How To: Change Your iPhone’s Default SSH Password
4:17 pm, November 9th, 2009, Sayam Aggarwal
If you jailbreak your iPhone, the first thing you ABSOLUTELY MUST DO is change the default filesystem password.
When you jailbreak, the filesystem’s password is set to the common password “alpine.” As people usually don’t bother changing this password after performing a jailbreak, it’s really easy for hackers to get access to any jailbroken iPhone/iPod Touch on a public network.
EDIT: Just confirmed with GeoHot and it seems that at least blackra1n doesn’t install SSH by default, therefore this should not be a problem if you used blackra1n to jailbreak, unless you installed the OpenSSH package from Cydia.
An Australian hacker called Ashley Towns demonstrated this by circulating the first known iPhone worm, known as Ikee, which replaces your lockscreen wallpaper with an image of Rick Astley. Luckily Town’s Rickrolling is benign. He wrote the worm to demonstrate how easy it is to break into jailbroken iPhones.
Changing the password is quick and easy — after the jump is a tutorial showing how to change the SSH password.
Note: There is no need to follow this guide if you haven’t jailbroken your iPhone/iPod Touch.
Ingredients:
Jailbroken iPhone / iPod Touch
Cydia
MobileTerminal
Here’s how to change the default SSH password after jailbreaking:
1. Make sure you have Cydia installed on your jailbroken device. If you don’t already have MobileTerminal installed, launch Cydia and tap the ‘Search’ tab in the bottom navigation bar.
2. Type ‘MobileTerminal’ in the search field and select the first result. Select ‘Install’ on the top right corner and tap ‘Confirm’ on the next screen. It will now install MobileTerminal on your device. Now, tap on ‘Return to Cydia’ and tap home button.
3. Navigate to the newly installed ‘MobileTerminal’ application and tap to open.
4. In MobileTerminal, type ’su root’ and tap return. It will ask you for a password, enter ‘alpine’ and tap return again.
5. Now, type ‘passwd’ and then tap return. Type in a new password such as ’secret’ and tap return. Retype the new password to confirm and then tap return one last time to change the password.
6. Now, your SSH password will be changed and your device will be protected against any future hacks that use SSH to access your device.
Posted by Sayam Aggarwal in How tos, How-To, Top stories, iPhone 3G, iPhone 3G S, iPod Touch | Comment on this article
Noooooo…
“it’s really easy for hackers to get access to any iPhone/iPod Touch on a public network.”
Any JAILBROKEN iPhone/iPod touch on a public network.
GQB, on November 9th, 2009 at 4:24 pm
@GQB thanks for letting me know
Sayam Aggarwal, on November 9th, 2009 at 4:33 pm
So I’ve heard conflicting reports on this. Is is ANY jailbroken phone that can be accessed or is it any jailbroken phone that has an app like MobileTerminal installed?
I’ve seen on other sites that you’re only vulnerable if you have a SSH app installed.
Neil, on November 9th, 2009 at 4:42 pm
Thanks for the great article.
Can you please clarify in your article, for those like me, who are not fully tech-savvy IS THIS FOR ALL JAILBROKEN/UNLOCKED, OR ONLY PEOPLE THAT MESS WITH SSH?
sbi, on November 9th, 2009 at 6:55 pm
I realize this is going to sound like a really retarded question, but I can’t seem to figure it out otherwise. I bought an iPhone 3GS from Dubai. Cydia’s running and I have “ultrasnow” installed. So does this mean the phone’s unlocked AND jailbroken? .. if so, can I go to iTunes and update the iPhone’s software to 3.1.2 .. I currently have 3.0.? something .. is there any advantage of upgrading? .. I really don’t want to mess up the phone.
Bilal, on November 9th, 2009 at 11:33 pm
@Bilal – If you have Cydia running it is jailbroken. Ultrasn0w is the carrier unlock. So yes, you are both jb and unlocked. You can upgrade to 3.1.2, but use pwnage to create the custom ipsw (this avoids having to redo the break with blackra1n). See http://blog.iphone-dev.org/
Kevin, on November 10th, 2009 at 6:41 am
Just confirmed with GeoHot and it seems that at least blackra1n doesn’t install SSH by default, so this should not be a problem if you used blackra1n to jailbreak, unless you installed the OpenSSH package from Cydia.
