mirror of
http://galexander.org/git/simplesshd.git
synced 2024-12-28 00:48:07 +00:00
use app-private path for home/ssh directory by default, and make a menu
option to Copy App-private Path
This commit is contained in:
parent
8fd055940e
commit
906d6a30ef
27
NOTES
27
NOTES
@ -621,9 +621,30 @@ READ_EXTERNAL_STORAGE, so long as I explicitly request
|
||||
WRITE_EXTERNAL_STORAGE.
|
||||
|
||||
|
||||
XXX - make sure to create the app-private files/ on first startup
|
||||
XXX - add options menu "copy app-private path", or something
|
||||
XXX - change default from /sdcard/ssh to app-private/files for new installs, or something
|
||||
May 19, 2018.
|
||||
|
||||
Michael Mess wrote to let me know that he can't use authorized_keys file
|
||||
because the /sdcard/ssh/authorized_keys file is group-readwritable. I
|
||||
know regular OpenSSH on a PC does complain if the authorized_keys file is
|
||||
world-writable, so this made sense to me. He says it is a security flaw,
|
||||
but really, it is not, because any app that can run code and write to
|
||||
/sdcard/ssh already has all of the permissions that SimpleSSHD has
|
||||
(except network, but whatever) -- it isn't escalation, just a horizontal
|
||||
spreading.
|
||||
|
||||
He suggested moving the SSH config into app-private, which is something
|
||||
I've been toying with anyways.
|
||||
|
||||
So after some internal debate, I decided to do two changes:
|
||||
|
||||
* add "Copy app-private path" to the options menu, which brings up a
|
||||
dialog showing the app-private path, with an option "Copy" to put it
|
||||
in the clipboard.
|
||||
* make the default for new installs for "home" and "path" be the
|
||||
app-private dir
|
||||
|
||||
I look forward to seeing if anyone complains about it.
|
||||
|
||||
|
||||
XXX - upgrade project.properties to android-26
|
||||
XXX - call checkSelfPermission/requestPermission to get WRITE_EXTERNAL_STORAGE
|
||||
|
@ -29,8 +29,8 @@ Port 2222
|
||||
</pre>
|
||||
<li> Launch SimpleSSHD, and in Settings enable "Start on Boot", then
|
||||
manually start it for the first time.
|
||||
<li> Create <tt>/sdcard/ssh/authorized_keys</tt>
|
||||
<li> Optionally make <tt>/sdcard/ssh/.profile</tt>
|
||||
<li> Create <tt>authorized_keys</tt> in the home directory
|
||||
<li> Optionally make <tt>.profile</tt>
|
||||
</ul>
|
||||
|
||||
<p>If SimpleSSHD does not find an <tt>authorized_keys</tt> file when a
|
||||
@ -45,6 +45,15 @@ file.</p>
|
||||
is supported. If you screw up your <tt>authorized_keys</tt> file, use
|
||||
the options menu (upper right) -> Reset Keys.</p>
|
||||
|
||||
<p>The default home directory is now the app-private directory, which
|
||||
will generally be something like
|
||||
<tt>/data/data/org.galexander.sshd/files</tt>, but may vary depending on
|
||||
your device. Use options menu -> Copy App-private Path to view the path
|
||||
or copy it onto the clipboard. A nice feature of the app-private
|
||||
directory is it generally supports the full range of Unix of file
|
||||
permissions, including execute! A disadvantage is that these files all
|
||||
disappear if you uninstall SimpleSSHD.</p>
|
||||
|
||||
<p>Once you get setup, you may want BusyBox. Check out
|
||||
<a href="https://play.google.com/store/apps/details?id=org.galexander.busybox">SimpleBusyBox</a>.</p>
|
||||
|
||||
@ -77,8 +86,10 @@ and then click "QUIT" when you are done.</dd>
|
||||
greater than 1024 (because SimpleSSHD does not have root).</dd>
|
||||
|
||||
<dt>SSH Path</dt>
|
||||
<dd>Path for general dropbear files, which defaults to
|
||||
<tt>/sdcard/ssh</tt>. Most importantly, this is where
|
||||
<dd>Path for general dropbear files, which now defaults to
|
||||
the app-private directory (usually something like
|
||||
<tt>/data/data/org.galexander.sshd/files</tt>).
