From CyanogenMod Wiki

1. summary Howto: Connect and login to your Android with ssh

Contents 1 Connect and login to your Android with SSH 1.1 Prerequisites 1.2 Create a SSH key for logging in 1.3 Prepare your Android (using an SSH key) 1.4 Prepare your Android (using a root password) 1.5 Connect to your Android 1.5.1 Enjoy !

[edit] Connect and login to your Android with SSH

This short article explains how to connect to your Android phone from another computer using the SSH protocol. This allows you to use a big screen and real keyboard to work on your phone.

The Android terminal is a fine app, but I prefer a big screen and real keyboard any time.

[edit] Prerequisites

• Cyanogen ROM >= 4.0.2 (for the dropbear binary)
• Putty (Windows) or Linux with SSH

[edit] Create a SSH key for logging in

• Create a SSH key on the machine from which you wish to connect to your phone with `puttygen` or `ssh-keygen`
• Place the public key into a file named `authorized_keys` on the SD card

You can also use a password to connect to your phone, in this case you can skip the steps above.

[edit] Prepare your Android (using an SSH key)

• Open the terminal and become superuser/root
• Create the dropbear directory
• Create the .ssh directory and place the key into it
• Generate RSA and DSA keys
• Create a profile in /data/dropbear/.profile with a usable path
• Add your phone to remotes known_hosts file

$ su
# mkdir /data/dropbear 
# chmod 644 /data/dropbear
# mkdir /data/dropbear/.ssh 
# chmod 644 /data/dropbear/.ssh 
# cp /sdcard/authorized_keys /data/dropbear/.ssh
# chmod 600 /data/dropbear/.ssh/authorized_keys
# dropbearkey -t rsa -f /data/dropbear/dropbear_rsa_host_key
# dropbearkey -t dss -f /data/dropbear/dropbear_dss_host_key
# echo >>/data/dropbear/.profile "PATH=/usr/bin:/usr/sbin:/bin:/sbin:/system/sbin:/system/bin:/system/xbin:/system/xbin/bb:/data/local/bin"
# echo >>/data/dropbear/.profile "export PATH"

• If you get authentication errors, run this to show your phones public rsa key

# dropbearkey -y -f /data/dropbear/dropbear_rsa_host_key

• the key is formatted like 'ssh-rsa Som3Rand0mStr1n6 root@localhost'
• copy and paste it to your PCs known_hosts file, ~/.ssh/known_hosts
• and try connecting from your PC again

$ ssh -i<your_rsa_pub_key> root@host

• If authorized_keys file was pushed to sdcard using adb, make sure that owner is set as root on authorized_keys file or you might get key refused by server.

# chown root.root /data/dropbear/authorized_keys
# killall dropbear
# dropbear -s -g

[edit] Prepare your Android (using a root password)

!!! The native dropbear binary included in CyanogenMod 4.0.4 and later seems not to support correctly password protected logins !!!

!!! in the sense that you can login even when providing a wrong password  !!!

!!! To make it work correctly you need to compile your own dropbear binary statically linked with uClibc !!!

• Compile dropbear (statically linked with uClibc)
  
• Compile busybox (statically linked with uClibc) and enable
  

1. [*] Support for shadow passwords
2. [*] Use internal password and group functions rather than system func
3. [*] Use internal shadow password functions
4. [*] Use internal crypt functions
   
5. [*] passwd
6. [*] Check new passwords for weakness

• Copy the new dropbear and busybox binaries to the phone

adb push busybox  /sdcard/busybox
adb push dropbear /sdcard/dropbear
adb push dropbearkey /sdcard/dropbearkey

• Open the terminal and become superuser/root
• Create /data/local/bin directory
• Copy dropbear, dropbearkey and busybox to /data/local/bin and setup file permissions, ownership and links
• Remount /system read-write
• Create the needed passwd files
• Change the root password
• Create /etc/profile with a usable path
• Create /etc/shells
• Remount /system read-only
• Create the dropbear directory
• Generate rsa and dsa keys
  
• Link /data/dropbear directory to /system/etc/dropbear

$ su
# mkdir /data/local/bin
# cp /sdcard/busybox  /data/local/bin/busybox
# cp /sdcard/dropbear /data/local/bin/dropbear
# cp /sdcard/dropbear /data/local/bin/dropbearkey
# chown root.root /data/local/bin/dropbear
# chown root.root /data/local/bin/dropbearkey 
# chown root.root /data/local/bin/busybox
# chmod 4755 /data/local/bin/busybox
# chmod 755 /data/local/bin/dropbear
# chmod 755 /data/local/bin/dropbearkey 
# ln -s /data/local/bin/busybox /data/local/bin/passwd
# busybox mount -o remount,rw /dev/block/mtdblock3  /system
# echo "root:x:0:0::/data/dropbear:/system/bin/sh" > /etc/passwd
# echo "root::14531:0:99999:7:::" > /etc/shadow
# echo "root:x:0:" > /etc/group
# echo "root:!::" > /etc/gshadow
# echo "/system/bin/sh" > /etc/shells
# echo "PATH=\"/usr/bin:/usr/sbin:/bin:/sbin:/system/sbin:/system/bin:/system/xbin:/system/xbin/bb:/data/local/bin\"" > /etc/profile
# echo "export PATH" >> /etc/profile
# /data/local/bin/passwd 
Changing password for root
New password:
Bad password: too weak
Retype password:
Password for root changed by root
# mkdir /data/dropbear
# /data/local/bin/dropbearkey -t rsa -f /data/dropbear/dropbear_rsa_host_key
# /data/local/bin/dropbearkey -t dss -f /data/dropbear/dropbear_dss_host_key
# ln -s /data/dropbear /system/etc/dropbear
# busybox mount -o remount,ro /dev/block/mtdblock3  /system

Then as root to run your own compiled version call it with the full path:

 # /data/local/bin/dropbear

[edit] Connect to your Android

• Start wifi and connect to your access point
• Determine the ip of your phone
• Prepare/use your ssh client
• Start dropbear on your phone (in verbose mode)

# dropbear -v

• If you want to start dropbear securely using SSH keys then use the -s -g switches to disable password authentication. Unless you do this someone without the keys can authenticate as root with no password.

# dropbear -s -g 

• • From Linux (with SSH keyfile):

$ ssh -i<your-private-keyfile> root@<your-phone-ip>

• • From Linux (with root password):

$ ssh root@<your-phone-ip>
root@xxx.xxx.xxx.xxx's password:
/data/dropbear #

• • From Windows (putty with SSH keyfile) you need to configure putty as follows:
    • Connection - Data - Auto-login Username = root
    • Connection - SSH - Auth - Private key file = <your keyfile>

• • From Windows (putty with root password):
    • Input username and password when prompted

[edit] Enjoy !

---

Link to alternative explanation:

http://code.google.com/p/cyanogenmod/issues/detail?id=145 dropbear login