SSH Daemon - Dropbear - On Android 2.0

Znuff

New Member
Joined
Apr 26, 2010
Messages
3
Reaction score
0
For the moment I'd like to stick with the default rom :)
 

Se7enLC

Active Member
Joined
Nov 16, 2009
Messages
1,262
Reaction score
0
QuickSSHD QuickSSHD | TeslaCoil Software available on the market will do what you want. It's dropbear with a simple gui and doesn't require root.

If you want just raw dropbear Dropbear | TeslaCoil Software has information on building it. Cyanogen's build doesn't validate passwords (it just accepts them).

I just purchased this and installed it - does it not work on 3G? No matter what port I put it on, I can't seem to SSH in (but I can ssh locally on the droid perfectly fine)
 

gorn

New Member
Joined
Apr 14, 2010
Messages
5
Reaction score
0
Unfortunately the carrier gets to decide if it works on 3G or not. Many carriers block incoming connections. This was noted earlier in this thread for both ssh servers and web servers.

You could use a VPN to work around it. Or if you already run an ssh server on your computer you could do a poor mans VPN like this:

on the phone:
ssh -R2222:localhost:22 computerIP

This will establish a secure port tunnel over your SSH connection from the phone to the computer. The tunnel will map the computer's port 2222 to the phone's port 22.

Then from the computer:
ssh localhost -p2222

Which will log you into your phone.
 

Se7enLC

Active Member
Joined
Nov 16, 2009
Messages
1,262
Reaction score
0
Unfortunately the carrier gets to decide if it works on 3G or not. Many carriers block incoming connections. This was noted earlier in this thread for both ssh servers and web servers.

So does it work on the Motorola Droid (whose only carrier is Verizon)?

I just did some testing, and it seems not to. Do you happen to know the contact information for the author? I can't find any contact information or anything on the site.
 

gorn

New Member
Joined
Apr 14, 2010
Messages
5
Reaction score
0
I am the author. We can continue talking here or go to email if you would like, my email is support@teslacoilsw.com . Also for future reference in the market there is a "Send email to developer" option at the bottom of the listing, or a Contact link in the receipt.
But thanks for pointing out the obvious place (my website) didn't include it. I've updated the site.

Unfortunately there is nothing I can do about the carriers. It's basically like if you have a phone number that can make calls from but not receive them. In this case you can initiate connections from your phone to the internet, but you can't receive connections from the internet to your phone over 3g.
(I don't have Verizon so I can't comment on them specifically, but I believe you are correct in saying that it doesn't work as you have tried multiple ports.)

QuickSSHd is primarily written with Wi-Fi in mind. If that won't meet your needs unfortunately all I can offer, aside from more help with the VPN/ssh tunnel style work around above, is a refund of your purchase. If you uninstall the App in the first 24 hours Google will do it automatically. If you have any trouble with that contact me by email and we can take care of it.

---
A cool technical workaround for this problem, but that requires resources ($), is that an app could be written to start the ssh daemon and also start a client that connects to a 24/7 dedicated server somewhere. This would have to automatically reconnect. Then the dedicated server port maps unique ports to the clients. So for example you'd be assigned dedicatedserver:1234 and could ssh into that form anywhere and it forwards your connection.
I however do not have a dedicatedserver and can't see this being of enough interest to people to be worth running.
 
Last edited:

Se7enLC

Active Member
Joined
Nov 16, 2009
Messages
1,262
Reaction score
0
I am the author. We can continue talking here or go to email if you would like, my email is support@teslacoilsw.com . Also for future reference in the market there is a "Send email to developer" option at the bottom of the listing, or a Contact link in the receipt.
But thanks for pointing out the obvious place (my website) didn't include it. I've updated the site.

Ah, of course. I probably should have guessed (given the single post and calling verizon "the carrier") :) welcome to the forum!

d'oh - I knew it was there, too, but somehow I forgot to look there. As much as I love my droid, I do most of my emailing from a desktop. I eventually would have gotten there.

Unfortunately there is nothing I can do about the carriers. It's basically like if you have a phone number that can make calls from but not receive them. In this case you can initiate connections from your phone to the internet, but you can't receive connections from the internet to your phone over 3g.
(I don't have Verizon so I can't comment on them specifically, but I believe you are correct in saying that it doesn't work as you have tried multiple ports.)

Yeah, I'm pretty familiar with that type of blocking. I've never really researched it on the droid before, so I was a little surprised. Some people had mentioned that they only blocked low port numbers, so I had assumed that the people saying that had actually TRIED it. Looks like Verizon actually blocks inbound traffic on ALL ports. I even tried an FTP server, that didn't work, either.

QuickSSHd is primarily written with Wi-Fi in mind. If that won't meet your needs unfortunately all I can offer, aside from more help with the VPN/ssh tunnel style work around above, is a refund of your purchase. If you uninstall the App in the first 24 hours Google will do it automatically. If you have any trouble with that contact me by email and we can take care of it.

