Telnet is lame so we will have a look at setting up dropbear as sshd on Android. This how-to will show you how to install configure and run dropbear as sshd and how to connect with a ssh client.
A dropbear built from the original sources won't run properly on Android; the reason is that Android has no proper user support (
There are two solutions for getting the proper changes to the sources:
Once the sources are fixed you now need to crosscompile them. This requires a cross compiler to be setup (this process is not covered here).
The cross compilation and build goes like this:
./configure --host=arm-none-linux-gnueabi --disable-zlib make CC=arm-none-linux-gnueabi-gcc
Once built the output is following 3 binaries:
The installation is quite simple: copy the binaries to your favorite dir to android, e.g.
First we need a server key. Keys are generated using
dropbearkey. To generate a RSA server key:
dropbearkey -t rsa -f dropbear_rsa_host_key
Now create a dir
/data/dropbear and copy
/sdcard/dropbear -r dropbear_rsa_host_key -F -E -v -s
This should show you the debuglog of dropbear starting in non-daemon mode (
Now we need to generate a key/pair for the client to connect with (theoretically the client can connect using password but as stated above there is no read user/password support in Android and we don't want to use any hardcoded passwords (that's the reason why we run
dropbear with the option
To generate a key-pair we do:
dropbearkey -t rsa -f /sdcard/id_rsa dropbearkey -f /sdcard/id_rsa -y > /sdcard/id_rsa.pub
This first command generates a private key, the second step extracts the public-key.
Now we jst need to create
/data/dropbear/.ssh and cat the public-key to
mkdir /data/dropbear/.ssh cat /sdcard/id_rsa.pub > /data/dropbear/.ssh/authorized_keys
now check the perms of
/data/dropbear/.ssh/authorized_keys and make sure they are only readable/writable by
Now it's time to take care of the client. As
openssh use different key formats we first need to convert id_rsa (private key) to openssh-format:
/sdcard/dropbearconvert dropbear openssh /sdcard/id_rsa /sdcard/id_rsa_openssh
/sdcard/id_rsa_openssh to your desktop (e.g. to your home). We move them instead of copying them as leaving a private key on the phone may compromise it.
Finally connect to the phone:
ssh -i id_rsa_openssh <phone-ip>
If the connection fails check the Troubleshooting section.
As stated before both the client and the server are quite sensitive to the sensitive files having the right perms. You can use
-vv for both the client and the server to see debug info and fix whatever is wrong.
Common errors are:
authorized_keysor your private key have wrong perms
/etc/shellsfile with the path to your shell (e.g.
/system/bin/sh) will prevent dropbear from opening a session