SSH Over USB: Difference between revisions

From iPhone Development Wiki
No edit summary
No edit summary
Line 3: Line 3:
== SSH over USB using usbmuxd ==
== SSH over USB using usbmuxd ==


You can either download a binary and run that or use a python script. The python script is a lot slower than the binary version. On Linux the python method is mostly deprecated, use the binary version provided by libimobiledevice. There is also a newer solution called gandalf.  
Utilizing <code>iproxy</code>, a component of <code>[[usbmuxd]]</code>, is the preferred (and likely only actively maintained) method of connecting to SSH via USB across iDevices.


=== Using binary ===
=== Installation ===


On Windows, ensure iTunes is installed, then download itunnel_mux_rev71.zip from [https://code.google.com/archive/p/iphonetunnel-usbmuxconnectbyport/downloads Google Code]. Unzip to a directory of choice.
<tabber>
|-|macOS=
With Homebrew:
<pre>brew install libusbmuxd</pre>
With Macports:
<pre>sudo port install libusbmuxd</pre>
|-|Windows=
A compiled version of libimobiledevice+usbmuxd is available [https://github.com/L1ghtmann/libimobiledevice/releases/latest here]. Download the .tar.xz file and extract it using [https://www.7-zip.org/ 7-zip] or a similar program.


On OS X and Linux, install [https://github.com/libimobiledevice/usbmuxd usbmuxd] from your package manager.
You can add this extracted folder to the path by following the walkthrough [https://stackoverflow.com/a/44272417 here]. This will put the iproxy bin on your path.
|-|Linux=
{{#tag:tabber|
Ubuntu=
<pre>
sudo apt-get install usbmuxd
</pre>
{{!}}-{{!}}
Debian=
<pre>
sudo apt-get install usbmuxd
</pre>
{{!}}-{{!}}
openSUSE=
<pre>
sudo zypper install usbmuxd
</pre>
}}
</tabber>


Then:
=== Usage ===


* Windows: Run <code>path/to/itunnel_mux.exe --iport 22 --lport 2222</code>
<tabber>
* OS X/Linux: <code>iproxy 2222 22</code>
|-|macOS/Linux=


Connect to <code>localhost -p 2222</code> as you would over wifi.
Official distributions of usbmuxd will have added the <code>iproxy</code> tool to your path.
 
While the iproxy command can do several things (detailed on the [[usbmuxd]] page), here our usage is very basic:
 
<pre>
iproxy 2222:22
</pre>
 
Where <code>2222</code> is our "local" port, and <code>22</code> is the port on the device we want to forward.
 
We can then connect to the device by running:
 
<code>ssh root@localhost -p 2222</code>
 
(The default password will be `alpine`)
 
|-|Windows=
Assuming you've added the <code>libimobiledevice</code> folder you extracted earlier to your PATH:
 
 
<pre>
iproxy 2222:22
</pre>
 
Where <code>2222</code> is our "local" port, and <code>22</code> is the port on the device we want to forward.
 
We can then connect to the device by running:
 
<code>ssh root@localhost -p 2222</code>
 
You may need to install ssh via Windows to connect to your device.
</tabber>


If you have multiple devices connected, it may be useful to run multiple instances, specifying UDIDs and ports like so:
If you have multiple devices connected, it may be useful to run multiple instances, specifying UDIDs and ports like so:
Line 25: Line 81:
</source>
</source>


==== Making iproxy run automatically in the background on OS X ====
=== Making iproxy run automatically in the background on OS X ===


* Install it with Homebrew (<code>brew install libimobiledevice</code>).
* Install it with Homebrew (<code>brew install libimobiledevice</code>).
Line 81: Line 137:
* You now don't have to run the iproxy binary every time you want to SSH over USB as the iproxy software is always running in the background.
* You now don't have to run the iproxy binary every time you want to SSH over USB as the iproxy software is always running in the background.


=== Using Python ===
== Integration with THEOS ==
Export the following variables in your shell in order to deploy builds to the connected device:
 
<code>export THEOS_DEVICE_IP=localhost
 
export THEOS_DEVICE_PORT=2222
</code>
 
== SSH without password ==
Run the following commands one time and you will not be asked to type your password again.
 
