← Writing

Setting Up SSH Public Key Authentication for iPhone Remote Access

Lately, after jailbreaking my iPhone and installing the toolchain on my Mac, I’ve started doing some iPhone development. Currently, due to lack of official development tools and a device simulator, the development process involves frequently loading up the app you’re coding to your iPhone. I use the scp command to copy the app bundle as shown below.

scp -r ~/iPhone/Sample/build/Release/Sample.app root@10.0.1.1:/Applications

This works fine, except that it asks for the root password each time you execute the command. And this additional step can become an annoying time-waster when you end up issuing the command literally hundreds of times throughout the course of a coding session. So, SSH public key authentication comes to the rescue! A quick Google search revealed the solution at Game Over’s wiki.

Here are the few simple steps to enable this feature (please note that you must already have the BSD subsystem and the OpenSSH apps installed on your iPhone):

  1. Start up your Terminal.app and run the following command on your mac to generate the keys. Accept the defaults when it asks for a place to save the keys on your machine. Enter a passphrase when asked if you like, but it’s ok if you leave it blank too.
ssh-keygen -t rsa -b 2048
  1. Now, copy the generated public key to your iPhone. Don’t forget to substitute your phone’s ip address.
scp ~/.ssh/id_rsa.pub root@10.0.1.1:~/authorized_keys
  1. Next, start the Term-vt100 app on your iPhone, and type the following commands.
mkdir -p ~/.ssh
chmod 0700 ~/.ssh
mv ~/authorized_keys ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
chmod go-w /private/var/root

That’s it. From now on, you can login to your iPhone without entering a password. Try it. Type this on your mac.

ssh root@10.0.1.1

Don’t forget to substitute your own ip address. Also note that you may be asked for a passphrase if you entered one in the first step. If you check the box to store the phrase in your keychain, you will not be asked for it anymore.

Comments7 archived

Imported from Disqus when the comment system was retired. The conversation lives here as a static archive — no replies possible.

  1. bob marley

    b - e - a - utiful. thx.

  2. LKRaider

    Another good idea is to disable clear text password authentication, so that only public key authentication will work.

    To do that, edit /etc/ssh/sshd_config on the iPhone and add the line:
    PasswordAuthentication no

    Specially useful for securing ssh login if you haven't changed the default password.

  3. Andre

    Another tip here is editing the ssh config file.

    On your machine (not the iphone), create ~/.ssh/config

    In there, add the following lines

    Host iphone
    HostName 10.0.1.1
    User root

    Now, simply typing 'ssh iphone' will connect to 10.0.1.1 with user root.

  4. johnc

    if you have used openssh on your iphone i found if you substitute root with mobile it also works.

    the above works verbatim on ubuntu :-)

  5. Brett

    Sweet! Thanks Andre also for the config idea.

    Definitely worth doing in reverse also.

  6. CW

    Is the iPhone able to generate a key? i.e. can the command (or one similar) ssh-keygen -t rsa be run on the iPhone
    I am curious if I could use my iPhone to log into my ubuntu server at home.

  7. Trcx (@Trcx528)

    This is awesome! Thank you!