|
||||
Most importantly, this is where
|
||||
<tt>authorized_keys</tt> is found. It is also where host keys wind up
|
||||
(they are created on demand), and where temporary files go. This path
|
||||
should probably be under <tt>/sdcard</tt>.</dd>
|
||||
@ -106,8 +117,9 @@ SuperSU.</dd>
|
||||
|
||||
<dt>Home Directory</dt>
|
||||
<dd>The login shell's home directory, which also defaults
|
||||
to <tt>/sdcard/ssh</tt>. This is where your ssh session starts out, and is
|
||||
where <tt>.profile</tt> will be found if it is present.</dd>
|
||||
to the app-private directory.
|
||||
This is where your ssh session starts out, and is where <tt>.profile</tt>
|
||||
will be found if it is present.</dd>
|
||||
|
||||
<dt>Extra Commandline</dt>
|
||||
<dd>You can specify additional commandline options for dropbear server.
|
||||
@ -158,6 +170,8 @@ harmless.
|
||||
<h2>Change Log</h2>
|
||||
|
||||
<ul>
|
||||
<li> <b>2018/05/19 Version 19:</b> Use the app-private directory by
|
||||
default on new installs for the SSH/home dir.
|
||||
<li> <b>2018/05/16 Version 18:</b> Use correct idiom for <tt>su</tt> as a
|
||||
login shell (so busybox <tt>su</tt> can work). Add environment variables
|
||||
to settings.
|
||||
|
@ -3,6 +3,8 @@
|
||||
<item android:id="@+id/settings"
|
||||
android:icon="@android:drawable/ic_menu_manage"
|
||||
android:title="Settings" />
|
||||
<item android:id="@+id/copypriv"
|
||||
android:title="Copy App-private Path" />
|
||||
<item android:id="@+id/resetkeys"
|
||||
android:icon="@android:drawable/ic_secure"
|
||||
android:title="Reset Keys" />
|
||||
|
@ -24,7 +24,7 @@
|
||||
android:key="path"
|
||||
android:title="SSH Path"
|
||||
android:summary="Location of misc dropbear files (put authorized_keys here)."
|
||||
android:defaultValue="/sdcard/ssh" />
|
||||
android:defaultValue="/xxx" />
|
||||
<EditTextPreference
|
||||
android:key="shell"
|
||||
android:title="Login Shell"
|
||||
@ -38,7 +38,7 @@
|
||||
android:key="home"
|
||||
android:title="Home Directory"
|
||||
android:summary="Default directory after login (put .profile here)."
|
||||
android:defaultValue="/sdcard/ssh" />
|
||||
android:defaultValue="/xxx" />
|
||||
<EditTextPreference
|
||||
android:key="extra"
|
||||
android:title="Extra Commandline"
|
||||
|
@ -10,6 +10,7 @@ public class Prefs {
|
||||
public static void init(Context c) {
|
||||
if (pref == null) {
|
||||
pref = PreferenceManager.getDefaultSharedPreferences(c);
|
||||
set_defaults();
|
||||
}
|
||||
}
|
||||
|
||||
@ -35,13 +36,13 @@ public class Prefs {
|
||||
return ret;
|
||||
}
|
||||
public static String get_path() {
|
||||
return pref.getString("path", "/sdcard/ssh");
|
||||
return pref.getString("path", SimpleSSHD.app_private);
|
||||
}
|
||||
public static String get_shell() {
|
||||
return pref.getString("shell", "/system/bin/sh");
|
||||
}
|
||||
public static String get_home() {
|
||||
return pref.getString("home", "/sdcard/ssh");
|
||||
return pref.getString("home", SimpleSSHD.app_private);
|
||||
}
|
||||
public static String get_extra() {
|
||||
return pref.getString("extra", "");
|
||||
@ -50,7 +51,21 @@ public class Prefs {
|
||||
return pref.getString("env", "");
|
||||
}
|
||||
|
||||
public static SharedPreferences.Editor edit() {
|
||||
