iTunnel

updated: 2009-Nov-01

Description
Download
Setup
Problems and (potential) Workarounds

status

2010 September 27 -
An article from Anton Borisov with success in using iTunnel to connect an iPod Touch on a MIPS netbook.
http://linuxgazette.net/177/borisov.html

2010 September 23 -
Amanda Lyn has kindly provided a Belorussian translation of this iTunnel page, linked here: http://www.fatcow.com/edu/itunnel-be/

2009 November 01 -
IMPORTANT! For people who are still using iTunnel, you should consider moving to the usbmuxd project, which now contains functionality which replaces iTunnel. Below is an excerpt from the email Martin S. sent me.

Just wanted you to take the note that the software components around
libiphone have quite evolved and iTunnel functionality has been included
since.

Our usbmuxd daemon implementation [1], with equivalents on Linux and Mac
OS X, bundles a tool named "iproxy" which allows TCP tunneling like
iTunnel, however is more advanced protocol-wise.

This allows multiple connections, multiple devices at the same time, is
available for multiple distributions [2] and works (if compiled) on
Win/Mac/Linux asides from a bunch a other new features (support for new
usbmux protocol etc.).

[1] 
http://marcansoft.com/blog/iphonelinux/usbmuxd/
[2] 
http://matt.colyer.name/projects/iphone-linux/index.php?title=Main_Page

I hope all of you are able to migrate to the new iproxy program, and experience even better and faster tethering! :)

2009 October 11 - development halted for a while
Hi Everybody. First, I want to thank all of the people who have found this little tool to be useful. I originally wrote this just for my own use, and it's amazingly wonderful to find that others are finding it useful too.

Recently, my trusty Thinkpad died a horrible death, and as a result I was forced to buy a new machine. After two weeks of torturous self-debate, I decided to take the dive and get a Mac. I intend to dual boot the machine, using both OSX as well as Linux on it. However, as I've been busy with school recently, I probably won't get around to setting up the dual-boot until Christmas. So, for the time being, work on iTunnel will be halted for a while since it doesn't work under OSX. Hopefully I get get my act together again soon near the holiday season.

2009 September 1 - iTunnel connection problem
iTunnel is still suffering from connection drop problems when transferring large amounts of data over the USB link. I have not had time to investigate this, but it is on my todo list of things to work out.

update, 2009 Septmber 1 - 3GS support added. My sincerest apologies for being so unresponsive to the many of you who have emailed me with info for getting support on the 3GS. Grad school has been kicking my butt, and will continue to do so for the next few months. A new patched version has been released which should support the 3GS. Big thank you to : Jan Chaloupecky, Andrew Kwasik, Wong Hang, Andre Kuhn, and Riccardo Varotto.
update, 2009 July 9 - I have updated my work phone (iPhone 3G) to firmware 3.0. iTunnel appears to be working. Here is the process by which I did the upgrade:
1. upgrade to firmware 3.0 using restore of apple-given IPSW
2. used PwnageTool to pack custom IPSW
3. used iTunes to restore using custom IPSW
4. reboot phone after it has been activated again
5. restore last backup
6. use Cydia to re-install OpenSSH
7. reboot phone again
8. delete ~/.ssh/labphone_known_hosts (depending on your setup) file, otherwise you will get a nasty host identification error.
9. in host terminal, run itunnel
10. in another host terminal, run ssh
11. after a 3 minute delay for the phone to compute a new host key, SSH successfully connected.
12. regular SSH interaction on the command line appears to be working okay. HOWEVER, SCP'ing files seems to be problematic. See below.

2009 July 9 - scp problem
I have upgraded my iPhone 1st Gen and 3G to Firmware 3.0, and iTunnel appears to be working in a limited capacity. SCP'ing files from iPhone to PC seems to work okay, but SCP'ing from PC to iPhone is giving bad packet length errors. I'm investigating this at the moment.

Description

iTunnel is a simple Linux command line program which provides SSH tunnelling over the USB cable to a jailbroken iPhone. I wrote this little tool because I got tired of having to SSH into my iPhone over the WiFi link. SSH proxy, ssh link, and scp all work great.

The current and latest version of iTunnel only supports one client SSH connection at a time. This makes the code much simpler to work with. However, you can still have multiple SSH sessions going into the iPhone by using SSH's channels to multiplex over the one connection.

Much of the iPhone connection code for this project is taken from iFuse project. I didn't make this program link dynamically to the libiphone library because I needed a couple of changes and didn't want to F'-up what they are working on.

The code here is neither pretty nor efficient. :( But it kind of works. Updates come as I fix stuff or make enhancements to my own liking. Feel free to email me for bugs or feature requests. My apologies ahead of time for not replying right away (or at all). jingsu at cs toronto.

