http://www.crunchgear.com/2008/10/06/a-fri...l-iphone-users/

oh my, really don't realize this.

alpine is a simple word to remember

not necessary for me.. as i disable everything, only on when i wanted to use.

it is not as simple as remembering the "alpine" word my friend.


let me give you a possible scenario to illustrate this situation better.


imagine you walked into starbucks on fine day and decide to use its wifi service whilst enjoying a cup of coffee. like many of us here (and 99.999% of first generation users), our iphones are probably jailbroken and have SHH pre-installed (by your respective seller) or perhaps by yourself.


and one fine day, you have forgotten to turn off the SHH feature via bosspref or probably do not have this feature, an unscrupulous person with a laptop (using the very same timezone starbucks wifi service) decides to try his/her luck. if he/she succeeds (given the conditions above satisfied) he/she can happily accessing all the contents of your beloved iphone seamlessly.


any SHH users will obviously know this these two facts; you can still access the iphone via SHH even though you have some password coded locked apps that you have (may it be from cydia/installer or app store) and you cannot possibly tell that someone is actually lurking inside your iphone.


hence, it is important that you have the default SHH password changes (or of course opt for the boss pref method)







This post has been edited by nokia2003: Oct 7 2008, 10:05 PM

hmm...then i better change.

thanks for the info bro

You're most welcome.

If i turn off SSH then no one is able to view anything inside my phone right?

In Terminal @ PuTTY, make sure you are root i.e Frozzbyte:/ root#
If you're in mobile, it will display the $ instead of # symbol. To got to root, type "su root" (without the quotes).

type:

passwd root (example Frozzbyte:/ root# passwd root)

Change to anything you want. By this, you no need to worry about people snooping into your phone or forgot turning off SSH (btw SSH will not drain your battery if its running in the background unless your making a connection to it, so leaving it to "ON" in BossPref is ok).

SSH is just like cmd in Windows right?

WHAT???!!! NO ONE IS THANKING ME FOR MY GOOD ELABORATION?

Ooops ..

Kam siah nokia2003 for the good and detail explainations ..

@Fighteden
SSH is not like cmd in Windows. PuTTY/Terminal is like cmd, SSH is just the protocol. SSH = Secure SHell

ok ok I appreciate this.Thanks nokia2003
it's time to change.

Oh .. so it's something that enabling the remote usage of terminal eh?

So after all, it doesn't matter if I haven't JB my iphone right?

Adding onto 5w33's question; is there a even a 'default' password for non jailbreaked iPhones?! *grins*

I tried AirSharing once but I've never tried connecting to my iPhone 'remotely' via my laptop.

Damn.... I'm seriously under-utilising my iPhone 3G!

@kokyun,
That picture U posted... *heart breaking*!

I'll add this for the Windows users:
(This is assuming you're working with openSSH on your iPhone and thus already have Cydia installed.)

1. Search for MobileTerminal on Cydia and install it.

2. Open "Terminal" (look for the icon) on your iPhone.

3. You will see a DOS like console. Go ahead and type in "su root" and tap on return.

4. Now type in the default password "alpine" and tap on return. Note that the text will be masked so you should still tap on return although you don't see any text forming as you type.

5. On the next line, type in "passwd" and tap on return.

6. Ok, now you need to type in a new password and again tap on return.

7. Type in your new password again for verification and tap on return. And you're done! Simply type in "clear" if you want to clean up your terminal screen.

Check to see whether your password works by connecting using your pc. I am using WinSCP myself.

This post has been edited by wilsoncvt: Oct 9 2008, 08:25 PM

heh, i only turn ON ssh when i need to access my phone
others than that, it always turn off

anyway, thanks for the infos

good simple guide wilsoncvt! but one should not necessarily be afraid if the default password remain unchanged. because many public wireless internet has blocked certain networking features such as device to device on the local network, so the intruder might not be able to gain access to someone's else iPhone thru its WIFI connection. but it's better changed to have peace of mind.

heck...i didn't know the seriousness & dangers of it till this post came up.

Appreciate the info there TS!