Thanks for the answers from @DimGun and @colealtdelete
I faced this 'opportunity' recently with my now dated Samsung tablet. Unfortunately my tried and true ssh Android app doesn't support older hardware/releases.
I found on simpleSSHD as a very serviceable
DropBear based replacement which, and I feel wisely, is set-up so that you can only use
authorized_keys for login.
That creates a bit of a bootstrap problem. User notes seemed to assume a few things:
An easy way approach (from my Linux) PC was to paste the new entry into my tablet's
authorized_keys file in the
simpleSSHD home directory. You can do this by logging-in the first time with a one-time password.
On the PC ...
# add the tablet to the PC ~/.ssh/config file
cat id_rsa.pub | xclip -selection clipboard
Puts the public key entry into my clipboard. Or you can just select and copy.
ssh into the tablet:
$ ssh email@example.com -p2222
The authenticity of host '[192.168.xx.zz]:2222 ([192.168.xx.zz]:2222)' can't be established.
ECDSA key fingerprint is SHA256:oqsN8RKo9T990vjWiQEGooRBDUyId7yJG28eqGTAsa4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.xx.zz]:2222' (ECDSA) to the list of known hosts.
user@android:/data/data/org.galexander.sshd/files $ ls -l
-rw------- u0_a142 u0_a142 1499 2019-03-13 09:05 dropbear.err
-rw------- u0_a142 u0_a142 5 2019-03-13 08:52 dropbear.pid
-rw------- u0_a142 u0_a142 243 2018-09-21 12:41 dropbear_ecdsa_host_key
$ cat > authorized_keys
$ chmod 0600 authorized_keys
Now the tablet
simpleSSHD service is ready for secure login. Trial that with
filezilla and ssh with no password, etc.
That all worked very nicely. In addition, these days I can use the file browser without needing an FTP client with the path:
Somewhat 1,000 times faster that ye olde MTP links. It is advised to set the permissions on the parent directory to:
0700 for the parent equivalent to: