Smarten up your Android smartphone I: SSH, SSHD

There seems to be a mistaken belief that in order to gain superuser access (or to do serious development or, to use a popular misnomer, “hacking”, one has to “jailbreak”, or as it is called everywhere other than iOS, “root”. Let us see how anyone can do most of it using an excellent and completely free hack (or app) called Termux.

You may install Termux from the Play Store or from F-Droid, an alternative “store” or repository. I recommend using F-droid (which you can scan or click at the right), but I included a link to Google Play in sources below.

Apart from Termux, other great apps (some only on F-droid, others on both F-droid and Google Play; for Termux, you cannot mix Termux and Addons between the two) I would recommend are DNS66 or Blokada for ad-blocking (without rooting), NewPipe for a better YouTube experience (including video downloads for off-line use), Red Moon which will filter out blue light after dawn, much like f.lux on a Windows desktop, Audio Recording offers excellent ads-free recordings and Overchan or Clover for all the chans. Other notable apps are OpenKeychain, Syncthing, K-9 Mail, aMetro.

Once installed, you open Termux as you would any other app. Before SSH-ing into your phone, you will have to issue a few commands on the phone.

In Termux, you swipe from the left to access the session manager. I never used multiple sessions, but you could if you wanted to – instead of SSH-ing, you might want to just attach a BT keyboard (Amazon, .ca) in that case. If your visual keyboard ever closes, you’d click the Keyboard button in the session manager to bring it back.

The touch keyboard Google gives is not really made for Linux. You may thus install the Hacker’s Keyboard, or use the “visual extensions” provided by Termux (termux-kb). Termux uses the Volume down key to emulate Ctrl and it is also possible to visually display extra keys with a long tap on the Keyboard button or by pressing Volume Up + Q. You can also reveal a native Android text input view by swiping the extra keys view to the left.

When starting, Termux has a nice welcome message. For subsequent logins, you may skip it by issuing touch .hushlogin.

Issue now your first command to update your installation:

$ pkg upgrade

Termux uses pgk for apt. Follow the above with:

$ pkg install openssh gnupg nano tmux git python ruby nodejs cmake coreutils termux-api termux-exec termux-tools grep tree ncurses-utils radare2 nmap

Not all of the above are necessary for SSH (only the first one, openssh), but they allow for development and I need them – you might as well.

If you don’t have a key pair already, you will have to create one, as Termux implementation of SSH does not allow password login (who uses that, anyways?).

$ ssh-keygen –b 4096 –t rsa

In my case, I already had a pair of keys. To SSH into my phone, I need to get my existing auth_keys file in the .ssh directory. This can be achieved with the good old wget (which, if not present, can be installed as above with apt install or pkg install). Your public key may have to first be downloaded onto the phone and then mv’d to the .ssh directory. In order to expose the phone storage to Termux, I had to run the termux-setup-storage command, which created a /storage directory in my installation.

I also have the option of cloning it from Github, as explained in the 5 minute bootstrap.

You may also use ssh-copy-id to send the keys between Linux environments:

$ ssh-copy-id –i ~/.ssh/ yourusername@

If you need to ssh from your phone into a another *NIX box, you may do so now. If you just want to ssh into your phone, you need to make sure that the authorized_keys file and directory permissions are fine (chmod 600 on a_k and 700 on ~/.ssh).

$ ssh $IP -p 8022 -i %PATH_TO_KEY-FILE%/%NAME_OF_KEY%

If you are having difficulties, try killing the sshd process (you list processes with ps) and restart it with the debug option:

$ sshd –d

To keep your connection alive, you might want to use termux_wake_lock.

To automate sshd start, you might want to use Tasker and have the sshd command in your .bashrc file. You can also use addons such as Termux Widget or Termux Boot. If you do, you will need to create some directories. This is a good opportunity to customize your workspace.

$ mkdir notes gh homework temp .termux .shortcuts

You can now place the scripts you want to be executed at boot in:

$ mkdir ~/.termux/boot

To continue customizing, I download and install my dotfiles:

$ cd gh && git clone && cp dotfiles/bashrc ~/.bashrc

You can fork them on Github and customize as you see fit, much like I did – see where from in Github (mdm-kon).


Occasionally, you may find yourself unable to SSH via Wi-Fi. You may still connect using SSH over USB and port forwarding via ADB.

To get ADB in Linux, you just issue sudo apt install adb. For Windows, refer to the XDA forum (xda-adb). Follow that with

$ adb forward tcp:8022 tcp:8022

You can now SSH into your phone whichever way you did before.


Termux, though close to a Linux environment, is not exactly that, mostly because of ways in which Android differs (t-linux). However, it is very close to that and with further hacks can be made virtually indistinguishable from what you would expect. To run scripts, you need them in $HOME, chmod +x and/or call them with a script interpreter such as python or bash. You also may need to install termux-exec (installed at the beginning) and/or use termux-fix-shebang on scripts to change the shebang line from /bin/{program} to $PREFIX/bin/{program}. To setup a chroot via PRoot mimicking a normal Linux file system, use termux-chroot.

I do not provide help here, but you are welcome to see the FAQ.

There’s a lot you can accomplish with mighty little Termux, and the links below are only a beginning!

Sources / More info: F-droid, Gplay, termux-kb, hackerkb, xda-adb, mdm-kon, t-linux, hn-webserver, hn-nodejs, metasploit, youtube-dl, termux-api, termux-ansible

blog comments powered by Disqus
Your gift enables us to continue to provide high quality reporting with little or no advertising.