How to use SSH with tasker without any other app
1,737 views
Skip to first unread message
chich...@gmail.com
Jan 1, 2014, 7:29:59 AM1/1/14
to tas...@googlegroups.com
Hi all !
I just wanted to point out that tasker is able to deal with ssh commands without using Tasker SSH Command Launcher or any other app like ConnectBot or Better Terminal Emulator, etc.
It took me quite some time to figure out how to get it to work, so I will describe the process briefly. I am currently running android 4.2.2 (AOKP).
1) you need public key authentication to automate the connection (with correct key file permissions)
2) if you run the ssh command as root with tasker (with "run shell" action), ssh will try to create a personnal directory (~/.ssh) which will fail as the "/" directory is read-only. Same applies if you try running as not root.
3) the workaround I found : specifiy to ssh a configuration file to use, which will in turn point to the correct files (which in my set up are: /data/.ssh/id_rsa and /data/.ssh/known_hosts). So the command given to tasker looks like this :
sh /path/to/shell/script
and the script itself:
ssh -F /data/.ssh/ssh_config user@ipaddress "command to launch on remote machine"
4) my /data/.ssh/ssh_config looks like this (one of the two last lines might be superfluous):
IdentityFile /data/.ssh/id_rsa
UserKnownHostsFile /data/.ssh/known_hosts
GlobalKnownHostsFile /data/.ssh/known_hosts
5) it even works without tasker using root: in that case, I went to find out under which user tasker is running the shell script (with ps, I could see that /system/bin/sh was being run consistently by the same user). So I did:
chown username.username /data/.ssh/*
I just wanted to point out that tasker is able to deal with ssh commands without using Tasker SSH Command Launcher or any other app like ConnectBot or Better Terminal Emulator, etc.
It took me quite some time to figure out how to get it to work, so I will describe the process briefly. I am currently running android 4.2.2 (AOKP).
1) you need public key authentication to automate the connection (with correct key file permissions)
2) if you run the ssh command as root with tasker (with "run shell" action), ssh will try to create a personnal directory (~/.ssh) which will fail as the "/" directory is read-only. Same applies if you try running as not root.
3) the workaround I found : specifiy to ssh a configuration file to use, which will in turn point to the correct files (which in my set up are: /data/.ssh/id_rsa and /data/.ssh/known_hosts). So the command given to tasker looks like this :
sh /path/to/shell/script
and the script itself:
ssh -F /data/.ssh/ssh_config user@ipaddress "command to launch on remote machine"
4) my /data/.ssh/ssh_config looks like this (one of the two last lines might be superfluous):
IdentityFile /data/.ssh/id_rsa
UserKnownHostsFile /data/.ssh/known_hosts
GlobalKnownHostsFile /data/.ssh/known_hosts
5) it even works without tasker using root: in that case, I went to find out under which user tasker is running the shell script (with ps, I could see that /system/bin/sh was being run consistently by the same user). So I did:
chown username.username /data/.ssh/*
Robert T. Pooner
Jan 2, 2014, 2:48:04 AM1/2/14
to tas...@googlegroups.com
Thanks for your post, I am very interested in getting this working as you described. Following your instructions I have done the following:
1. Installed ConnectBot, generated a keypair, and exported them as id_rsa and id_rsa.pub into /data/.ssh
2. Copied the contents of id_rsa.pub from my phone into my ~/.ssh/authorized_keys file on my laptop
3. Copied my known_hosts file from my laptop to /data/.ssh on my phone
4. Copied your ssh_config to /data.ssh on my phone
5. Verified using ConnectBot that I can connect to my laptop via the keypair. This works.
6. I have also created a testcommand.sh script that contains the command: ssh -F /data/.ssh/ssh_config user@ipaddress "ls /home/user/ls.txt"
However when I run testcommand.sh via Run Shell in Tasker, I don't get any response. I ran testcommand.sh in Terminal Emulator and the error was that ssh was not found. Can you tell me what ssh binary you are using?
And have I followed all the instructions correctly? Are there any special file permissions I need to set?
Wietse van Buitenen
Jan 2, 2014, 3:07:16 PM1/2/14
to tas...@googlegroups.com
thanks for the info!
there's a lot of usefull stuff in here :)
a while ago I spent some time getting my ssh stuff set up when switching from a rooted phone to an non rooted one.