Sayam Aggarwal, on November 10th, 2009 at 7:47 am
this was really helpful man, i dont know what i would do without you!
hrag, on November 10th, 2009 at 8:21 am
great how to! there is no way to mess up with the excellent screen shots.
Michael Fowler, on November 10th, 2009 at 8:35 am
This doesn’t affect you, unless you installed the OpenSSH server using Cydia.
Neither PwnageTool/QuickPwn nor blackra1n make your iPhone vulnerable, because they *don’t* install any SSH services by default.
accolon, on November 10th, 2009 at 9:19 am
Good article. Timely, relevant and well-written.
iGenius, on November 10th, 2009 at 10:17 am
If I change the root password, does this cause any adverse affects with installing App store apps, or does the phone use ‘root’ to install or do other things on it’s own? if so, will it recognize the change?
what about next update? does any of this matter in regards to the root pwd?
seeloe, on November 10th, 2009 at 5:08 pm
from other sites, it does not sound advisable to, the better option is to use sbsettings, and just toggle SSH off, until YOUR actually using it…
seeloe, on November 10th, 2009 at 5:24 pm
Thanks for these instructions – VERY much appreciated
Gaboose, on November 12th, 2009 at 6:45 pm
This sounds strange but after installing teminal and following the instructions I put in “alphine” and it says it’s incorrect? If I used Blackra1n/Cydia do I really need to do this and what else could the password be? I’m using AT&T in the US. Thanks!
John, on November 13th, 2009 at 11:59 am
In SBSsettings, in both the ‘Selected’ and ‘Ignored’ toggles, I turned off each SSH. If I change my root passwd, will this create a security hole is it safe to do so?
Davey, on November 13th, 2009 at 10:01 pm
In SBSsettings, I turned off each SSH found in both the ‘Selected’ and ‘Ignored’ toggles. If I change my root passwd, will this create a security hole or is it safe to do so?
Sorry if the question sounds stupid, but I’m a newb in the jailbroken 3G world. Thanks!
Davey, on November 13th, 2009 at 10:03 pm
Also, I forgot to mention that I don’t have OpenSSH installed.
Davey, on November 13th, 2009 at 10:06 pm
“Type in a new password such as ’secret’” —
Don’t you mean “Type in a _secret_ password”? It’s not going to help much if the phone responds to the obvious second choice.
Bill, on November 20th, 2009 at 7:55 am
bill, “secret” was just an example. you can choose your own password
felip, on November 21st, 2009 at 4:20 pm
@john
the default password is “alpine” not “alphine”. try that instead.
Mike, on November 21st, 2009 at 8:28 pm
Tried alphine and it says incorrect? Is my phone still vun if I used blackrain and what else could the password be? Strange. Thanks!
John, on November 22nd, 2009 at 4:51 pm
When I read these comments I just think, some people are really dumb.
bob, on November 23rd, 2009 at 12:04 pm
Hi Sayam, Good tutorial, it’s the first one if you google for SSH iPhone!
One request/piece of advice: as threats become more serious, I think it is essential that people also change their password for the ‘mobile’ account. There’s now a very malicious piece of malware stealing people’s money, and the mobile account is just as vulnerable as the root account and it holds ALL your data! It has the same password as ‘root’, and I think it will be a very short while before a criminal hacker will start to use that hole: most tutorials, including yours, now tell people to change the root password, but they forget mobile.
USERS READING THIS: After doing step 5 above, with the terminal still running, you should type:
passwd mobile
and it asks for your new password (twice). It is OK to use the same new password you used for the root account. Just don’t use ‘alpine’.
Jim, on November 23rd, 2009 at 2:49 pm
@ jim:
did all steps, now I want to change the mobile password too-should I retype alpine (now for mobile password) and then change to my new selected passwort?
many thanks!!!!
martina
Martina, on November 25th, 2009 at 8:33 am
@ sayam: many thanks for your printscreens!!!!even not-nerds like me can manage it;) hehe
Martina, on November 25th, 2009 at 8:37 am
@sayam is it advisable what JIM said? I mean, changing also the “mobile password”? Please let us know, I’m sure I’m not the only one that would love to know.
