Jul 192008
 

I have just changed the root password on my iPhone from the default (really dumb of Apple to give every iPhone the same root password; it would not be much work to set the default root password from the IMEI or something). Before doing so I googled for appropriate instructions.

Nothing wrong with the technical side of the instructions out there, but none I read made a point of what I would consider basic safety for dealing with changing the root password on a Unix machine. Keep a session open in case things go wrong!

My own instructions for doing the change went along the lines of :-

  1. Open two terminals
  2. Create a new password hash with openssl passwd -crypt -salt "XX" "xyzzy" (obviously change the salt (“XX”) to two characters of your choice, and pick a better password than “xyzzy”!). Keep the output stashed somewhere safe.
  3. In both terminals ssh to the iPhone (ssh root@iphone).
  4. Copy the file /etc/master.passwd to a safe copy /etc/master.passwd.original
  5. Edit /etc/master.passwd and put the stashed has into the second field of root’s entry.
  6. Now exit from the ssh session in one window and try to reconnect with the new password.

If things have gone wrong you will have an open session available to fix things (cp /etc/master.passwd.original /etc/master.passwd would be worth trying) whereas without you are kind of stuck.