Been meaning to post the info here but haven't gotten around to do it..
Since my stock ROM didn't have the ssh binary installed (as is the case for Robert I think..) I used one from BTEP (Better Terminal Emulator Pro, this is Dropbear based.
The one from CyanogenMod is OpenSSH and had several thinks linked to it which I couldn't copy on a non rooted phone..
Trick is to use the Tasker's "Copy File" Action to copy the ssh binary to Tasker's own data folder (/data/data/net.dinglisch.android.tasker/) and then chmod 755 it with Tasker's "Run Shell" Action.
Since it's in the data partition you can set the execute bit (which you can't do on sdcard).
I hope to post the full info here later but now there's already something in a thread :)
Message has been deleted
chich...@gmail.com
Jan 3, 2014, 7:05:07 AM1/3/14
to tas...@googlegroups.com
Hi Robert,
I should have mentionned that AOKP comes with openSSH (as Wietse pointed out).
I'm not sure which ssh ConnectBot is using, nor where the binary is stored; but if it is dropbear based, it might not accept the -F option for specifying a configuration file.
Your set up looks good to me but I'm no expert. Just one thing about step 3: I beleive the known_hosts file should populate itself automatically on the first successful connection (after answering "yes" when prompted), which should hence be done "by hand" on the command line.
I should have mentionned that AOKP comes with openSSH (as Wietse pointed out).
I'm not sure which ssh ConnectBot is using, nor where the binary is stored; but if it is dropbear based, it might not accept the -F option for specifying a configuration file.
Your set up looks good to me but I'm no expert. Just one thing about step 3: I beleive the known_hosts file should populate itself automatically on the first successful connection (after answering "yes" when prompted), which should hence be done "by hand" on the command line.
Robert T. Pooner
Jan 3, 2014, 9:51:28 AM1/3/14
to tas...@googlegroups.com
Thanks, you are right that OpenSSH binaries are required for this method, which I figured out after failing with dropbear today :) I have it working now and here's how I did it:
1. I am running Omnirom, which doesn't seem to have an ssh binary so I installed SSHelper from the Play store.
2. ssh to the SSHelper OpenSSH server on my phone (on port 2222) from my laptop, which makes it much easier to type all the terminal commands.
2. Copy ssh and ssh-keygen binaries from /data/data/com.arachnoid.sshelper/bin to /data/.ssh. I had to be root to do this.
3. In /data/.ssh, run ssh-keygen to generate a public and private keypair for the phone.
4. Copy the public key to my laptop with this command: scp id_rsa.pub user@laptop:/home/user
5. On the laptop, manually add the phone's public key by running cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
6. Create ssh_config according to the original post:
IdentityFile /data/.ssh/id_rsa
UserKnownHostsFile /data/.ssh/known_hosts
GlobalKnownHostsFile /data/.ssh/known_hosts
7. Create test.sh according to the original post: echo "/data/.ssh/ssh -vvv -F /data/.ssh/ssh_config user@laptop 'ls > /home/user/ls.txt'" > test.sh
8. Make test.sh executable: chmod 755 test.sh
9. Run test.sh on the command line and verify that it connects. The -vvv gives extra verbose logging to assist with any problems.
10. Success!
Here is the contents of my /data/.ssh directory. I would be interested in seeing the same from chicho so I can work out the permissions that are needed. Obviously all mine are root, so I will need to use root in Tasker.
DIRECTORY:
root@localhost:.ssh # ls -al /data | grep .ssh
drwxr-x--- root shell 2014-01-04 01:12 .ssh
FILES:
root@localhost:.ssh # ls -al
-rw------- root root 1675 2014-01-04 01:14 id_rsa
-rw-r--r-- root root 400 2014-01-04 01:14 id_rsa.pub
-rw-r--r-- root root 173 2014-01-04 00:41 known_hosts
-rwxr-xr-x root root 3287144 2014-01-04 00:40 ssh
-rwxr-xr-x root root 2845148 2014-01-04 01:12 ssh-keygen
-rw-r--r-- root root 117 2014-01-04 00:45 ssh_config
-rwxr-xr-x root root 91 2014-01-04 01:20 test.sh
I created this Run Shell command in Tasker: "sh /data/.ssh/test.sh", selecting Use Root. It successfully created the ls.txt on my laptop. Then on a hunch I just pasted the contents of test.sh into the Run Shell command, and it worked. So apparently I don't need to create the .sh file first. This is good, as it will allow commands to be dynamically generated in Tasker without writing to a .sh file.