Shouldn't be a problem returning it - I may do that. I might just keep it and use it over wifi. I usually don't bother turning wifi on, but if I need to ssh, I guess I could do it easily enough. The app looks really great, and I like the idea of having a nice graphical interface to start/stop sshd easily, but if I need to tunnel a port, I may as well just run dropbear directly at the same time.

A cool technical workaround for this problem, but that requires resources ($), is that an app could be written to start the ssh daemon and also start a client that connects to a 24/7 dedicated server somewhere. This would have to automatically reconnect. Then the dedicated server port maps unique ports to the clients. So for example you'd be assigned dedicatedserver:1234 and could ssh into that form anywhere and it forwards your connection.
I however do not have a dedicatedserver and can't see this being of enough interest to people to be worth running.

That is an interesting idea, though. The majority of the computers I would be wanting to ssh into the droid from are running linux and already have ssh servers running. Perhaps I could just script it up in such a way that when I want to start the ssh server, it asks me for a remote host and port. It then opens an ssh connection to that server and with it a tunnel back to sshd. It would be about as simple as before, except that you would need to know the IP of the client before you could start the server, and the client would also need to be running sshd.

Thanks for trying, though, and good luck with the app!
 

Znuff

New Member
Joined
Apr 26, 2010
Messages
3
Reaction score
0
Hi,

Thanks for the suggestion! Apparently that app is not available on the european android market :( (no paid apps are, it seems). I've contacted the developer to see if I can get a hold of the app by purchasing from him directly.
 

gorn

New Member
Joined
Apr 14, 2010
Messages
5
Reaction score
0
The majority of the computers I would be wanting to ssh into the droid from are running linux and already have ssh servers running. Perhaps I could just script it up in such a way that when I want to start the ssh server, it asks me for a remote host and port. It then opens an ssh connection to that server and with it a tunnel back to sshd. It would be about as simple as before, except that you would need to know the IP of the client before you could start the server, and the client would also need to be running sshd.

The way QuickSSHd works is that it launches /data/data/com.teslacoilsw.quicksshd/dropbear/dropbear with a whole bunch of cli arguments. You could rename dropbear to something like dropbear.bin and then make a shell script in its place that opens your ssh tunnel (Shared key based to avoid the password prompt) followed by running dropbear with the original input arguments.
It's a bit hacky and limited, but would work. Just a warning though that QuickSSHd updates sometimes include dropbear binary updates and they would overwrite your shell script, so keep a backup.

If there's lots of interest in tunneling I could see about adding some kind of interface for it to a future version of QuickSSHd, no promises though.
 

Se7enLC

Active Member
Joined
Nov 16, 2009
Messages
1,262
Reaction score
0
I was able to get tunneling to work, but it's kludgy at best.

First I made links to the executables in the path, to make it easier:
Code:
ln /data/data/com.teslasoftware.quicksshd/dropbear/ssh /system/xbin/ssh -s
ln /data/data/com.teslasoftware.quicksshd/dropbear/ssh /system/xbin/scp -s
ln /data/data/com.teslasoftware.quicksshd/dropbear/ssh /system/xbin/sshd -s
Then I opened up QuickSSHD and started it with a password on port 22.

Then I opened up Terminal Emulator and ran this:
Code:
ssh -R 2222:127.0.0.1:22 username@mypersonalhost.com
Remote port was first (2222), followed by localhost (had to be by IP - for some reason "localhost" did not work properly. probably an /system/etc/hosts issue), followed by local port. I used my own username and server name, and had to type in the password. Once the connection was made, I was able to:

Code:
ssh root@localhost -p 2222
And log remotely into my droid.

It's a huge mess, but it does, in fact, work. Scripting it would require keys, I think, since I wouldn't want to store and send the remote password raw.
 

Skrilax_CZ

Member
Joined
Dec 31, 2009
Messages
33
Reaction score
0
Anybody got the binaries from the first post, since alldroid is messed again ...
 
OP
K

kevdog

Member
Joined
Nov 14, 2009
Messages
722
Reaction score
0
I have the files (am I allowed to post these here?) .. If a mod would chime in and answer, then I would post if allowed.
 

matth45

New Member
Joined
Dec 31, 2010
Messages
2
Reaction score
0
Seems to be a patched version of dropbear. You can click the project home link at the top of the google code page to read the notes from the developers. It works on my Droid Incredible. It came with a nice installer, which put everything in the right places. It has a gui to start and stop the ssh server. You can setup public keys and account passwords through the gui. In short, this is exactly what I wanted.

I had to do quite a bit of googling to find it though, so I was hoping to spread the word a bit. Hopefully next time I have to find it it won't be so hard :p

Happy new year!
 
Top