Aug 07

How to login into your iPhone via SSH with no password (but with key authentification)

Firmware 1.x, Firmware 2.x, iPhone, iPhone 2G, iPhone 3G Add comments

So you managed to install the SSH server on your iPhone. But now, every time you want to connect from your Mac to your iPhone via SSH you have to enter your password? You set up a backup procedure via rsync (will be the next post) and now it does stop every time at the password prompt? No problem. SSH does know different kinds of authentication. One is password, another one is the use of keys. Thes keys are stored as key-files on your computer and on your phone. If they exist and they match no password is required to login. And as long as your computer is safe, the iPhone will be as well. So make sure your key-files on the computer are safe. I use FileVault on my MacBook Pro.

7 easy steps to create your automatic login:

  • (1) Open Terminal.app on your computer
  • (2) Make sure you got a RSA key pair on your computer. If you use SSH to login into other computers, servers or iPhones this could already be the case, so check: ls .ssh (or ls ~/.ssh). If you see two files id_rsa and id_rsa.pub this is already the case. If not, create your own key-files for the computer by simply typing in: ssh-keygen -t rsa Do NOT repeat this step unless you want to create new key-files. Then you should repeat all of the steps, the old key-files will be overwritten.
  • (3) Log into your iPhone via WiFi by using:
    ssh -l root (IP-address of iPhone)
  • (4) Create the .ssh directory on your iPhone: mkdir ~/.ssh
  • (5) This step is crucial, use this syntax only if your iPhone runs on firmware 2.x! Change the iPhone SSH server to accept key-files by typing in this: echo AuthorizedKeysFile .ssh/authorized_keys >> /private/etc/ssh/sshd_config
  • (6) Exit the iPhone SSH shell by using: exit
  • (7) Now on your Mac copy your public key-file to the iPhone by using this syntax: scp ~/.ssh/id_rsa.pub root@10.0.1.3:.ssh/authorized_keys

Thats it! Try now to re-connect to your iPohne by using: ssh -l root (IP-address of iPhone) There should be no password prompt anymore. Your computer is authorized by checking the public key file on the iPhone (id_rsa.pub) against your private key-file (id_rsa).

Hint: If you are on firmware 1.x you should change step (5) to this: echo AuthorizedKeysFile .ssh/authorized_keys >> /etc/ssh/sshd_config

written by TwiPhone


8 Responses to “How to login into your iPhone via SSH with no password (but with key authentification)”

  1. 1. lvyile Says:
    October 15th, 2008 at 5:21 am

    thanks so much, and pls let write this topic in my own
    blog~
    : )

  2. 2. dkk Says:
    June 10th, 2009 at 6:11 am

    on step (5) i get the message “permission denied”

  3. 3. twiphone Says:
    June 10th, 2009 at 8:31 am

    dkk, are you using an admin user on your Mac?

  4. 4. Charly Says:
    August 25th, 2009 at 4:57 pm

    I’ve used the root user, but don’t work…
    on iPhone:

    Charly:~ root# ls -la ~/.ssh
    total 8
    drwxr-xr-x 2 root wheel 136 Aug 25 17:33 ./
    drwxr-x— 5 root wheel 204 Aug 25 17:18 ../
    -rw——- 1 root wheel 1675 Aug 25 17:19 authorized_keys

    Charly:~ root# ls -la /private/etc/ssh
    total 156
    drwxr-xr-x 2 root wheel 374 Aug 1 22:38 ./
    drwxr-xr-x 13 root wheel 884 Aug 1 22:37 ../
    -rw-r–r– 1 root wheel 125811 May 5 08:58 moduli
    -rw-r–r– 1 root wheel 1526 Jan 4 2008 ssh_config
    -rw——- 1 root wheel 668 Aug 1 22:38 ssh_host_dsa_key
    -rw-r–r– 1 root wheel 590 Aug 1 22:38 ssh_host_dsa_key.pub
    -rw——- 1 root wheel 963 Aug 1 22:38 ssh_host_key
    -rw-r–r– 1 root wheel 627 Aug 1 22:38 ssh_host_key.pub
    -rw——- 1 root wheel 1679 Aug 1 22:38 ssh_host_rsa_key
    -rw-r–r– 1 root wheel 382 Aug 1 22:38 ssh_host_rsa_key.pub
    -rw-r–r– 1 root wheel 3279 Aug 25 17:31 sshd_config

    Charly:~ root# cat /private/etc/ssh/sshd_config


    AuthorizedKeysFile .ssh/authorized_keys

    I’ve try to change .ssh/authorized_keys in /var/root/.ssh/authorized_key but again none.
    Any hint?

  5. 5. Twiphone Says:
    August 25th, 2009 at 5:02 pm

    Please re-read the article.

    Did you change the “sshd_config” by using:

    echo AuthorizedKeysFile .ssh/authorized_keys >> /private/etc/ssh/sshd_config

    ?

    Then, being on the MAC please upload your public key using (10.0.1.3 should be changed to the IP of your phone):
    scp ~/.ssh/id_rsa.pub root@10.0.1.3:.ssh/authorized_keys

    Regards
    TwiPhone

  6. 6. Charly Says:
    August 25th, 2009 at 5:44 pm

    Thanks Twiphone,
    I’ve used a wrong file key, your infos are exacts!

    Now run fine.

    Sorry.

  7. 7. Sergani Says:
    November 22nd, 2009 at 10:36 pm

    Hi all,
    I tried the mentioned steps, and i’m not able to login without a password prompt unfortunately.
    i use linux, fedora. and my iphone is a 3GS v 3.0.1
    any help?
    thx!

  8. 8. twiphone.com Says:
    November 24th, 2009 at 3:35 pm

    @sergani, it did work on my 3.01 3GS that time. I am not sure if
    “scp ~/.ssh/id_rsa.pub root@10.0.1.3:.ssh/authorized_keys”
    will work on your system. Make sure your public key “id_rsa.pub” exists on your PC/Laptop (try: cat ~/.ssh/id_rsa.pub)

Leave a Reply

TwiPhone.com is Digg proof thanks to caching by WP Super Cache