1
0
mirror of http://galexander.org/git/simplesshd.git synced 2024-12-28 00:48:07 +00:00

use app-private path for home/ssh directory by default, and make a menu

option to Copy App-private Path
This commit is contained in:
Greg Alexander 2018-05-19 16:48:26 -04:00
parent 8fd055940e
commit 906d6a30ef
6 changed files with 104 additions and 19 deletions

27
NOTES
View File

@ -621,9 +621,30 @@ READ_EXTERNAL_STORAGE, so long as I explicitly request
WRITE_EXTERNAL_STORAGE.
XXX - make sure to create the app-private files/ on first startup
XXX - add options menu "copy app-private path", or something
XXX - change default from /sdcard/ssh to app-private/files for new installs, or something
May 19, 2018.
Michael Mess wrote to let me know that he can't use authorized_keys file
because the /sdcard/ssh/authorized_keys file is group-readwritable. I
know regular OpenSSH on a PC does complain if the authorized_keys file is
world-writable, so this made sense to me. He says it is a security flaw,
but really, it is not, because any app that can run code and write to
/sdcard/ssh already has all of the permissions that SimpleSSHD has
(except network, but whatever) -- it isn't escalation, just a horizontal
spreading.
He suggested moving the SSH config into app-private, which is something
I've been toying with anyways.
So after some internal debate, I decided to do two changes:
* add "Copy app-private path" to the options menu, which brings up a
dialog showing the app-private path, with an option "Copy" to put it
in the clipboard.
* make the default for new installs for "home" and "path" be the
app-private dir
I look forward to seeing if anyone complains about it.
XXX - upgrade project.properties to android-26
XXX - call checkSelfPermission/requestPermission to get WRITE_EXTERNAL_STORAGE

View File

@ -29,8 +29,8 @@ Port 2222
</pre>
<li> Launch SimpleSSHD, and in Settings enable "Start on Boot", then
manually start it for the first time.
<li> Create <tt>/sdcard/ssh/authorized_keys</tt>
<li> Optionally make <tt>/sdcard/ssh/.profile</tt>
<li> Create <tt>authorized_keys</tt> in the home directory
<li> Optionally make <tt>.profile</tt>
</ul>
<p>If SimpleSSHD does not find an <tt>authorized_keys</tt> file when a
@ -45,6 +45,15 @@ file.</p>
is supported. If you screw up your <tt>authorized_keys</tt> file, use
the options menu (upper right) -> Reset Keys.</p>
<p>The default home directory is now the app-private directory, which
will generally be something like
<tt>/data/data/org.galexander.sshd/files</tt>, but may vary depending on
your device. Use options menu -> Copy App-private Path to view the path
or copy it onto the clipboard. A nice feature of the app-private
directory is it generally supports the full range of Unix of file
permissions, including execute! A disadvantage is that these files all
disappear if you uninstall SimpleSSHD.</p>
<p>Once you get setup, you may want BusyBox. Check out
<a href="https://play.google.com/store/apps/details?id=org.galexander.busybox">SimpleBusyBox</a>.</p>
@ -77,8 +86,10 @@ and then click "QUIT" when you are done.</dd>
greater than 1024 (because SimpleSSHD does not have root).</dd>
<dt>SSH Path</dt>
<dd>Path for general dropbear files, which defaults to
<tt>/sdcard/ssh</tt>. Most importantly, this is where
<dd>Path for general dropbear files, which now defaults to
the app-private directory (usually something like
<tt>/data/data/org.galexander.sshd/files</tt>).
Most importantly, this is where
<tt>authorized_keys</tt> is found. It is also where host keys wind up
(they are created on demand), and where temporary files go. This path
should probably be under <tt>/sdcard</tt>.</dd>
@ -106,8 +117,9 @@ SuperSU.</dd>
<dt>Home Directory</dt>
<dd>The login shell's home directory, which also defaults
to <tt>/sdcard/ssh</tt>. This is where your ssh session starts out, and is
where <tt>.profile</tt> will be found if it is present.</dd>
to the app-private directory.
This is where your ssh session starts out, and is where <tt>.profile</tt>
will be found if it is present.</dd>
<dt>Extra Commandline</dt>
<dd>You can specify additional commandline options for dropbear server.
@ -158,6 +170,8 @@ harmless.
<h2>Change Log</h2>
<ul>
<li> <b>2018/05/19 Version 19:</b> Use the app-private directory by
default on new installs for the SSH/home dir.
<li> <b>2018/05/16 Version 18:</b> Use correct idiom for <tt>su</tt> as a
login shell (so busybox <tt>su</tt> can work). Add environment variables
to settings.

