Archive for October, 2010

What are the username and password to access my iPhone and iPad via SSH?

Friday, October 22nd, 2010
Listen to me!
Audio MP3
download mp3

As jailbreaking procedures are now legalised, we can freely speak about jailbroken iPhones.

After jailbreaking your iPhone or iPad one useful Cydia package that you may want to install, is OpenSSH that gives you access via remote console (shell) to the entire iOS (iPhoneOS) system.

Once installed OpenSSH via Cydia the first thing you want to do is to log in to the system via an SSH connection, the first question that arise is “how do I log in since I did not create any user account?”.

Unfortunately the answer is too easy (as it consists in a security hole),  Apple has defined by default these users:

user: root (with superuser/administrator privileges)
password: alpine
user: mobile (limited user privileges)
password: dottie

As said this consists in a security threat because as soon as you install the OpenSSH service your iPhone is exposed to unexpected access by anyone that is aware of this default configuration.

Of course we cannot blame Apple for such ‘threat’ as Apple doesn’t give is acknowledgement to install OpenSSH (this is the reason why you find it in Cydia).

Fortunately it exists an easy fix that any unix administrator knows, CHANGE THE PASSWORD! This is a task that you can easily accomplish logging in as root via any SSH client and make use of the command ‘passwd‘ to change the root’s password and then force the change of password for the user mobile as well:

# passwd mobile

Where to download the iPhone firmwares

Tuesday, October 19th, 2010

This is the list of the iPhone firmwares (iPhoneOS, iOS) available up to now.

Before downloading it may be better to disable the unzip feature of Safari to avoid the IPSW files to be corrupted.

1.0.0: iPhone1,1_1.0_1A543a_Restore.ipsw
1.0.1: iPhone1,1_1.0.1_1C25_Restore.ipsw
1.0.2: iPhone1,1_1.0.2_1C28_Restore.ipsw
1.1.1: iPhone1,1_1.1.1_3A109a_Restore.ipsw
1.1.2: iPhone1,1_1.1.2_3B48b_Restore.ipsw
1.1.3: iPhone1,1_1.1.3_4A93_Restore.ipsw
1.1.4: iPhone1,1_1.1.4_4A102_Restore.ipsw
2.0.0 (2G): iPhone1,1_2.0_5A347_Restore.ipsw
2.0.0 (3G): iPhone1,2_2.0_5A347_Restore.ipsw
2.0.1 (2G): iPhone1,1_2.0.1_5B108_Restore.ipsw
2.0.1 (3G): iPhone1,2_2.0.1_5B108_Restore.ipsw
2.0.2 (2G): iPhone1,1_2.0.2_5C1_Restore.ipsw
2.0.2 (3G): iPhone1,2_2.0.2_5C1_Restore.ipsw
2.1.0 (2G): iPhone1,1_2.1_5F136_Restore.ipsw
2.1.0 (3G): iPhone1,2_2.1_5F136_Restore.ipsw
2.2.0 (2G): iPhone1,1_2.2_5G77_Restore.ipsw
2.2.0 (3G): iPhone1,2_2.2_5G77_Restore.ipsw
2.2.1 (2G): iPhone1,1_2.2.1_5H1_Restore.ipsw
2.2.1 (3G): iPhone1,2_2.2.1_5H11_Restore.ipsw
3.0.0 (2G): iPhone1,1_3.0_7A341_Restore.ipsw
3.0.0 (3G): iPhone1,2_3.0_7A341_Restore.ipsw
3.0.0 (3GS): iPhone2,1_3.0_7A341_Restore.ipsw
3.0.1 (2G): iPhone1,1_3.0.1_7A400_Restore.ipsw
3.0.1 (3G): iPhone1,2_3.0.1_7A400_Restore.ipsw
3.0.1 (3GS): iPhone2,1_3.0.1_7A400_Restore.ipsw
3.1.0 (2G): iPhone1,1_3.1_7C144_Restore.ipsw
3.1.0 (3G): iPhone1,2_3.1_7C144_Restore.ipsw
3.1.0 (3GS): iPhone2,1_3.1_7C144_Restore.ipsw
3.1.2 (2G): iPhone1,1_3.1.2_7D11_Restore.ipsw
3.1.2 (3G): iPhone1,2_3.1.2_7D11_Restore.ipsw
3.1.2 (3GS): iPhone2,1_3.1.2_7D11_Restore.ipsw
3.1.3 (2G): iPhone1,1_3.1.3_7E18_Restore.ipsw
3.1.3 (3G): iPhone1,2_3.1.3_7E18_Restore.ipsw
3.1.3 (3GS): iPhone2,1_3.1.3_7E18_Restore.ipsw
4.0.0 (3G): iPhone1,2_4.0_8A293_Restore.ipsw
4.0.0 (3GS): iPhone2,1_4.0_8A293_Restore.ipsw
4.0.0 (4): iPhone3,1_4.0_8A293_Restore.ipsw
4.0.1 (3G): iPhone1,2_4.0.1_8A306_Restore.ipsw
4.0.1 (3GS): iPhone2,1_4.0.1_8A306_Restore.ipsw
4.0.1 (4): iPhone3,1_4.0.1_8A306_Restore.ipsw
4.0.2 (3G): iPhone1,2_4.0.2_8A400_Restore.ipsw
4.0.2 (3GS): iPhone2,1_4.0.2_8A400_Restore.ipsw
4.0.2 (4): iPhone3,1_4.0.2_8A400_Restore.ipsw
4.1.0 (3G): iPhone1,2_4.1_8B117_Restore.ipsw
4.1.0 (3GS): iPhone2,1_4.1_8B117_Restore.ipsw
4.1.0 (4): iPhone3,1_4.1_8B117_Restore.ipsw

*This list has been borrowed from iClarified.com

What to do if the AFP service needs to be restarted periodically?

Saturday, October 16th, 2010
Listen to me!
Audio MP3
download mp3

Recently, after upgrading my Mac Mini Core 2 Duo (turned into server) to Snow Leopard Server 10.6.4, I started experiencing a very annoying problem, the AFP service was periodically stopping to share the chosen folders (Shared Points) to the clients.

I noticed that this is sometimes related with the server resources and performance.
For instance the AFP may stop working properly during intensive file transfer such remote backup via TimeMachine or when another service is keep the CPU at 100% usage.
It especially happens in my MacMini as the RAM is limited to only 1GB and then a lot of disk activity is generated for swapping.

Basically the service is not crashed or discontinued, the AFP server process is still running and still allows the users to log in from any workstation connected, the problem is that once logged in the users is able to see only its own home folder but all the other Shared Points configured in the Server Admin control panel are not listed.q

The solution has been for a long while to periodically monitor the service and when I noticed the misbehaviour I restarted the service and in a few second the users were able to connect to all the shared points again.

I wasn’t happy with this inelegant solution, so when I had a little of spare time I investigated better the problem and I found an old thread on the Apple Support page, it was describing the same issue performing on Leopard server 10.5 series:

http://discussions.apple.com/message.jspa?messageID=6145016

Apparently for the Leopard server the solution is a little tricky and involve a script that periodically toggle the Guest Account access option.

Then the idea, EUREKA! CARAMBA! I had a little check and I found that for security reasons I disabled the access for the Guest Account.

The Solution has been quite fast, I enabled again the Guest Access to the AFP service from the Server Admin, AFP service, Settings panel, Access tab (as shown in the picture below). This fix is still woking for me and the service never stopped again!

AFP_Settings_Access_GuestAccess

AFP_Settings_Access_GuestAccess_Toggle

Anyway I wanted to prevent access to the Shared Points of the AFP services to the Guest Account so I disable the Guest Account specifically for each Shared Point.

From the Server Admin, AFP service, Shared Point panel, I selected the Shared Points individually, I accessed the Protocol Options and I disabled the Guest Access toggle (as shown in the picture).

AFP SharedPoint GuestAccess Toggle

AFP SharedPoint GuestAccess Toggle

Doing so I allow the Guest Access to log in to the AFP service but I prevent it to use any Shared Point (shared directory). For further security it’s possible to limit the access to the AFP service to a selected number of user groups (they must NOT include the Guest account as their member) through the Services Access settings of the Server Admin tool, according to my experience this is as a ‘best practice’ operation that we should apply in most of the AFP servers we set up.

Please feel free to reply this thread if you have found better solutions to this issue.

How-To open multiple instances of an application with OS X

Sunday, October 10th, 2010
Listen to me!
Audio MP3

download mp3
It happened to me to have the need to run at the same time the Skype application in Mac OS X  being logged with two different accounts, this was needed to test the messaging and file sharing capabilities or simply to be able to receive calls on two different accounts or registered numbers at the same time.

That practice is not actually permitted with the current version of Skype for Mac OS X (Skype Version 2.8.0.251) so I had to find a DIY solution.

At the beginning I tried to copy the application bundle and launch it, wishing that the system was recognising this as a distinct application but unfortunately that didn’t work and Mac OS X was complaining that the application was already running and it could not open a second instance of it (due to a conflict of resources).

I then started wondering why in GNU/Linux (that is a not-so-far cousin of Mac OS X UNIX subsystem), wasn’t that difficult to launch from command-line a second instance of an application, so it came to my mind the ‘open’ command that sometimes I use with AppleScript to launch some applications.

Reading the manual of ‘open’ I discovered these two ‘magical’ options:

  • The ‘-n’ option, that guarantees the opening of a new instance of the application;
  • The ‘-a’ option, that permits to specify the name of an application without the bundle extension ‘.app’ and without specifying the absolute path of the application (that in this case would generally be ‘/Applications/Skype.app’;

I ended up with this ‘best solution’ to open a second (or further) copy of an application with Mac OS X using the given CLI command ‘open’ as follows:

# open -na <application_name>