Download

iTunnel is LGPL.

version 0.0.9 , source+binary - changes:

This is a minor update which includes support for the 3GS.

version 0.0.5 , source+binary - changes:

This is a minor update where I added the option to NOT reset the USB connection after each subsequent SSH connect/close. You can now give the -noreset command-line option to supress the reset. Otherwise, everything else is the same.

version 0.0.4 , source+binary - changes:

Thanks to Lance Fetters I have stripped iTunnel down to be a single-client server, which helps significantly simplify the code. You can still make multiple SSH connections using the SSH channel tunneling described in the setup section.
Fixed the code so that the server resets the USB connection after every master connection close. Hopefully this fixes the problem where after the first connection closes, subsequent connections fail to connect.
TODO: this still uses code taken from the libiphone project instead of just linking to libiphone. Hopefully I'll get this all cleaned up soon.

Lance Fetters mod, source+binary tgz

Lance Fetters fixed several stability issues with the 0.0.2 version, as well as significantly simplifying the itunnel code. This modified version relies on git development branch of libiphone, and only supports one SSH connection. I haven't had a chance to merge in with Lance's version here so give this a shot if you're having problems with the current version I'm using.

version 0.0.2 , source+binary tgz

use this version if you REALLY need itunnel to support multiple SSH connections.

Setup

running the tunnel

The binary is pretty simple:
itunnel [port]

Depending on your system's settings, you may have to run itunnel as root user. The port parameter is optional, and defaults to 3023.

To stop the tunnel, close all client connections and press "CTRL-C". The tunnel should clean up and quit.

SOCKS proxy SSH connection

First, run the tunnel. Next, open an SSH connection by calling ssh on the localhost at the itunnel server port. You can (should) run this as your regular user account. We also give the SOCKS proxy flag and specify the SOCKS port.

    ssh -D 9000 -p 3023 127.0.0.1

9000 represents the SOCKS port, and you can change that to whatever you want. 3023 is the default listening port for iTunnel, and you can change that to whatever you want as well, as long as you also change it as a command-line argument when you launch itunnel.

Edit your firefox network connection preferences with:
SOCKS proxy: 127.0.0.1 port: 9000
remember to leave all the other proxy options EMPTY.

Finally, you need to make Firefox send DNS queries through the proxy.
In about:config, set: network.proxy.socks_remote_dns=true.

done!

configuring SSH for convenience

For convenience, you can configure the default settings in your ~/.ssh/config file. Since I'm really bad with describing things, I'll show by example instead. Here is the example entry from my config:

Host myphone
        HostName 127.0.0.1
        Port 3023
        User mobile
        ControlMaster auto
        ControlPath /tmp/master-%r@%h:%p
        ServerAliveInterval 300 
        UserKnownHostsFile ~/.ssh/myphone_known_hosts
        RemoteForward 2202 localhost:22

Host labphone
        HostName 127.0.0.1
        Port 3023
        User mobile
        ControlMaster auto
        ControlPath /tmp/master-%r@%h:%p
        ServerAliveInterval 300 
        UserKnownHostsFile ~/.ssh/labphone_known_hosts

Here I have two entries for the two iPhones that I work with. One is my personal phone (myphone) and the other is my work phone which I do some development and experiments on (labphone). Because both of them instruct SSH to connect to localhost at port 3023, SSH can give warnings about differing host keys. The UserKnownHostsFile instructs SSH to save the known host keys to a different file for these two names, so that I don't get that error. Just as long as I remember to call the right name depending on which device I hook up.

The above config also illustrates how to set up the channel tunneling for allowing multiple connections (Thanks to Lance Fetters for pointing this out to me). With this turned on you can call as many SSH connections as you want, and they'll all automatically multiplex over the one connection.

Finally, I specified a remote forward in the myphone config, which is helpful on occassion if you want to scp a file from the host from within the phone.

Problems and (potential) Workarounds

After the primary SSH connection terminates, the tunnel fails to fully close and reset.: This is a known bug and I'm working to track it down. However, if on the tunnel's output you see that the client connection has closed and client thread terminated but for some reason the server doesn't reset, just hit CTRL-C on the tunnel and wait for it to terminate. Re-run the terminal again and it should work fine.
After hitting CTRL-C, the tunnel fails to terminate: This is also a known bug that seems to pop up once in a while and I haven't tracked it down yet. If you send the tunnel a nice kill, either by sending it a kill signal or doing a C-z,kill %1 in bash, it should properly clean up and quit.
After closing the tunnel, disconnecting the USB cable causes the iPhone to reboot: I haven't been able to reproduce this bug. If you experience this, please send me some details on your system like any unusual dmesg output, kernel version, libusb version, and I'll see if I can track it down.

TODO:

clean up this web page
figure out how to stop USB charging, while tethered over USB