Hey,
I'm searching for an SSH client that supports the use of password protected private keys (.ppk file). I'm not really a fan of having them inside the app or even on my phone in plain text. Can you guys recommend one? Termius seems to need them as plain text for example.
I found some solution. Not the most ideal but at least it's doing what I want: a combination of Termiux and a rudimentary Linux distribution installed with AnLinux.
So you basically just install Debian or whatever you prefer on your phone, add all necessary packages and you are good to go.
You have to give it access to storage and it seems it needs to be started with su rights through the Termiux package tsu, but then you can import a ppk key via the putty-tools package like on a standard Linux distribution and the private key can be converted to a password protected OpenSSH key.
Not the most intuitive way but it's working.
Related
Here is an idea I have thought of:
Making a GUI (root needed of course) applaction for turning on/off and managing WIFI routing. Basically, it would package the tethering script, and give the ability to see who is connect/block/etc. Possibly even mac filtering down the line.
My one main stumping block is that I would really love to get a little DHCP server running on it in the background, so that it would be much easier to manage. For instance, say I am on customer site with my coworker, and there is no net access. I would like to just allow him to autoconnect with out having to go through the process of setting up a new static ip and having him need to do that on the client side.
I went through the current linux distro on the phone, and, not surprisingly did not find dhcpd One solution that I am thinking of is to install debian, and get one that way, but that would not work too well as it would also require users to install debian and apt-get dhcpd.
Another thought that I had was to extract the files from the .deb, and include them in app, and have it just copy the files to the proper places (include shell script) then call out to dhcpd start/stop when needed.
The last option would be implementing a simple DHCP server in Java, kind of my last resort, as I am not even sure the API access to java.util.net.*
Just found this:
http://www.dhcp.org/javadhcp/
Seems to be J2SE compliant, so I am thinking (if the android JVM is compliant) it could be leveraged as a simple DHCP server. I still like the idea of using a premade linux one though
See other thread..
very cool.... dnsmasq is the way to go me things
Hi, Anybody knows any software compatible with WM to remotely send command to Linux system?
Under Windows we have plink which is pretty good to send any command to linux.
Basically I need to have a simple user interface (just a few buttons), I load this interface, it will auto log into the linux server. Once I click one of the button, it will send a few command lines to Linux.
I tried with Visual Studio 2008 without success as Sendkeys is not available for WM platform.
Anybody has any idea?
thanks a lot in advance
johnny
Personally the few times i need to connect to a Linux box from my PPC i use Pocket Putty. OK it's command line only but it's good enough for my needs.
vnc would also work well of cause one would take over the linux but that would mean one could send commands by typing them into a console or clicking on the button which perfomred that command
thanks a lot Rudegar and Deedee,
I have tried pocket putty using VB 2008, however I couldn't access to the linux server with below commands:
Private Sub btn_sd1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btn_sd1.Click
Dim m_Process As New ProcessStartInfo()
m_Process.FileName = "putty.exe"
m_Process.UseShellExecute = False
m_Process.Arguments = "[email protected]_Server " & "/etc/asterisk/intercom/203.sh"
Process.Start(m_Process)
End Sub
"Linux_Server" is the saved putty session I saved with the pocket putty. /etc/asterisk/intercom/203.sh is the directory of the linux bash file I need to execute.
Basically I just need to login into the Linux Server and execute the bash file once the button is clicked.
Deedee you have any ideas?
thanks a lot.
johnny
Unfortunately none.
My VB is limited to not much more than text file processing, i used to parse a lot of various log files by hand and decided to learn VB6 so i could automate the process. the VB is slowly extending in function but tends to be snaffling someone elses code and hacking it to work the way i want it.
My Linux is equally restriced in scope, actually probably more so.