View File

@ -3,6 +3,8 @@
<item android:id="@+id/settings"
android:icon="@android:drawable/ic_menu_manage"
android:title="Settings" />
<item android:id="@+id/copypriv"
android:title="Copy App-private Path" />
<item android:id="@+id/resetkeys"
android:icon="@android:drawable/ic_secure"
android:title="Reset Keys" />

View File

@ -24,7 +24,7 @@
android:key="path"
android:title="SSH Path"
android:summary="Location of misc dropbear files (put authorized_keys here)."
android:defaultValue="/sdcard/ssh" />
android:defaultValue="/xxx" />
<EditTextPreference
android:key="shell"
android:title="Login Shell"
@ -38,7 +38,7 @@
android:key="home"
android:title="Home Directory"
android:summary="Default directory after login (put .profile here)."
android:defaultValue="/sdcard/ssh" />
android:defaultValue="/xxx" />
<EditTextPreference
android:key="extra"
android:title="Extra Commandline"

View File

@ -10,6 +10,7 @@ public class Prefs {
public static void init(Context c) {
if (pref == null) {
pref = PreferenceManager.getDefaultSharedPreferences(c);
set_defaults();
}
}
@ -35,13 +36,13 @@ public class Prefs {
return ret;
}
public static String get_path() {
return pref.getString("path", "/sdcard/ssh");
return pref.getString("path", SimpleSSHD.app_private);
}
public static String get_shell() {
return pref.getString("shell", "/system/bin/sh");
}
public static String get_home() {
return pref.getString("home", "/sdcard/ssh");
return pref.getString("home", SimpleSSHD.app_private);
}
public static String get_extra() {
return pref.getString("extra", "");
@ -50,7 +51,21 @@ public class Prefs {
return pref.getString("env", "");
}
public static SharedPreferences.Editor edit() {
return pref.edit();
/* NB - other defaults can be filled in by either Prefs or Settings as
* needed */
private static void set_defaults() {
boolean need_path = (pref.getString("path", null) == null);
boolean need_home = (pref.getString("home", null) == null);
if (!need_path && !need_home) {
return;
}
SharedPreferences.Editor edit = pref.edit();
if (need_path) {
edit.putString("path", SimpleSSHD.app_private);
}
if (need_home) {
edit.putString("home", SimpleSSHD.app_private);
}
edit.commit();
}
};

View File

@ -7,13 +7,15 @@ import android.content.Context;
import android.content.SharedPreferences;
import android.content.Intent;
import android.content.DialogInterface;
import android.widget.CheckBox;
import android.widget.EditText;
import android.widget.TextView;
import android.widget.Button;
import android.text.ClipboardManager;
import android.view.View;
import android.view.Menu;
import android.view.MenuItem;
import android.widget.Button;
import android.widget.CheckBox;
import android.widget.EditText;
import android.widget.TextView;
import android.widget.Toast;
import android.net.Uri;
import java.io.File;
import java.io.FileReader;
@ -30,10 +32,12 @@ public class SimpleSSHD extends Activity
private Button startstop_view;
private TextView ip_view;
public static SimpleSSHD curr = null;
public static String app_private = null;
private UpdaterThread updater = null;
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
app_private = getFilesDir().toString();
Prefs.init(this);
setContentView(R.layout.main);
log_view = (EditText)findViewById(R.id.log);
@ -74,6 +78,9 @@ public class SimpleSSHD extends Activity
case R.id.settings:
startActivity(new Intent(this, Settings.class));
return true;
case R.id.copypriv:
copy_app_private();
return true;
case R.id.resetkeys:
reset_keys();
return true;
@ -237,6 +244,32 @@ public class SimpleSSHD extends Activity
return ret;
}
private void copy_app_private() {
new AlertDialog.Builder(this)
.setCancelable(true)
.setPositiveButton("OK",
new DialogInterface.OnClickListener() {
public void onClick(DialogInterface di,
int which) { }
})
.setNegativeButton("Copy",
new DialogInterface.OnClickListener() {
public void onClick(DialogInterface di,
int which) {
ClipboardManager cl = (ClipboardManager)
getSystemService(
Context.CLIPBOARD_SERVICE);
if (cl != null) {
cl.setText(app_private);
}
}
})
.setIcon(android.R.drawable.ic_dialog_info)
.setTitle("App-private path")
.setMessage(app_private)
.show();
}
private void do_reset_keys() {
new File(Prefs.get_path(), "authorized_keys").delete();
}