You must create an SSH key with <code>ssh-keygen</code> if you have not created one. A passphrase isn’t required but still recommended. You can use <code>ssh-agent</code> [https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/ as described here] to keep the passphrase in memory and not be prompted for it constantly.


Tested on OS X and Windows.
Then run the following command:
<code>ssh-copy-id root@DEVICE_IP</code>


You will need to have Python installed on your system.
On OS X, ssh-copy-id will need to be installed with <code>brew install ssh-copy-id</code>.


* Get [http://marcansoft.com/blog/iphonelinux/usbmuxd/ usbmuxd] source package and unpack. (Or if the linked usbmuxd package doesn't work, try [http://cgit.sukimashita.com/libusbmuxd.git/ libusbmuxd].)
* Go into folder python-client
* <code>chmod +x tcprelay.py</code>
* Run <code>./tcprelay.py -t 22:2222</code>


Now you can log into your device via <code>ssh mobile@localhost -p 2222</code>
== Alternatives to iproxy ==


The -t switch tells tcprelay to run threaded and allow more than one ssh over the same port.
There are several other methods of connecting to devices, however the ones that still work typically just wrap usbmuxd, and given the simplicity of installation and usage of iproxy, one may find it easier to just use iproxy itself.  


See ./tcprelay.py --help for further options.
However, for a variety of reasons (automation, CI, more convenient integration into another project, or an aversion to CLI tools), one may want to use other tools.  


=== Using gandalf ===
=== Using gandalf ===
Line 104: Line 168:
Instructions on installation and usage can be viewed on the [[Gandalf]] page, or on the project's [https://github.com/onlinemediagroup/ocaml-usbmux README]
Instructions on installation and usage can be viewed on the [[Gandalf]] page, or on the project's [https://github.com/onlinemediagroup/ocaml-usbmux README]


== SSH over USB using the iFunBox GUI (Windows only) ==
=== SSH over USB using the iFunBox GUI (Windows only) ===


This feature only exists in the '''Windows build''' of iFunBox.
This feature only exists in the '''Windows build''' of iFunBox.
Line 111: Line 175:
* Click on "Quick Toolbox," then "USB Tunnel."
* Click on "Quick Toolbox," then "USB Tunnel."
* Assign ports as you see fit.
* Assign ports as you see fit.
== SSH over USB using iPhoneTunnel Menu Bar Application (macOS Intel only) ==
[https://code.google.com/archive/p/iphonetunnel-mac/downloads Google Code Archive]
[https://www.dropbox.com/s/mz4asmq8zc87hvh/iPhoneTunnel.app.zip?dl=0 DropBox Mirror]
# Turn Tunnel On
# Tools -> SSH
== Theos usage ==
Export the following variables in your shell in order to deploy builds to the connected device:
<code>export THEOS_DEVICE_IP=localhost
export THEOS_DEVICE_PORT=2222
</code>
== SSH without password ==
Run the following commands one time and you will not be asked to type your password again.
You must create an SSH key with <code>ssh-keygen</code> if you have not created one. A passphrase isn’t required but still recommended. You can use <code>ssh-agent</code> [https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/ as described here] to keep the passphrase in memory and not be prompted for it constantly.
Then run the following command:
<code>ssh-copy-id root@DEVICE_IP</code>
On OS X, ssh-copy-id will need to be installed with <code>brew install ssh-copy-id</code>.




[[Category:Getting Started]]
[[Category:Getting Started]]

Revision as of 20:05, 29 September 2023

Languages: English • françaisไทย

SSH over USB using usbmuxd

Utilizing iproxy, a component of usbmuxd, is the preferred (and likely only actively maintained) method of connecting to SSH via USB across iDevices.

Installation

With Homebrew: 

brew install libusbmuxd

With Macports: 

sudo port install libusbmuxd

A compiled version of libimobiledevice+usbmuxd is available here. Download the .tar.xz file and extract it using 7-zip or a similar program. You can add this extracted folder to the path by following the walkthrough here. This will put the iproxy bin on your path.

 sudo apt-get install usbmuxd
 

sudo apt-get install usbmuxd


 

sudo zypper install usbmuxd

Usage

Official distributions of usbmuxd will have added the iproxy tool to your path.