Wish i could have been more help.
yidiyuehan said:
thanks a lot Rudegar and Deedee,
I have tried pocket putty using VB 2008, however I couldn't access to the linux server with below commands:
Private Sub btn_sd1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btn_sd1.Click
Dim m_Process As New ProcessStartInfo()
m_Process.FileName = "putty.exe"
m_Process.UseShellExecute = False
m_Process.Arguments = "[email protected]_Server " & "/etc/asterisk/intercom/203.sh"
Process.Start(m_Process)
End Sub
"Linux_Server" is the saved putty session I saved with the pocket putty. /etc/asterisk/intercom/203.sh is the directory of the linux bash file I need to execute.
Basically I just need to login into the Linux Server and execute the bash file once the button is clicked.
Deedee you have any ideas?
thanks a lot.
johnny
Click to expand...
Click to collapse
This may be possible using MortScript. Why don't you post your request in the Development & Hacking forum as there is an active Mortscript thread there.
Here is its direct link
Cheers
I will learn what is MortScript if pocket putty isn't really workable.
If there is a pocket plink it will become much easier as I can do this using Plink with VB.net.
People,
I don't know about you guys, but as an engineering student I use a lot Latex to produce documents (articles, presentation, reports, etc...). However seems that a good app to latex edition is lacking in the android world. The hard time to deal with a latex document is having a high number of files and sub-files, and need to be compiled in order to get the final result, a pdf ou dvi file.
Testing alternatives, I found that the compile part is easy, since, as done in the iOS, the best alternative to the 1GB program needed is a remote compilation in a server. Some schools have it, some web applications already use it, and even verbetex (the only LaTex app, besides its limitations) use this approach. For instance I leave you a great project, but a little bit stoped this days..
http://dev.latexlab.org/
The main limitations all the apps and web-service present is file manipulation and text editing. Neither can be good in both, wich is essential. The project I showed could be great if, besides google doc integration (allowing cooperation), I could easily manage the file as its possible in http://www.scribtex.com/. However, the best integration in file manager would be using dropbox, where easily one can add files from desktop, or web browser, editing in normal Latex tools, or in the fly in our tablet or webservice.
Besides a webservice seams a good alternative in desktop, android browser is still not so easy to use. So a dedicated interface, wich allows multiples tabs, to edit multiple files, syntax highlighting, files manipulation with integration and sincronization with dropbox, and some other text edition addons with the possible to online compilation in a remote server would be a very nice app for our android, and mostly for TF since it have a dock.
I don't have for now programming knowledge to promote this type of project. Figuring current available apps using dropbox, remote servers, and text manipulation, I assume necessary tools are available, so I let year a challenge to the brilliant guys in XDA, offering me to test, and when finished to buy it (if it would be a generic code editor for differente languages, allow dropbox and ftp integration, for sure that 10 bucks or more would be a good price for start).
Hope some one respond to my call!
I can think of another use for Latex..........
SORRY! HAD TO SAY IT!!!
I also happen to be a student who regularly use LaTeX for academic purposes. In my opinion, the best solution that exists now on the Transformer is using Vim for editing the tex files, and using sftp to upload it to a server and then ssh to compile it. The later parts can be put into one shell script, and can be executed within vim each time you want to compile the file that you are editing.
As to the editor itself, vim is exactly what I use on my regular laptop for LaTeX editing. I can hardly think of any editor better suited for the job (though some might suggest emacs, but that is another story). Someone has compiled vim for android and you can find it by googling "vim android". I have tried it myself and found it quite usable with the dock. You can even use the excellent vim-latex plugin to help you simplify the editing of latex files.
Vim is too hardcore for me I have it already setup, but not all latex guys like to do it in the terminal
Hey everyone,
So I was just thinking over what I would love to do with my Transformer/Dock combo and one thing came to mind.
I can connect to my office via VPN, access our company intranet and use various web based tools but there's one thing I'm missing: SQL access.
I use GUI tool that lets me have several DB connections open and run SQL in a window along with seeing the results of the query. I can drop or truncate tables, etc also.
So my question is: Does anything like that exist for Android and more specifically, Honeycomb so there's a bigger screen?
Thanks,
-Bob
How about phpMyAdmin or similar installed on one of the SQL servers. Or using remote desktop/VNC to remote control a PC with the MS SQL tools on it.
