Blog

Recent Posts
New Project New Site Layout and Code Better iPhone/iPod Touch Automount Hotplug Your iPod Touch With udev Rules Google Watches You Shower
Archive
June, 2008May, 2008April, 2008March, 2008February, 2008January, 2008December, 2007November, 2007 Older

Passwordless SSH On Your iPhone or iPod Touch

Since I've been spending more time in Linux, I've found it necessary to be able to sync my iPod Touch within Linux. Amarok has some fantastic configurability for devices you want to sync with, but since iPod Touch support is not complete at the moment, there's a little work to fill in.

If you've tried following Fred Emmotts handy tutorial for syncing an iPod Touch with Amarok, you may have run into the same issue that I did with trying to enable passwordless SSH authentication. So ignore what everyone else says, here's the quick and dirty way to get your iPhone/iPod Touch working with passwordless SSH. Please note that this will make your iPhone/iPod very insecure, since you're using SSH with a widely known username/password combo and ignoring some of the critical security checks.

Oh yeah, you're going to need a Unix-like environment with OpenSSH installed for this to make sense and actually work.

1. Jailbreak your iPod Touch. This step is easy and there are tonnes of other guides around so I'll assume you can do this. I'm running 1.1.1 jailbroken, but it really doesn't matter.

2. Install the OpenSSH package in AppTapp and its dependencies. Once its installed, try connecting from your client machine (throughout this article when I say "client machine" I mean the computer you are accessing the iPod from) with the following:

ssh root@[your ipod's ip address]

You can find the IP address in the WiFi settings by selecting the arrow next to your connected AP. When requested for a password, enter "alpine". This may take a while to connect for the first time while your iPod (very slowly) generates RSA keys.

3. Once you are logged in over SSH you will need t configure SSH for using RSA authentication, so type the following:

vim /etc/sshd_config

You will see the configuration file appear. From here, you need to change two settings so that your config file looks something like:

PubkeyAuthentication yes
StrictModes no

It is vital that you set StrictModes to "no". This option is not in the config file shipped with OpenSSH, so you'll need to add it. This is where I got stuck and where most of the tutorials around will not help you out. StrictModes on "no" is a far less secure option, but remember: you have just enabled SSH over WiFi with root access and a root password that every man and his dog knows. You are not concerned with security at this stage. If you're worried, grab BossPrefs in AppTapp and turn of SSH when you don't need it.

6. At this stage, its a good idea to restart sshd to enable the configuration file's changes to kick in. There are a dozen ways to do this, but if you're into GUIs (I am), BossPrefs or uictl (both available through AppTapp) will do the job nicely. If you don't have these, just turn the iPod off and on again.

5. Now log out of SSH on your iPod (or maybe you got dropped when your restarted SSH; that doesn't matter). We're going to generate a public RSA key to give to your iPod so that it will authenticate you in the future. On your client machine type the following command:

ssh-keygen -t rsa

This will generate some key files in the home directory of the current user, under .ssh. Just press enter for every prompt that ssh-keygen throws up and you'll be fine - the defaults are what we want here (indicated by brackets after the prompt).

6. Still on the client machine here, you want to type the following command:

ssh-copy-id -i ~/.ssh/id_rsa.pub root@[your ipod's ip address]

Again, obviously you want to replace with your iPod's IP address, which you of course found out earlier. The password here is the same as before: "alpine".

7. And that's it! ssh-copy-id has copied the key for you to /var/root/.ssh/authorized_keys on your iPod and now when you try to SSH in (from the same machine you used ssh-keygen on, that is) using the same command from step 2, you will no longer be asked for a password. If you want to enable passwordless authentication on multiple machines, you just need to repeat steps 5 and 6 on the machines in question.

I hope that fills in the blanks for some of you. I'm not a total Linux newbie, but I find it very difficult to follow tutorials which assume you have experience with something like SSH configuration and the like, when you don't. If everything went well in this tutorial, you're now free to keep following Fred Emmotts iPod and Amarok sync tutorial and you now have passwordless SSH, not to mention being able to wirelesly sync with your iPod - ask your Windows and MacOS-using friends if they can do that.

Link to this article | Make a Comment
Tags: iPod Touch, iPhone, Linux, SSH

Make a Comment