In the first post of this howto, I talked you through getting full access to your iPhone and a basic SSH server running. If you haven’t read Part #1 yet, please do so before continuing here. In this post, we will actually get our toolchain setup as well as install a few more useful pieces of software.
The first thing I will talk you through is replacing DropBear. We will install OpenSSH2 onto the phone which will provide us with the full suite of SSH functionality. Follow these simple steps to upgrade:
- Download the openssh iPhone package and extract it into ~/phonedmg/openssh
- Download the iPhone binkit and extract it into ~/phonedmg/binkit
- Fire up iPHUC and run the following commands (you will get an error about the rmdir, ignore it as it did it’s job):
mkdir /etc/ssh2 putfile /Users/(your username)/phonedmg/openssh/etc/ssh2/ssh2_config /etc/ssh2/ssh2_config putfile /Users/(your username)/phonedmg/openssh/etc/ssh2/sshd2_config /etc/ssh2/sshd2_config putfile /Users/(your username)/phonedmg/openssh/usr/bin/scp2 /usr/bin/scp2 putfile /Users/(your username)/phonedmg/openssh/usr/bin/sftp-server2 /usr/bin/sftp-server2 putfile /Users/(your username)/phonedmg/openssh/usr/bin/sftp2 /usr/bin/sftp2 putfile /Users/(your username)/phonedmg/openssh/usr/bin/ssh-add2 /usr/bin/ssh-add2 putfile /Users/(your username)/phonedmg/openssh/usr/bin/ssh-agent2 /usr/bin/ssh-agent2 putfile /Users/(your username)/phonedmg/openssh/usr/bin/ssh-keygen2 /usr/bin/ssh-keygen2 putfile /Users/(your username)/phonedmg/openssh/usr/bin/ssh-probe2 /usr/bin/ssh-probe2 putfile /Users/(your username)/phonedmg/openssh/usr/bin/ssh-signer2 /usr/bin/ssh-signer2 putfile /Users/(your username)/phonedmg/openssh/usr/bin/ssh2 /usr/bin/ssh2 putfile /Users/(your username)/phonedmg/openssh/usr/bin/sshd2 /usr/bin/sshd2 putfile /Users/(your username)/phonedmg/openssh/System/Library/LaunchDaemons/com.sshd.plist /System/Library/LaunchDaemons/com.sshd.plist putfile /Users/(your username)/phonedmg/binkit/usr/bin/scp /usr/bin/scp putfile /Users/(your username)/phonedmg/binkit/bin/ls /usr/bin/ls putfile /Users/(your username)/phonedmg/binkit/usr/lib/libarmfp.dylib /usr/lib/libarmfp.dylib rmdir /System/Library/LaunchDaemons/au.asn.ucc.matt.dropbear.plist
- Now, ssh into your phone (you will be connecting to the dropbear server still) and do the following:
-sh-3.2# chmod 555 /bin/ls /usr/bin/* -sh-3.2# ssh-keygen2 -P -t dsa -c "DSA hostkey" /etc/ssh2/hostkey -sh-3.2# launchctl load /System/Library/LaunchDaemons/com.sshd.plist
- Now reboot your phone and make sure you still have ssh access.
Now that you have a good SSH server on your phone, it’s time to add in a bunch of standard Unix commands. You do this by running the following commands on your Mac:
$ cd ~/phonedmg/binkit $ scp -R bin sbin usr libexec root@(iphone IP):/
After doing this, you should have things like grep, uname, ps, etc on your iPhone. Try them out to be sure. As a quick exercise, now that you have a full blown SSH server on your iPhone and basic apps like vim, you should consider disabling password based authentication and put your SSH key on it. Much more secure, IMHO. If you need help with this, ping me.
The next thing we will do is get our toolchain working. My preference is to build the toolchain from source (easier to keep up to date). This can be time consuming though, so if you are the impatient type, do a Yahoo! search for “iphonetoolchain dmg”. I haven’t tested this approach, so I won’t provide any direct links (as they may rapidly change). To build the toolchain, do the following:
- Create a home for the toolchain source, my suggestion is ~/phonedmg/toolchain and the examples will follow as such.
- Install libstreams onto your box by running:
sudo port install libstreams
- We now need to decrypt the firmware. Due to the fact I am uncertain the legality of posting the firmware encryption key, I am linking you to the instructions here. After decrypting, you should have a file named decrypted.dmg. Mount this disk image.
- Now copy the files inside the mounted disk image into your toolchain directory by doing the following:
mkdir ~/phonedmg/toolchain/heavenly sudo cp -R /Volumes/Heavenly1A543a.UserBundle/* ~/phonedmg/toolchain/heavenly/
- Now checkout the toolchain code from the public subversion repo
cd ~/phonedmg/toolchain svn checkout svn://svn.berlios.de/iphone-binutils/trunk
- Now we need to actually build the toolchain itself. First we:
cd ~/phonedmg/toolchain/trunk ./configure --with-heavenly=/Users/(your username)/phonedmg/toolchain/heavenly/
Then we need to fix a problem in the generated makefile by editing line 34 and making it read:
cd llvm-2.0 && $(MAKE) ENABLE_OPTIMIZED=1 install
and then following that we run _sudo make_ (note the sudo is apparently required).
Now that we have our toolchain setup, let’s build the most useful app I have found so far. This application is a Terminal.app like application for the iPhone. It provides a GUI interface to running shell commands on the phone and is immensely useful for things like SSH (outbound from the phone). The app also has good polish for such an early edition and thus is a good example of what can be done. Follow these steps for getting it running on your iPhone:
- First things first, we need to download the source code to the app. We do this by:
mkdir ~/phonedmg/apps cd ~/phonedmg/apps svn checkout http://mobileterminal.googlecode.com/svn/trunk/ mobileterminal
- Now we need to download a header file, UITextTraitsClientProtocol.h, missing from the toolchain and put it in /Developer/SDKs/iPhone/include/UIKit/
- Next we fake a couple files to make things happy by doing the following:
sudo touch /Developer/SDKs/iPhone/include/UIKit/NSObject.h sudo touch /Developer/SDKs/iPhone/include/LayerKit/NSObject.h
- Now run _make_ and _make package_
- Assuming all goes well (I got some warnings, but it compiled), copy the resulting Terminal.app bundle to your phone:
scp -r Terminal.app root@(iPhone IP):/Applications/
- Now reboot your iPhone and now you should see the new app available to use. Here’s a screenshot of what it looks like:
That completes our howto and I would love to thank the numerous devs around the world who have made all this possible. Now that you have a toolchain and an extremely useful sample app, let’s see what apps you can create! If you make something, please be sure and let me know.
P.S. – A helpful tip in regards to the terminal app, to do a control key sequence use the “bullet” key which can be found by pressing the 123 key, then the #+= key (center far right of that last keyboard). Also, to hide the keyboard, simply tap the screen (and again to bring it back up).
Tags: trouser mac