What is the best way to watch HTTPS traffic from apps now? I will collect what I have found so far, but hoping someone more knowledgeable will add some points. Feel free to correct or point out other ways of accomplishing this. It feels like regardless of the options, the root of the problems are how to get around certificate pinning.
Emulator vs Phone
This is the first question and probably the most dependent on what you want to achieve. Working on a real device gives more space between your device and the proxy which makes things easier. The extra space is costly in other ways. For example, I would prefer to have a single instance running on the computer to collect information, but using a phone is easier but has the physical requirement of a device connected to the network.
Phone
Physical separation allows for clearer testing. Fully functional device means your input and output work as expected.
Emulator - Waydroid
Emulator running on the same computer causes more complicated networking to ensure you don't block your own traffic. Troubleshooting is trickier as it's more difficult to easily access parts of the emulator that a phone is easy to access. For example, I spent much more time than I would have expected to move a VPN configuration file from my computer to the virtual machine emulator than I would have ever expected. Adding the same configuration to the phone was a simple QR code scan.
Emulator running in a virtual machine allows for a future use case of running the whole thing in the cloud without a physical device.
Proxies
As far as I know, the only way to capture the HTTPS traffic is to use a proxy. This is in the form of an application running on a separate (virtual or physical as mentioned above) device. The hardest part here is the Certificate Authority which signs the HTTPS traffic when it leaves the app. More sophisticated apps, to prevent fraud, do a variety of actions to prevent the user or 3rd parties from capturing the data in each HTTPS request.
mitmproxy
open source, link
I tried this first as it comes with Python library which would make capturing data for later analysis much easier. Mitmproxy has a few different modes, and ultimately I found that `mitmproxy --mode wireguard` which runs via VPN captured a good amount of traffic, but still had target SDK traffic unable to be opened. Mitmproxy has a built in tool to help installing the certificate in Android as a user certificate. This will capture some HTTPs traffic, but for some apps and many SDKs this does not capture their traffic. Traffic can be captured in several ways: CLI tool for analysis of live traffic in memory, CLI dump to file and in memory live in browser of choice.
Charles Proxy
free for 30 days, shareware, link
I first used Charles nearly 10 years ago, and it doesn't feel like it's changed much, but is actively maintained. When I first started using Charles it was a breeze to use, CA was less of a problem. But as Android changed it also now has the problems of CA needing to be installed, and helps the user by providing it's own signed certificate which can be installed as a user certificate. Charles is a standalone program that you run and as such it does have a fair amount of issues on my linux environment related to it's display sizes. .
Burp Suite - Community Edition
paid/free, link
Community edition that is free to use. Runs in browser and comes with it's own CA tool.
Android Certificate Authority
These are the certificates used to sign HTTPS traffic to keep it secure. In Android there are three levels: User, System (root) and App Pinned Certificates. In Android settings you can add a CA which will be considered "user". Apps can choose whether to ignore this certificate. System CAs can only be set by a root user. While a user can install user CA's, apps do not have to use these. CAs can be set by users as root certificates. I believe this must be set regardless of device or VM. The majority of the certificates provided by the proxies don't seem to open a lot of HTTPS traffic. This is likely because Android N (API level 24) certificate pinning was introduced in 2016 and at this point most SDKs and Apps use this for transferring traffic.
JustTrustMe
open source, link
This is installed on a device or emulator. An Xposed addon that can be installed to force apps to use root authorities and prevent them from pinning their own CA.
apk-mitm
open source, link
This can be installed in a separate linux environment and is used to modify an app's apk before being installed into a VM emultator or phone. It attempts to get around the app's certificate pinning by patching the APK to disable certificate pinning.
This is just my notes on what I'm looking into. I figured I'd post here to see if anyone has some advice or pointers. Please feel free to correct / add to this! Meanwhile I'll also keep my notes here if it helps anyone.
To anyone later who is interested in this topic, I was able to finally get a working solution using Magisk + LSPosed and two certificate modules which unpinned certificates and set my user certificate to system. I wrote my detailed steps here if anyone needs the help.