Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

After jailbreaking, what are all the steps I must take to be as secure as possible?

T

TheKingIV

macrumors member
Original poster
Apr 14, 2008
94
0
Please add to what I already know:

1. Install Open SSH and Mobile Terminal
2. Change root password on the phone (isn't there another PW I have to change?)
3. Is it safe to keep both Open SSH and Mobile Terminal? Or should I delete both after changing the root password?

Anything else I need to do?
 
Unless you have OpenSSH on your phone, there is no reason to change your default passwords. Nor is there any need to install OpenSSH on your phone just so you will have to change your passwords.

If you do choose to install OpenSSH, then you will want to change the passwords for both the 'root' and 'mobileuser' accounts.
 
thelatinist said:
Unless you have OpenSSH on your phone, there is no reason to change your default passwords. Nor is there any need to install OpenSSH on your phone just so you will have to change your passwords.

If you do choose to install OpenSSH, then you will want to change the passwords for both the 'root' and 'mobileuser' accounts.
Click to expand...

So my iPhone is just as protected as unjailbroken iPhones as long as I don't have OpenSSH installed?
 
jdu00743 said:
So my iPhone is just as protected as unjailbroken iPhones as long as I don't have OpenSSH installed?
Click to expand...


Yup i would say so! However you can switch SSH off via SBSETTINGS when you are not using it, but note that SSH will switch itself back ON when rebooting the iphone!
 
jdu00743 said:
So my iPhone is just as protected as unjailbroken iPhones as long as I don't have OpenSSH installed?
Click to expand...

Correct. The same goes for Netatalk as well.

If you want to be more protected than non-jailbroken phones, install the firewall available on Cydia
 
jdu00743 said:
So my iPhone is just as protected as unjailbroken iPhones as long as I don't have OpenSSH installed?
Click to expand...

Having OpenSSH installed and available in case of any issues can be a lifesaver (such as recent Cydia issue) and can save doing a restore and re-JB as those who didn't have OpenSSH installed found out.

If you change both the passwords as recommended, your phone will be safe.

Look, we all know that using the Internet is risky and we trust our virus apps to protect us, but we don't stop using the Internet.

Same mindset here. Change the passwords and use the phone with ALL of it's abilities !
 
dhlizard said:
Having OpenSSH installed and available in case of any issues can be a lifesaver (such as recent Cydia issue) and can save doing a restore and re-JB as those who didn't have OpenSSH installed found out.
Click to expand...

iFile or MobileTerminal will work just as well without running a server daemon on your phone.
 
How do you change the password? I always just turn it off with SBSettings.
 
mojoe24 said:
How do you change the password? I always just turn it off with SBSettings.
Click to expand...

Do the following in MobileTerminal (note that you will be changing two passwords; you must do all of the steps below to keep your iPhone safe):

Type 'passwd'
When prompted for a password, enter 'alpine'
When prompted to enter your new password, do so.
When prompted to re-enter your new password, do so.

Type 'su root'
When prompted for a password, enter 'alpine'
Type 'passwd'
When prompted for a password, enter 'alpine'
When prompted to enter your new password, do so.
When prompted to re-enter your new password, do so.
Type 'exit'
 
thelatinist said:
Do the following in MobileTerminal (note that you will be changing two passwords; you must do all of the steps below to keep your iPhone safe):

Type 'passwd'
When prompted for a password, enter 'alpine'
When prompted to enter your new password, do so.
When prompted to re-enter your new password, do so.

Type 'su root'
When prompted for a password, enter 'alpine'
Type 'passwd'
When prompted for a password, enter 'alpine'
When prompted to enter your new password, do so.
When prompted to re-enter your new password, do so.
Type 'exit'
Click to expand...


I have known that there was the "su root" password that was required to be changed but didn't know about the first one!! many thanks for that thelatinist :)
 
Bl0ckHe1d said:
I have known that there was the "su root" password that was required to be changed but didn't know about the first one!! many thanks for that thelatinist :)
Click to expand...

No problem. Yes, you need to change the password not just for 'root' but also for the 'mobile.' The latter does not have superuser priviliges, but it has enough to be getting on with.
 
I know this is obvious, but I'm amazed how often peope who know better *cough*backups*cough* neglect the obvious solutions. Put a PIN on your handset. All the software security in the world won't do much good if someone has physical access to your hardware.

Just a friendly reminder...:rolleyes:
 
thelatinist said:
iFile or MobileTerminal will work just as well without running a server daemon on your phone.
Click to expand...
But those require SpringBoard. If SpringBoard won't launch, ssh is your only hope. Not that I recommend it for everyone. Most people seem more comfortable restoring than fixing things via ssh.

otcpdx said:
Put a PIN on your handset.
Click to expand...
And always keep the screen wiped clean or they can look at your fingerprints and guess your PIN. It's still not perfect though.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back