It’s fairly easy to set up this small linux distro called kbox on a device running Android 3.0 or higher. The miniature Debian environment has a few useful packages available which you can find at the kbox package downloads page. By the end of this guide you will have a small linux command line environment which you can shell into or out from with ssh without rooting your device.
Install Android Terminal EmulatorThe Android Terminal Emulator by Jack Palevich can be found, at the time of this publishing, at the Google play store. I have not tried other terminal emulators, but this one creates a writable data area which will allow you to install kbox2.
kbox2 Installation Notes
The complete instructions for how to install kbox2 required a couple of additional notes, so follow the official instructions and keep the following in mind.
The documentation describes the writable directory as
On my Nexus S, however, the directory is actually found at
/android_root/data/data/jackpal.androidterm You should be able to run
ls / to view the root directory and determine if the data directory is there or nested inside of android_root.
Keep in mind that you won’t be able to tab complete (volume up button + t) the directory names if you don’t have root permission. So you will need to type the entire path to the directory “jackpal.androidterm”.
Download the kbox2 base installer and copy it to your device’s download directory. As long as you know the path to this file and the path to the jackpal.android term directory, you should be able to follow the official kbox2 instructions without problems.
Configure Terminal to Run KBOX shell By Default
This is step number 8 of the official instructions. Take note that you have the correct path to the kbox shell. For me it is
/android_root/data/data/jackpal.androidterm/kbox2/bin/kbox_shell. This will ensure that you are in the kbox environment every time you open the Android Terminal Emulator.
Setting Up ssh, scp and sshd Server
That’s right. You can actually shell into your Android device now. The first thing you need to do is install the Dropbear dependency, kbox-login, which a few kbox.deb packages rely on. Running
dpkg -i /sdcard/download/kbox-login_0.0.1_kbox.deb or whatever the path may be for you should do the trick.
Next, install Dropbear package which includes ssh, scp and sshd. If kbox-login is installed,
dpkg -i /sdcard/download/dropbear_0.52_kbox.deb should install these services.
Automate Your ssh
This what primarily attracted me to kbox, so I took a few steps to make ssh life easier.
We’re going to need a text editor, so grab the vim package for dbox and install it with
dpkg -i /sdcard/download/vim_7.3.3_kbox.deb or whatever the path is for you.
Let’s test out our ssh destination to make sure it works. If you have shell access to a server, run
ssh -l username xxx.xxx.xxx.xxx, where xxx is the IP of the server (assuming the server is listening on the default port of 22). You should be prompted with a password and asked to accept a key upon login. For the sake of trivia, keys are stored in /home/kbox.ssh/known_hosts.
Creating a config in .ssh with host info did not work for me in this environment, so let’s create a simple bash script to do make ssh connection to our host much easier.
The key to automating this script is to create the script in the default bin directory. Change to that directory with
vim scriptname.sh. I like to use names such as sshNameOfHost.sh so it’s easy to remember. If you’re not used to vim or this terminal, here is how to use it.
Press “i” to toggle insert mode which allows you to begin typing. Now you may enter the following script, replacing the IP and username with your info. The port option (-p) does not need to be included if your host is using port 22, but be sure to specify if your host uses a different port.
ssh "xxx.xxx.xxx.xxx" -p "22" -l "username"
After the script is entered, press the volume up button followed by the “e” key to escape insert mode. Now enter
:w (it should appear at the bottom of the screen) and press return. It should say “…characters written”. Close vim by entering
:q and pressing return.
ls /usr/bin/ and your script should be listed.
chmod u+x scriptname.sh, replacing scriptname with your actual scriptname.
Chang back to /home/kbox and try to run your script by typing the first few letters of the script name and tab complete by pressing volume up + t. It should auto-complete the script name for you to run by pressing return. If all went well, you should be prompter for your password by your host. You can create one of these scripts for each host you intend to connect to often.
Hosting ssh Server on Your Android Device
The ssh server works out of the box using the details found under Dropbear at the KBOX downloads page or see the blockquote below. I recommend changing the default password and port.
Get your wlan0 “inet addr” by entering
ifconfig in the KBOX terminal. This is what you will connect to over a local network. I have no idea how to connect to the rmnet0 inet addr and the public IP of the mobile network so far.