Marco Dal Moro, on November 26th, 2009 at 7:17 am
@marco it’s definitely great to do so.
Sayam Aggarwal, on November 26th, 2009 at 8:45 am
The new ssh passwd (which can be up to 80 chars) should not be something easy to crack like the word ’secret’ but rather a phrase that is memorable to the user.
For example, I will never forget the legendary racehorse Red Rum which won the Grand National three times so I might construct a passwd phrase such as ‘redrumataintree’ but make it more difficult to crack by by changing some of the characters to numeric or other special characters e.g. ‘r8drumata1ntr88′.
Hope this helps ward off the bad guys (it is nearly always guys).
John R. Constable, on November 26th, 2009 at 4:08 pm
@martina: If you still ‘are’ root (that is, you see a line in the terminal that ends with root#) you can simply type
passwd mobile
and you don’t have to type the old password (alpine) because you are root already so you have the authority to change other users’ passwords.
If you started a new terminal and you ‘are’ mobile (it says mobile#), you simply type
passwd
and it will first ask for the old password (alpine) before it asks for the new one.
@sayam: It’s not only ‘great’ to change the mobile password, it’s probably also necessary for security. Everyone reads in the newspaper that they should change the root password, so the next hacker WILL attack phones with the standard password for mobile. PLEASE be responsible and adjust your blog post. Many people’s personal data will be saved of you do.
Jim, on November 26th, 2009 at 5:01 pm
i cant seem to b able to type alpine when it ask for the password.. so i cant do anything..
anyone can help?
mattay, on December 8th, 2009 at 7:39 am
mattay,
it doesn’t show the cursor moving when you’re typing the password. Just type it correctly, hit enter and retype it. It should work like a charm!
braxton, on December 16th, 2009 at 1:37 am
I think this is awesome! Sayam, thank you for helping us ‘newbs’ with this and Jim thank you for the further info that we need to change mobile also. I did both and they worked like a charm! I’m really starting to get into the workings of this iPhone and it is fun to me! Thanks y’all! =)
Kimberly, on December 16th, 2009 at 9:32 am
I can’t seem to change my password and I have done all the steps. When I type in “alpine” I get the “sorry” or “su: not correct password”
When it asks for the old password i type in “alpine” and nothing.
yujin, on December 17th, 2009 at 2:35 am
WOrks a treat thanks!!!!!!!!!
Lister, on December 17th, 2009 at 11:00 am
easiest way!!!
http://www.youtube.com/watch?v=wzDB52lKlc8
iCROLT, on December 21st, 2009 at 2:50 pm
I just got a official iPhone 3Gs and I got infected with ikee wallpaper. I did a restore & it seems to have disappeared. This phone was not jailbroken. Do I need to change the SSH password. If I need to how do I do it. I’m not that tech savvy.
Thanks.
Mike, on January 8th, 2010 at 10:46 am
erhhh…It’s back! I checked while iPhone was still connected to my Mac & the ikee wallpaper did not appear but once I disconnect from my Mac, it reappeared! Can I delete the files? How? Thanks a million in advance.
Mike, on January 8th, 2010 at 10:51 am
I follow all the steps and got my password changes, as a precaution i even uninstalled the Open SSH… but the ikee wallpaper would not go away !. i need help please…
Alex, on January 10th, 2010 at 1:36 am
Damn!! This tread can’t be true. Can’t even believe this simple guide had more comment than geohotz’ blacksn0w tread.. Is this complicated for you guys?
Cap1Gab, on January 13th, 2010 at 11:16 am
**alpine**
not alphine
nm, on January 19th, 2010 at 9:29 pm
Thanks for the tip. Glad I decided to google “iphone virus” this morning or I would have never known. Very easy to do reading this. Better safe than sorry.
Thanks again….
Vince, on January 27th, 2010 at 9:47 am
hi still reciving promont on screen : another passwd is running , and cannot do anything
pico, on February 1st, 2010 at 11:53 am