launch_daemons: Readd dropbear back as default in all variants (#155)

README.md

@@ -181,7 +181,8 @@ make boot
 In a separate terminal, start iproxy tunnels:
 
 ```bash
-iproxy 2222 22       # SSH (JB: requires openssh-server from Sileo; Regular/Dev: dropbear)
+iproxy 22222 22222   # SSH (dropbear)
+iproxy 2222 22       # SSH (JB: if you install openssh-server from Sileo)
 iproxy 5901 5901     # VNC
 iproxy 5910 5910     # RPC
 ```

docs/README_ja.md

@@ -181,7 +181,8 @@ make boot
 別のターミナルで iproxy トンネルを開始します：
 
 ```bash
-iproxy 2222 22       # SSH（脱獄版：Sileo から openssh-server が必要；通常版/開発版：dropbear）
+iproxy 22222 22222   # SSH（dropbear）
+iproxy 2222 22       # SSH（脱獄版：Sileo で openssh-server を入れた場合）
 iproxy 5901 5901     # VNC
 iproxy 5910 5910     # RPC
 ```

docs/README_ko.md

@@ -181,7 +181,8 @@ make boot
 별도의 터미널에서 iproxy 터널을 시작합니다:
 
 ```bash
-iproxy 2222 22       # SSH (탈옥: Sileo에서 openssh-server 설치 필요; 일반/개발: dropbear)
+iproxy 22222 22222   # SSH (dropbear)
+iproxy 2222 22       # SSH (탈옥: Sileo에서 openssh-server를 설치한 경우)
 iproxy 5901 5901     # VNC
 iproxy 5910 5910     # RPC
 ```

docs/README_zh.md

@@ -181,7 +181,8 @@ make boot
 在另一个终端中启动 iproxy 隧道：
 
 ```bash
-iproxy 2222 22       # SSH（越狱版：需从 Sileo 安装 openssh-server；常规版/开发版：dropbear）
+iproxy 22222 22222   # SSH（dropbear）
+iproxy 2222 22       # SSH（越狱版：在 Sileo 中安装 openssh-server 后）
 iproxy 5901 5901     # VNC
 iproxy 5910 5910     # RPC
 ```

scripts/cfw_install.sh

@@ -478,7 +478,7 @@ cp "$TEMP_DIR/vphoned" "$VM_DIR/.vphoned.signed"
 echo "  [+] vphoned installed (signed copy at .vphoned.signed)"
 
 # Send daemon plists (overwrite on re-run)
-for plist in bash.plist trollvnc.plist rpcserver_ios.plist; do
+for plist in bash.plist dropbear.plist trollvnc.plist rpcserver_ios.plist; do
     scp_to "$INPUT_DIR/jb/LaunchDaemons/$plist" "/mnt1/System/Library/LaunchDaemons/"
     ssh_cmd "/bin/chmod 0644 /mnt1/System/Library/LaunchDaemons/$plist"
 done
@@ -518,6 +518,7 @@ rm -f "$TEMP_DIR/seputil" \
 echo ""
 echo "[+] CFW installation complete!"
 echo "    Reboot the device for changes to take effect."
+echo "    After boot, SSH will be available on port 22222 (password: alpine)"
 
 if [[ "$CFW_SKIP_HALT" == "1" ]]; then
     echo "[*] CFW_SKIP_HALT=1, skipping halt."

scripts/cfw_install_dev.sh

@@ -477,7 +477,7 @@ cp "$TEMP_DIR/vphoned" "$VM_DIR/.vphoned.signed"
 echo "  [+] vphoned installed (signed copy at .vphoned.signed)"
 