Ignore the dss error since we’re using rsa. It should be running and connectible. Open a linux terminal (or Putty if you’re Winstipated) and run
ssh -p 10022 xxx.xxx.xxx.xxx using your devices inet addr. Congrats! You can now shell into your kbox terminal from a desktop machine like a normal person.
… More like an awesome person.
This is a somewhat modified version of the Dropbear ssh server, which takes the user credentials as command-line arguments. This is because Android Linux has no user-level authentication. Note that the user ID (specified by the -U argument) must be the user ID of the terminal emulator app running the script, or nobody will be able to log in.
The package provides a script /bin/ssh_daemon.sh that will launch the ssh server with somewhat sensible arguments, specifying user credentials and port number. This script is provided as a basis for customization, and is not really intended to be used as it is. The credentials are taken from /etc/kbox-passwd, which is a plain text file, and default to kbox/kbox. The port number for client connection is specified in /etc/kbox_ports.rc. As in any Linux system, the port number must be above 1024 for non-root usage.
The script will read an RSA server key from $HOME/.rsa_host_key. The dropbearkey utility can be used to create this key, but it should be created automatically the first time ssh_daemon.sh is executed.
In order to connect to the sshd server, when run as described above, clients need to specify the port number on the command line (e.g., ssh -p 10022 kbox@[my_andoid_ip]).
List of Utilities
This list includes those added by kbox-login, dropbear and vim. Please excuse the monospace runoff.
[ fgrep mesg sha512sum
[[ file mkdir showkey
ar file.bin mkfifo sleep
arp find mknod smemcap
ash findfs mkswap softlimit
base64 flash_lock mktemp sort
basename flash_unlock modinfo split
bash flashcp modprobe ssh
beep flock more backup-ssh_daemon.sh
bin fold mpstat sshHostname.sh
blkid freeramdisk mv sshd
blockdev ftpd nbd-client sshmemepirate.sh
bunzip2 ftpget nc start-stop-daemon
busybox ftpput netstat strings
bzcat fuser nice stty
bzip2 getopt nmeter sum
cal grep nohup sv
cat groff nroff svlogd
catv grotty od sync
chat gtbl openvt sysctl
chattr gunzip patch tabs
chgrp gzip pidof tac
chmod halt ping tail
chown hd pipe_progress tar
chpst hdparm pmap tbl
chroot head poweroff tcpsvd
chrt hexdump powertop tee
chvt hostname printenv telnet
cksum httpd printf test
clear id ps time
cmp ifconfig pscan timeout
comm ifdown pstree top
cp ifup pwd touch
cpio init pwdx tput
cttyhack inotifyd raidautorun tr
cut insmod rdev troff
date install readlink true
dbclient iostat readprofile tset
dc ip realpath ttysize
dd ipaddr reboot tunctl
deallocvt ipcalc reformime tune2fs
depmod iplink renice udhcpc
devmem iproute reset uname
diff iprule resize uncompress
dirname iptunnel rev unexpand
dmesg kbox-login rm uniq
dnsdomainname kbox_shell rmdir unix2dos
dos2unix klogd rmmod unlzma
dpkg less route unlzop
dpkg-deb linuxrc rtcwake unxz
dropbear ln run-parts unzip
dropbearkey loadkmap runsv uudecode
du login runsvdir uuencode
dumpkmap losetup rx vi
echo ls scp vim
egrep lsattr script volname
envdir lsmod scriptreplay watch
envuidgid lspci sed wc
expand lsusb seq wget
expr lzcat setconsole which
fakeidentd lzma setkeycodes whoami
false lzop setlogcons whois
fbset lzopcat setserial xargs
fbsplash make_ssh_keys.sh setsid xz
fdflush makedevs setuidgid xzcat
fdformat makemime sh yes
fdisk man sha1sum zcat
fgconsole md5sum sha256sum
Porting Linux Utilities to KBOX
If there is a linux utility that you can’t live without, it may be possible to port it to KBOX. See the section “What is involved in porting Linux utilities to KBOX?” in the KBOX faq. That said, there is a decent list of packages currently available for kbox including ftp, unrar, hexeditor, gcc, make, perl, gpg, kcrypt (file encryption), rsynch and more.