SSH on CyanogenMod
I had installed CyanogenMod on my Samsung Galaxy, and wanted a better way of accessing it. I installed SSHDroid and was reasonably pleased, but it had its quirks and limitations. Then I learned that there is an SSH daemon and it's pretty easy to set up and enable.
I followed a different path, though, as almost everything
I want to do needs
Mostly this is using
scp to copy picture files
/storage/sdcard1/DCIM/Camera/ and then
deleting them through
That directory is owned by user
root and group
sdcard_r and it's mode 770.
The other thing I commonly do is compare things like the
on Android to those on Linux.
shell account you get from the
adb shell can't do what I want.
Make sure you have installed the
package on your Linux machine.
If it's packaged under a different name, ask YUM which
package you would have to add to get the
yum provides /usr/bin/adb
Go into the settings menu on your phone, select Developer Options, and find Root access. Tap it and change it to Apps and ADB.
Now you should be able to run
adb shell from
your Linux notebook or desktop and get a shell on your
Within that session, become
Vol-Up + E
If this isn't possible, you can do the following
work from an
Android terminal emulator.
The trickiest part is editing a pair of configuration files,
but just use
vim after verifying how to input
a Escape character.
terminal emulator I use
it's done by pressing and holding Vol-Up and then pressing E.
Also try Vol-Up by itself,
and the Back button at the bottom.
Finally, you need an SSH key pair, see
for details on using
ssh-keygen if you
haven't done this yet.
The result will be key files in
public keys in
private keys in
authorized_keys will contain all your
/data/ssh/ instead of
The standard place for SSH server configuration is
However, the next time you flash a new
which might be within the next week, you would lose your
We will put our system configuration and host keys in
/data/ssh/ instead, and we will make sure
to start the SSH daemon so it expects that.
Set Up Server Configuration Directory
The default PATH environment variable puts
/system/xbin, and the
directory is largely filled with symbolic links to
ls command is a little odd.
So, verify that some things are in place this way:
# /system/xbin/ls -laR /data/ssh
You should see that directory
is owned by
root, and is mode 700 or 750.
It should contain a directory
with no contents and mode 700.
These should already be there. If they seem to be missing check your typing. If you really need to, re-create them if they are missing for some reason.
Set Up Authorized User Public Keys
Create a user SSH directory and make it owned by user
Don't overlook the "." in the file name!
/data/ssh is for system configuration,
/data/.ssh is for user configuration.
# mkdir /data/.ssh # chmod 700 /data/.ssh # chown sheel:shell /data/.ssh
We are using the account
shell as it is used
when connecting with
Now switch to your Linux machine
and run this one command:
Linux$ adb push ~/.ssh/authorized_keys /data/.ssh/
Switch back to your
on the phone
and change the ownership and permissions:
# cd /data/.ssh # chown shell:shell * # chmod 600 *
Configure the SSH Server
An SSH configuration already exists on the phone, but
we will make a few changes and put the modified version
/data/ssh/sshd_config so it is not
overwritten when we do the next system flash.
# cd /data/ssh # cp /system/etc/ssh/sshd_config . # chmod 600 sshd_config # vim sshd_config
We only need to make a few changes. You will find that most of the file is comments, and much of what you are doing is uncommenting settings already in the file. Depending on the version of OpenSSH, some may have already been the default behavior anyway.
Subsystem sftp /usr/libexec/sftp-server
Subsystem sftp internal-sftp
Check your work:
# diff /system/etc/ssh/sshd_config /data/ssh/sshd_config
Start the SSH Server at Boot Time
There is a script on the system to start
but we need to change where it looks for its configuration.
The boot logic on Android says that if the directory
then run each of the scripts found there at boot time.
We will name our script
# mkdir /data/local/userinit.d # cd /data/local/userinit.d # cp /system/bin/start-ssh 99sshd # chmod 755 99sshd # vim 99sshd
Change the two instances of
Check your work. This shows the output you should see. You won't see the colored highlighting, I added it here to draw your attention to what you need to check.
# diff /system/bin/start-ssh /data/local/userinit.d/99sshd 38c38 < /system/bin/logwrapper /system/bin/sshd -f /
system/etc/ssh/sshd_config -D -d --- > /system/bin/logwrapper /system/bin/sshd -f /
data/ssh/sshd_config -D -d 41c41 < /system/bin/sshd -f /
system/etc/ssh/sshd_config -D --- > /system/bin/sshd -f /
and log in over SSH as
root from another system.
Warning: If you had been using another
SSH server such as SSHDroid, your SSH client will have saved
those old server public keys.
The native Android SSH service will generate its own host
key pairs the first time it starts.
Your SSH client will not see the expected server public key,
it will display a warning message and
then abort the attempt to connect.
You need to edit your
remove the existing line for your Android device.
When you succeed, reboot the Android device and verify that the SSH service was automatically started.
Scanning mine with Nmap I see this:
# nmap -sS -sV -O 192.168.1.102 Starting Nmap 6.47 ( http://nmap.org ) at 2015-07-01 17:21 EDT Nmap scan report for 192.168.1.102 Host is up (0.23s latency). Not shown: 999 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.4 (protocol 2.0) MAC Address: 00:37:6D:A9:B9:35 (Murata Manufacturing Co.) Device type: general purpose Running: Linux 3.X OS CPE: cpe:/o:linux:linux_kernel:3 OS details: Linux 3.2 - 3.10 Network Distance: 1 hop OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 66.26 seconds
Be Careful, and Enjoy!
Be very careful doing everything as
You have no need to worry about someone guessing a
1024-bit (or longer) RSA key, unless you somehow generated
your key pair in a flawed environment.
Your primary concern is self-inflicted damage
from your own