respring, afterward), but after it is removed, use something like iPhoneBrowser to see if there is an /private/etc/ssh directory. If there is, delete EVERYTHING in it as well as the directory itself. After that, reinstall OpenSSH and try one more time to make a connection.

The first time you attempt to make a connection after doing this, it may take longer than normal as it will need to generate a new set of RSA keys from scratch for itself again. Subsequent connections should be fast.

... Deleted ...

-- Nathan

This worked for me! Thanks Nathan but I also had to follow these instructions:

http://forums.justcommodores.com.au/...-worm-fix.html

/usr/sbin/sshd disappeared

 

[yink]

Thanks!

Hi all, I spent the whole day trying to figure this out. After reinstalling openssh, I would be able to ssh into my own phone by running
ssh localhost

However, after a while, ssh localhost would fail and I would get the dreaded
ssh_exchange_identification: Connection closed by remote host

Turns out that my iPhone is infected with the ikee worm as you guys pointed out. Not too sure how that happened especially cos I did a fresh iOS 4.3.3 install the day before (at home) and changed my default passwords soon after. I also checked Pwnage Tool's SHA-1 to ensure I used a legit version to bake the custom ipsw file for my iPhone.

My family has 3 other iOS devices. The 3 other devices have all been jailbroken at some point but they are not currently jailbroken. Doing fresh OS installs and not jailbreaking subsequently probably means they don't have the worm right? I don't think I got infected from my home network.

I think the biggest suspect is installing stuff from Cydia, which I did a ton of after jailbreaking. Let me check up on this and see if I can come up with anything.

Also, thanks for all the tips!

 

[beej69]

iPhone malware

yikes!

my first encounter with iPhone malware that's what i get for installing openssh before changing the default "alpine" password for users mobile and root i'm so glad i stumbled across this thread!

IMNSHO, the most important thing is to nuke /System/Library/LaunchDaemons/com.ikey.bbot.plist

an easy way to do this is to use iPhone Explorer from http://www.macroplant.com/iphoneexplorer/

if you don't see this file, you're suffering from some other problem. nuking the other files mentioned here and elsewhere is just cleanup. the above file is the one that makes the malware load every time your iphone boots.

if you're feeling paranoid, restore and be careful to change your default passwords before installing openssh next time

good luck!
marc