Especially one based off of FOS code!

OSX was based on BSD and people don't mind paying for OSX...

I wonder if it would be against the NDA to write and distribute a targeted parser/rewriter that transforms a particular bit of FOSS code to something that runs on the iPhone?

You wouldn't be distributing your iPhone app's code. You wouldn't be distributing the FOSS code -- presumably it's already being distributed by someone else. What you would be distributing the source code for wouldn't be running on the iPhone.

Especially when you can just install a free ajax version on your own server, and access that from the iphones browser.

Eh, that might not be a good idea...

Erm why? https, password protected interface to an ssh webapp?

I see two major flaws with this approach. First, it's invasive. You have to open an additional hole in your network to allow traffic into the app, which makes your network inherently less secure. Second, unless you do an audit of the source, there are no guarantees as to the security of the app itself. This app of unknown reliability would be acting as a 24/7 gatekeeper into your network.

You could hide it behind VPN, I guess, but that kinda defeats the purpose of secure shell.

#2 also applies to a locally installed SSH app.

Not really. OpenSSH is a battle-tested ssh server. You can be resonably sure that opening it to the world will not compromise your network. Not so of this ajax ssh app. Basically it's a question of exposure. Am I comfortable exposing OpenSSH? Yes. Ajax ssh app? No way. Not without further testing and widespread acceptance.

Yes, really. Your statement was:

" Second, unless you do an audit of the source, there are no guarantees as to the security of the app itself. "

That applies to OpenSSH. Yes, you can trust it more as many other people use it. Are there guarantees (your words, not mine) as to its security? No.

With OpenSSH's recent fuckups, it's a good time to keep that in mind.

Cydia already has a terminal emulator and SSH (and nc if you need it) too.