2016-08-28 13:55:39 +00:00
|
|
|
<html><head><title>SimpleSSHD</title>
|
|
|
|
<meta name="HandheldFriendly" content="true"/>
|
2016-08-28 14:11:56 +00:00
|
|
|
<style type="text/css">
|
|
|
|
pre {
|
|
|
|
margin-left: 1em;
|
|
|
|
}
|
|
|
|
</style>
|
2016-08-28 13:55:39 +00:00
|
|
|
</head>
|
2014-12-22 14:06:47 +00:00
|
|
|
<body>
|
2016-08-28 14:11:56 +00:00
|
|
|
<p style="float:right; width:30%;"><img style="width:100%;" src="icon.png"></p>
|
2014-12-22 14:06:47 +00:00
|
|
|
<h1>SimpleSSHD</h1>
|
|
|
|
|
|
|
|
<p>SimpleSSHD is an SSH2 server based on dropbear that supports scp,
|
|
|
|
sftp, and rsync. It only supports public-key based authentication (no
|
2016-10-16 23:12:28 +00:00
|
|
|
password/interactive auth except for bootstrapping). It does not use
|
|
|
|
root, which means it must listen on a port over 1024 (defaults to port
|
|
|
|
2222).</p>
|
2014-12-22 14:06:47 +00:00
|
|
|
|
|
|
|
<h2>Quick start</h2>
|
|
|
|
|
|
|
|
<ul>
|
|
|
|
<li> Install SimpleSSHD.
|
|
|
|
<li> On any computer which will connect to your Android device, set the
|
2016-10-16 23:12:28 +00:00
|
|
|
port to 2222. With OpenSSH, this can be done by putting these lines in
|
2014-12-22 14:06:47 +00:00
|
|
|
<tt>~/.ssh/config</tt>:
|
2016-08-28 14:14:42 +00:00
|
|
|
<pre>
|
2014-12-22 14:06:47 +00:00
|
|
|
Host myphone
|
|
|
|
Port 2222
|
2016-08-28 14:14:42 +00:00
|
|
|
</pre>
|
2016-10-16 23:12:28 +00:00
|
|
|
<li> Launch SimpleSSHD, and in Settings enable "Start on Boot", then
|
2014-12-22 14:06:47 +00:00
|
|
|
manually start it for the first time.
|
2016-10-16 23:12:28 +00:00
|
|
|
<li> Create <tt>/sdcard/ssh/authorized_keys</tt>
|
|
|
|
<li> Optionally make <tt>/sdcard/ssh/.profile</tt>
|
2014-12-22 14:06:47 +00:00
|
|
|
</ul>
|
|
|
|
|
2016-10-16 23:27:54 +00:00
|
|
|
<p>If SimpleSSHD does not find an <tt>authorized_keys</tt> file when a
|
2016-10-16 23:12:28 +00:00
|
|
|
client connects, then it generates a single-use password at that time and
|
|
|
|
displays it in the console log. So the procedure to login the first time
|
|
|
|
is to initiate the ssh connection, then look at the phone and type in the
|
|
|
|
password that is on the screen in the SimpleSSHD app. It is recommended
|
|
|
|
to use that shell session to install the <tt>authorized_keys</tt>
|
|
|
|
file.</p>
|
|
|
|
|
|
|
|
<p>Once <tt>authorized_keys</tt> exists, only public key authentication
|
|
|
|
is supported. If you screw up your <tt>authorized_keys</tt> file, use
|
|
|
|
the options menu (upper right) -> Reset Keys.</p>
|
2014-12-22 14:06:47 +00:00
|
|
|
|
2017-01-24 21:16:26 +00:00
|
|
|
<p>Once you get setup, you may want BusyBox. Check out
|
|
|
|
<a href="https://play.google.com/store/apps/details?id=org.galexander.busybox">SimpleBusyBox</a>.</p>
|
|
|
|
|
2016-10-16 19:04:34 +00:00
|
|
|
<h2>Settings</h2>
|
2014-12-22 14:06:47 +00:00
|
|
|
|
2016-10-16 19:04:34 +00:00
|
|
|
<p>Generally speaking, you must re-start the SimpleSSHD service for any
|
|
|
|
of these settings to take effect.</p>
|
2014-12-22 14:06:47 +00:00
|
|
|
|
2016-10-16 19:04:34 +00:00
|
|
|
<dl>
|
|
|
|
<dt>Start on Boot</dt>
|
|
|
|
<dd>Automatically start the SimpleSSHD service when the phone powers on.</dd>
|
|
|
|
|
|
|
|
<dt>Foreground Service</dt>
|
|
|
|
<dd>Run the SimpleSSHD service as an Android "foreground service." This
|
|
|
|
means a notification will be displayed for the service (you might be able
|
2016-10-16 19:06:27 +00:00
|
|
|
to block the notification by long tapping the notification).