 # Send daemon plists (overwrite on re-run)
-for plist in bash.plist trollvnc.plist rpcserver_ios.plist; do
+for plist in bash.plist dropbear.plist trollvnc.plist rpcserver_ios.plist; do
     scp_to "$INPUT_DIR/jb/LaunchDaemons/$plist" "/mnt1/System/Library/LaunchDaemons/"
     ssh_cmd "/bin/chmod 0644 /mnt1/System/Library/LaunchDaemons/$plist"
 done
@@ -517,6 +517,7 @@ rm -f "$TEMP_DIR/seputil" \
 echo ""
 echo "[+] CFW installation complete!"
 echo "    Reboot the device for changes to take effect."
+echo "    After boot, SSH will be available on port 22222 (password: alpine)"
 
 if [[ "$CFW_SKIP_HALT" == "1" ]]; then
     echo "[*] CFW_SKIP_HALT=1, skipping halt."

scripts/cfw_install_jb.sh

@@ -368,5 +368,6 @@ rm -f "$TEMP_DIR/launchd" \
 echo ""
 echo "[+] CFW + JB installation complete!"
 echo "    Reboot the device for changes to take effect."
+echo "    After boot, SSH will be available on port 22222 (password: alpine)"
 
 ssh_cmd "/sbin/halt" || true

scripts/patchers/cfw.py

@@ -24,7 +24,7 @@ Commands:
         Patch launchd jetsam panic guard to avoid initproc crash loop.
 
     inject-daemons <launchd.plist> <daemon_dir>
-        Inject bash/trollvnc into launchd.plist.
+        Inject bash/dropbear/trollvnc into launchd.plist.
 
     inject-dylib <binary> <dylib_path>
         Inject LC_LOAD_DYLIB into Mach-O binary (thin or universal).

scripts/patchers/cfw_asm.py

@@ -25,7 +25,7 @@ Commands:
         Patch launchd jetsam panic guard to avoid initproc crash loop.
 
     inject-daemons <launchd.plist> <daemon_dir>
-        Inject bash/trollvnc into launchd.plist.
+        Inject bash/dropbear/trollvnc into launchd.plist.
 
     inject-dylib <binary> <dylib_path>
         Inject LC_LOAD_DYLIB into Mach-O binary (thin or universal).
@@ -205,4 +205,3 @@ def find_symbol_va(data, name_fragment):
 # 1. seputil — Gigalocker UUID patch
 # ══════════════════════════════════════════════════════════════════
 
-

scripts/patchers/cfw_daemons.py

@@ -37,14 +37,14 @@ def parse_cryptex_paths(manifest_path):
 
 
 def inject_daemons(plist_path, daemon_dir):
-    """Inject bash/trollvnc entries into launchd.plist."""
+    """Inject bash/dropbear/trollvnc entries into launchd.plist."""
     # Convert to XML first (macOS binary plist -> XML)
     subprocess.run(["plutil", "-convert", "xml1", plist_path], capture_output=True)
 
     with open(plist_path, "rb") as f:
         target = plistlib.load(f)
 
-    for name in ("bash", "trollvnc", "vphoned", "rpcserver_ios"):
+    for name in ("bash", "dropbear", "trollvnc", "vphoned", "rpcserver_ios"):
         src = os.path.join(daemon_dir, f"{name}.plist")
         if not os.path.exists(src):
             print(f"  [!] Missing {src}, skipping")
@@ -65,4 +65,3 @@ def inject_daemons(plist_path, daemon_dir):
 # CLI
 # ══════════════════════════════════════════════════════════════════
 
-

scripts/setup_machine.sh

@@ -488,6 +488,10 @@ send_first_boot_commands() {
     "export PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin/X11:/usr/games:/iosbinpack64/usr/local/sbin:/iosbinpack64/usr/local/bin:/iosbinpack64/usr/sbin:/iosbinpack64/usr/bin:/iosbinpack64/sbin:/iosbinpack64/bin'"
     "cp /iosbinpack64/etc/profile /var/profile"
     "cp /iosbinpack64/etc/motd /var/motd"
+    # generate SSH host keys (required for SSH to work)
+    mkdir -p /var/dropbear
+    dropbearkey -t rsa -f /var/dropbear/dropbear_rsa_host_key
+    dropbearkey -t ecdsa -f /var/dropbear/dropbear_ecdsa_host_key
     "shutdown -h now"
   )