Skip to content

[Tutorial] How to only allow SSH for RooT

Jump to bottom Edit New page
CyberBlaed edited this page Oct 23, 2020 · 1 revision

Why would you want to do this?

Mobile still has some power and depending on your tweaks it can ldrestart your device etc.

e.g. any tweak that can ldrestart your device from the CC has a binary added that allows mobile to ldrestart, you probably didn‘t know that

You don‘t have to set a password for mobile since it‘s impossible to ssh into your device using anything other than root.

There are 2 ways, one whitelists groups and one whitelists users. Whitelisting users is easier.

Before starting make a snapback root snapshot, just in case something goes wrong.

Whitelisting users

Go to /etc/ssh/sshd_config and add

AllowUsers root

That‘s it

Whitelisting groups

go to /etc/group and type

TEST:*:502:root

below

staff:*:20:root

you can name TEST anything you want

go to /etc/ssh/sshd_config and add

AllowGroups TEST

to the bottom.

TEST must be named the same as in step 1

You‘re done. Try to ssh into your device using mobile, it won‘t work no matter what password you enter.

If I have explained anything incorrectly, correct me.

Credit/Source: https://www.reddit.com/r/jailbreak/comments/jfjqiw/tutorial_how_to_only_allow_ssh_for_root/

Add a custom footer
Add a custom sidebar

Clone this wiki locally