return pref.edit();
|
||||
/* NB - other defaults can be filled in by either Prefs or Settings as
|
||||
* needed */
|
||||
private static void set_defaults() {
|
||||
boolean need_path = (pref.getString("path", null) == null);
|
||||
boolean need_home = (pref.getString("home", null) == null);
|
||||
if (!need_path && !need_home) {
|
||||
return;
|
||||
}
|
||||
SharedPreferences.Editor edit = pref.edit();
|
||||
if (need_path) {
|
||||
edit.putString("path", SimpleSSHD.app_private);
|
||||
}
|
||||
if (need_home) {
|
||||
edit.putString("home", SimpleSSHD.app_private);
|
||||
}
|
||||
edit.commit();
|
||||
}
|
||||
};
|
||||
|
@ -7,13 +7,15 @@ import android.content.Context;
|
||||
import android.content.SharedPreferences;
|
||||
import android.content.Intent;
|
||||
import android.content.DialogInterface;
|
||||
import android.widget.CheckBox;
|
||||
import android.widget.EditText;
|
||||
import android.widget.TextView;
|
||||
import android.widget.Button;
|
||||
import android.text.ClipboardManager;
|
||||
import android.view.View;
|
||||
import android.view.Menu;
|
||||
import android.view.MenuItem;
|
||||
import android.widget.Button;
|
||||
import android.widget.CheckBox;
|
||||
import android.widget.EditText;
|
||||
import android.widget.TextView;
|
||||
import android.widget.Toast;
|
||||
import android.net.Uri;
|
||||
import java.io.File;
|
||||
import java.io.FileReader;
|
||||
@ -30,10 +32,12 @@ public class SimpleSSHD extends Activity
|
||||
private Button startstop_view;
|
||||
private TextView ip_view;
|
||||
public static SimpleSSHD curr = null;
|
||||
public static String app_private = null;
|
||||
private UpdaterThread updater = null;
|
||||
|
||||
public void onCreate(Bundle savedInstanceState) {
|
||||
super.onCreate(savedInstanceState);
|
||||
app_private = getFilesDir().toString();
|
||||
Prefs.init(this);
|
||||
setContentView(R.layout.main);
|
||||
log_view = (EditText)findViewById(R.id.log);
|
||||
@ -74,6 +78,9 @@ public class SimpleSSHD extends Activity
|
||||
case R.id.settings:
|
||||
startActivity(new Intent(this, Settings.class));
|
||||
return true;
|
||||
case R.id.copypriv:
|
||||
copy_app_private();
|
||||
return true;
|
||||
case R.id.resetkeys:
|
||||
reset_keys();
|
||||
return true;
|
||||
@ -237,6 +244,32 @@ public class SimpleSSHD extends Activity
|
||||
return ret;
|
||||
}
|
||||
|
||||
private void copy_app_private() {
|
||||
new AlertDialog.Builder(this)
|
||||
.setCancelable(true)
|
||||
.setPositiveButton("OK",
|
||||
new DialogInterface.OnClickListener() {
|
||||
public void onClick(DialogInterface di,
|
||||
int which) { }
|
||||
})
|
||||
.setNegativeButton("Copy",
|
||||
new DialogInterface.OnClickListener() {
|
||||
public void onClick(DialogInterface di,
|
||||
int which) {
|
||||
ClipboardManager cl = (ClipboardManager)
|
||||
getSystemService(
|
||||
Context.CLIPBOARD_SERVICE);
|
||||
if (cl != null) {
|
||||
cl.setText(app_private);
|
||||
}
|
||||
}
|
||||
})
|
||||
.setIcon(android.R.drawable.ic_dialog_info)
|
||||
.setTitle("App-private path")
|
||||
.setMessage(app_private)
|
||||
.show();
|
||||
}
|
||||
|
||||
private void do_reset_keys() {
|
||||
new File(Prefs.get_path(), "authorized_keys").delete();
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user