I haven't done much further testing, but this verifies the method and fills in the details from start to finish. Thanks to chicho for the original post :)
chich...@gmail.com
Jan 4, 2014, 4:14:17 AM1/4/14
to tas...@googlegroups.com
Glad to see you got it working !
And thanks for adding all the details which I felt a bit lasy to write out ;)
Here are my permissions for running it without root :
root@android:/ # ls -la /data/.ssh/
srw------- u0_a56 u0_a56 2014-01-04 01:00 control:10.0.0.1:22:user
-rw------- u0_a56 u0_a56 1679 2013-12-26 09:48 id_rsa
-rw-r--r-- u0_a56 u0_a56 396 2013-12-26 09:48 id_rsa.pub
-rw-r--r-- u0_a56 u0_a56 390 2013-12-31 00:08 known_hosts
-rw-r--r-- u0_a56 u0_a56 194 2014-01-01 15:38 ssh_config
It seems permissions are set just the same in your case, you only need to chown to the right user.group. As I mentionned earlier, you need to find out the username tasker is using when running your command. I did :
echo "sleep 20" > test.sh
and then ran it, and
ps | grep /system/bin/sh
This would show me a process (among several others) that keeps being run consistently by the same user whenever the script is running. It's probably even easier if you directly use the ssh command as it should show up as such in ps output.
And thanks for adding all the details which I felt a bit lasy to write out ;)
Here are my permissions for running it without root :
root@android:/ # ls -la /data/.ssh/
srw------- u0_a56 u0_a56 2014-01-04 01:00 control:10.0.0.1:22:user
-rw------- u0_a56 u0_a56 1679 2013-12-26 09:48 id_rsa
-rw-r--r-- u0_a56 u0_a56 396 2013-12-26 09:48 id_rsa.pub
-rw-r--r-- u0_a56 u0_a56 390 2013-12-31 00:08 known_hosts
-rw-r--r-- u0_a56 u0_a56 194 2014-01-01 15:38 ssh_config
It seems permissions are set just the same in your case, you only need to chown to the right user.group. As I mentionned earlier, you need to find out the username tasker is using when running your command. I did :
echo "sleep 20" > test.sh
and then ran it, and
ps | grep /system/bin/sh
This would show me a process (among several others) that keeps being run consistently by the same user whenever the script is running. It's probably even easier if you directly use the ssh command as it should show up as such in ps output.
Jonas Brenden
Sep 30, 2014, 2:27:37 PM9/30/14
to tas...@googlegroups.com
Hi Guys!
Im so glad I found your thread. Thank you! I am working on a solution to run a ssh command on my machine from a standalone tasker app.
I want to give it to my colleagues so they can run it through their android phone without downloading any apps etc.
Can I include the binaries for OpenSSH directly in the app and also my key pair file so that they dont have to edit any settings, just launch the app and the command is sent to my computer?
Im so glad I found your thread. Thank you! I am working on a solution to run a ssh command on my machine from a standalone tasker app.
I want to give it to my colleagues so they can run it through their android phone without downloading any apps etc.
Can I include the binaries for OpenSSH directly in the app and also my key pair file so that they dont have to edit any settings, just launch the app and the command is sent to my computer?
Goog M
Feb 23, 2016, 4:34:31 AM2/23/16
to Tasker
Hi everyone,
Thank you for sharing this info. I've tried using this method with SSH Helper ssh binaries. It works but only when task runs as root, even when ownership is transferred to Tasker user.
Just wondering, has anyone actually got it to work as non-root?
Max
Thank you for sharing this info. I've tried using this method with SSH Helper ssh binaries. It works but only when task runs as root, even when ownership is transferred to Tasker user.
Just wondering, has anyone actually got it to work as non-root?
Max
Reply all
Reply to author
Forward
0 new messages