While the iproxy command can do several things (detailed on the usbmuxd page), here our usage is very basic: 

iproxy 2222:22

Where 2222 is our "local" port, and 22 is the port on the device we want to forward.

We can then connect to the device by running:

ssh root@localhost -p 2222

(The default password will be `alpine`)

Assuming you've added the libimobiledevice folder you extracted earlier to your PATH: 


iproxy 2222:22

Where 2222 is our "local" port, and 22 is the port on the device we want to forward.

We can then connect to the device by running:

ssh root@localhost -p 2222

You may need to install ssh via Windows to connect to your device.

If you have multiple devices connected, it may be useful to run multiple instances, specifying UDIDs and ports like so: 

iproxy 2222 22 abcdef0123456789abcdef1234567890abcdef12 & \
iproxy 2223 22 9876543210fedcba9876543210fedcba98765432

Making iproxy run automatically in the background on OS X

  • Install it with Homebrew (brew install libimobiledevice).
  • Create the file ~/Library/LaunchAgents/com.usbmux.iproxy.plist with the contents:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>com.usbmux.iproxy</string>
	<key>ProgramArguments</key>
	<array>
		<string>/usr/local/bin/iproxy</string>
		<string>2222</string>
		<string>22</string>
	</array>
	<key>RunAtLoad</key>
	<true/>
	<key>KeepAlive</key>
	<true/>
</dict>
</plist>
  • Run launchctl load ~/Library/LaunchAgents/com.usbmux.iproxy.plist.
  • You now don't have to run the iproxy binary every time you want to SSH over USB as the iproxy software is always running in the background.

If you have several devices you can create a daemon with a specific port for each one.

  • Create a file in ~/Library/LaunchAgents/ but name it using the device UDID, name or an identifier of your choice (like com.usbmux.iproxy.iPhone7,2.plist).
  • Replace UDID_HERE in the following snippet with the device UDID. The label should be unique and is best to match the filename you used.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>com.usbmux.iproxy.iPhone7,2</string>
	<key>ProgramArguments</key>
	<array>
		<string>/usr/local/bin/iproxy</string>
		<string>2222</string>
		<string>22</string>
		<string>UDID_HERE</string>
	</array>
	<key>RunAtLoad</key>
	<true/>
	<key>KeepAlive</key>
	<true/>
</dict>
</plist>
  • Run launchctl load ~/Library/LaunchAgents/FILE_NAME_OF_YOUR_CHOICE.
  • You now don't have to run the iproxy binary every time you want to SSH over USB as the iproxy software is always running in the background.

Integration with THEOS

Export the following variables in your shell in order to deploy builds to the connected device:

export THEOS_DEVICE_IP=localhost

export THEOS_DEVICE_PORT=2222

SSH without password

Run the following commands one time and you will not be asked to type your password again.

You must create an SSH key with ssh-keygen if you have not created one. A passphrase isn’t required but still recommended. You can use ssh-agent as described here to keep the passphrase in memory and not be prompted for it constantly.

Then run the following command: ssh-copy-id root@DEVICE_IP

On OS X, ssh-copy-id will need to be installed with brew install ssh-copy-id.


Alternatives to iproxy

There are several other methods of connecting to devices, however the ones that still work typically just wrap usbmuxd, and given the simplicity of installation and usage of iproxy, one may find it easier to just use iproxy itself.

However, for a variety of reasons (automation, CI, more convenient integration into another project, or an aversion to CLI tools), one may want to use other tools.

Using gandalf

Gandalf is a tool written in OCaml for connecting to a large amount of devices via SSH over USB.

Instructions on installation and usage can be viewed on the Gandalf page, or on the project's README

SSH over USB using the iFunBox GUI (Windows only)

This feature only exists in the Windows build of iFunBox.

  • Get the latest Windows build of iFunBox and install it.
  • Click on "Quick Toolbox," then "USB Tunnel."
  • Assign ports as you see fit.
Retrieved from "https://iphonedev.wiki/index.php?title=SSH_Over_USB&oldid=6107"