|
|
|
|
On newer versions of Android (since Marshmallow), this may also make
|
|
|
|
SimpleSSHD more responsive if the phone has been in Doze mode. It does
|
|
|
|
not seem to increase battery consumption much.</dd>
|
2016-10-16 19:04:34 +00:00
|
|
|
|
2016-10-16 19:54:06 +00:00
|
|
|
<dt>Start on Open</dt>
|
|
|
|
<dd>Run the SimpleSSHD service whenever the app is launched. The "STOP"
|
|
|
|
button will be replaced with a "QUIT" button that stops the service and
|
|
|
|
exits the app. This is useful if you want to only run the service when
|
|
|
|
you really need it -- start the app to start listening for connections,
|
|
|
|
and then click "QUIT" when you are done.</dd>
|
|
|
|
|
2016-10-16 19:04:34 +00:00
|
|
|
<dt>Port Number</dt>
|
|
|
|
<dd>This is the port number that SimpleSSHD will listen on. It must be
|
|
|
|
greater than 1024 (because SimpleSSHD does not have root).</dd>
|
|
|
|
|
|
|
|
<dt>SSH Path</dt>
|
|
|
|
<dd>Path for general dropbear files, which defaults to
|
2014-12-22 14:06:47 +00:00
|
|
|
<tt>/sdcard/ssh</tt>. Most importantly, this is where
|
|
|
|
<tt>authorized_keys</tt> is found. It is also where host keys wind up
|
2016-10-16 19:04:34 +00:00
|
|
|
(they are created on demand), and where temporary files go. This path
|
|
|
|
should probably be under <tt>/sdcard</tt>.</dd>
|
2014-12-22 14:06:47 +00:00
|
|
|
|
2016-10-16 19:04:34 +00:00
|
|
|
<dt>Login Shell</dt>
|
|
|
|
<dd>Path to the command shell. The default Android shell is
|
2014-12-22 18:35:20 +00:00
|
|
|
<tt>/system/bin/sh</tt>, but you may prefer to use the one that comes with
|
2015-06-21 13:09:42 +00:00
|
|
|
busybox or whatever. If you set it to the su binary (i.e.,
|
2016-10-16 19:04:34 +00:00
|
|
|
<tt>/system/xbin/su</tt>), then scp, sftp, and rsync will run as root and
|
|
|
|
should be able to access files outside of the sdcard.</dd>
|
2015-06-21 13:09:42 +00:00
|
|
|
|
2016-10-16 19:04:34 +00:00
|
|
|
<dt>Buffer hack for rsync+SuperSU</dt>
|
|
|
|
<dd>A bug in SuperSU interacts with an infelicity in rsync to cause an
|
2015-06-21 13:09:42 +00:00
|
|
|
occasional deadlock. This is a real pain because I use SuperSU+rsync
|
|
|
|
for system-wide backups, which will always eventually trigger the
|
|
|
|
deadlock. To work around this, there is a "Buffer hack" option that
|
|
|
|
should be enabled if you use rsync with SuperSU. It adds a miniscule
|
|
|
|
overhead to rsync, but isn't harmful even if you aren't using
|
2016-10-16 19:04:34 +00:00
|
|
|
SuperSU.</dd>
|
2015-06-21 13:09:42 +00:00
|
|
|
|
2016-10-16 19:04:34 +00:00
|
|
|
<dt>Home Directory</dt>
|
|
|
|
<dd>The login shell's home directory, which also defaults
|
2015-06-21 13:09:42 +00:00
|
|
|
to <tt>/sdcard/ssh</tt>. This is where your ssh session starts out, and is
|
2016-10-16 19:04:34 +00:00
|
|
|
where <tt>.profile</tt> will be found if it is present.</dd>
|
2014-12-22 14:06:47 +00:00
|
|
|
|
2016-10-16 19:04:34 +00:00
|
|
|
<dt>Extra Commandline</dt>
|
|
|
|
<dd>You can specify additional commandline options for dropbear server.
|
|
|
|
The options which are hardcoded are:
|
|
|
|
<blockquote><pre>-R -F -p :portno</pre></blockquote>
|
2016-06-19 20:56:07 +00:00
|
|
|
You can use <tt>\</tt> or <tt>"</tt> to escape characters in this
|
2016-10-16 19:04:34 +00:00
|
|
|
commandline.</dd>
|
2014-12-22 14:06:47 +00:00
|
|
|
|
2014-12-22 17:43:16 +00:00
|
|
|
<h2>Change Log</h2>
|
2014-12-22 14:06:47 +00:00
|
|
|
|
|
|
|
<ul>
|
2016-10-17 13:59:19 +00:00
|
|
|
<li> <b>2016/10/17 Version 15:</b> Fix crash on pre-Nougat versions of Android.
|
2016-10-16 23:22:39 +00:00
|
|
|
<li> <b>2016/10/16 Version 14:</b> Support single-use passwords for
|
2016-10-16 23:12:28 +00:00
|
|
|
bootstrapping.
|
2016-10-16 20:13:36 +00:00
|
|
|
<li> <b>2016/10/16 Version 13:</b> Support foreground service (fewer
|
2016-10-16 20:10:52 +00:00
|
|
|
stalls with newer Android). Add "Start on Open" mode.
|
2016-08-28 14:18:11 +00:00
|
|
|
<li> <b>2016/08/08 Version 1.11:</b> Fix stall initializing random number generator.
|
|
|
|
<li> <b>2016/07/22 Version 1.10:</b> Enable TCP port forwarding.
|
|
|
|
<li> <b>2016/07/04 Version 1.9:</b> Restart sshd if the system kills it.
|
|
|
|
<li> <b>2016/06/21 Version 1.8:</b> sftp, rsync, and scp now work on
|
|
|
|
files bigger than 2GB.
|
2016-06-19 20:58:17 +00:00
|
|
|
<li> <b>2016/06/19 Version 1.7:</b> Don't clear environment variables (so
|
|
|
|
you can use <tt>am</tt> or <tt>pm</tt> more easily). Add "Authorized
|
|
|
|
Keys" menu option to help maintain the <tt>authorized_keys</tt> file.
|
2016-08-28 14:18:11 +00:00
|
|
|
<li> <b>2016/06/12 Version 1.6:</b> Fix typo that broke scp/sftp/rsync in
|
|
|
|
version 1.5.
|
|
|
|
<li> <b>2016/06/11 Version 1.5:</b> SuperSU+rsync hack now limits the
|
|
|
|
buffer size to 1MB.
|
|
|
|
<li> <b>2015/11/23 Version 1.4:</b> Don't abort if IP address lookup fails, and make proper "About" menu.
|
|
|
|
<li> <b>2015/06/21 Version 1.3:</b> Hack to make rsync work with SuperSU.
|
|
|
|
<li> <b>2015/01/18 Version 1.2:</b> Displays the IP address it's listening on.
|
|
|
|
<li> <b>2014/12/29 Version 1.1:</b> Works with Lollipop now.
|
|
|
|
<li> <b>2014/12/22 Version 1.0:</b> Initial public release.
|
2014-12-22 14:06:47 +00:00
|
|
|
</ul>
|
|
|
|
|
2014-12-22 17:43:16 +00:00
|
|
|
<h2>About</h2>
|
2014-12-22 14:06:47 +00:00
|
|
|
|
2014-12-22 18:39:19 +00:00
|
|
|
<p>SimpleSSHD is built using parts from open source projects:
|
|
|
|
<a href="https://matt.ucc.asn.au/dropbear/dropbear.html">Dropbear SSH</a>,
|
|
|
|
<a href="http://www.openssh.com/">openssh</a> (for scp and sftp-server),
|
|
|
|
and <a href="http://rsync.samba.org/">rsync</a>. Those projects in turn
|
|
|
|
are built on other projects. A lot of people's work is represented here,
|
|
|
|
and very little of my own.</p>
|
2014-12-22 14:06:47 +00:00
|
|
|
|
|
|
|
<p>But if you find bugs/infelicities, it's probably my fault, so email
|
|
|
|
me:<br>
|
|
|
|
<img src="/email.png"></p>
|
|
|
|
|
2016-08-28 14:11:56 +00:00
|
|
|
<p>To get the source:</p>
|
|
|
|
<pre>git clone http://galexander.org/git/simplesshd.git</pre>
|
2014-12-22 14:06:47 +00:00
|
|
|
|
|
|
|
</body></html>
|