ConnectBot running on HTC Aria from AT&T.

ConnectBot is an open source SSH client for Android. SSH provides secure access to a remote server. Both password and public key authentication are allowed. A key can be created in ConnectBot for use with the server. The key can be disabled at any time.

Use VX ConnectBot for a more updated Android SSH client. All steps from this guide still apply.

This method can be performed entirely from your Android handset if you currently have password access to an SSH server. ConnectBot supports shell login and port forwarding, and file transfer is planned. Tested with ConnectBot 1.7.0, Android 2.2, and Ubuntu 10.10 Maverick Beta.

Install Open SSH server

SSH server must be installed on the remote system. Key authentication is usually enabled by default. To install in Ubuntu:

sudo apt-get install openssh-server

Start ConnectBot

ConnectBot home screen. There are no known hosts yet.

Select Manage Pubkeys

Click Menu, then Manage Pubkeys to configure keys.

Manage Pubkeys Screen

There are no keys set up yet.

Generate Pubkey

Click Menu then Generate. We are going to create a new key. This allows us to specifically revoke access if the handset is lost.

Generate Pubkey Settings

The new pubkey settings. Most of the defaults are fine. We will create a 1024 bit RSA key.

For improved security, a key size of 2048 or 4096 is now recommended. This does not affect any other steps.

Example Settings

You can call your key anything you like. I have named mine after the device, htc_aria. Enable “Load key at start” to have the key automatically loaded by ConnectBot.

Collect Entropy

Random numbers are used to generate the key. Move your finger around the screen until enough randomness has been collected.

New Pubkey Created

The new key has been created. It is unlocked and will be used by ConnectBot automatically when connecting to a server.

Copy Pubkey

Long press on the new key to bring up a menu. Click “Copy public key” This public part of the key will be copied onto the remote server.

Connect to Server

Go back to the ConnectBot home screen and enter your server information to connect to your SSH server.

First Connection

Choose “Yes” to accept the server’s key if this is the first time connecting to the server.

Connection Established

Login with a username and password to complete the connection. This is now the terminal of the remote server.

Add Key

The list of keys accepted for this user is stored in the authorized_keys file. This file is located in the .ssh directory within the user’s home directory. Use the echo command and paste in the key, surrounded by parentheses. The >> will append your public key onto the .ssh/authorized_keys file.

echo "PASTEKEYHERE" >> .ssh/authorized_keys

For example:

echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDQFSzet/Qu8SLklDQyNbX5k16MwOBVKuaY9bNJhb99BkIRIVbNpr61eHUG3gP6haNC6qreTbpHscq4AQV21gLvCgVmHsTci0QAK44weFyDzVwIBFH9uUN+f/k2NTY9zV8FaBqK9CW8hS2f50EB38mGYvE7/0/S1u7/jtxnKqwAgw== htc_aria" >> .ssh/authorized_keys

Set Permissions for authorized_keys

The .ssh/authorized_keys file must be writeable only by the owner. Set the permissions to 644 which means rw-r--r-- if it is not already that way.

chmod 644 .ssh/authorized_keys


Disconnect from the server. It will be now be listed on the screen.

Test Connection

Connect to the server again. While logging in it will say that public key authentication is being attempted:

Attempting “publickey” authentication with any in-memory public keys

If the key is working, no username or password will be required to complete login. The SSH key authentication is now configured!

Optional: Disable Key

If the device is lost or access should to be disabled at any time, remove the key from the server’s authorized_keys file. Use any text editor, or sed, to find the appropriate line. With a key named htc_aria for example:

cd ~/.ssh
sed '/htc_aria$/d' authorized_keys | tee authorized_keys

Install Jekyll 2 on Ubuntu 14.04

Jekyll 2 was recently released and can be installed on Ubuntu 14.04 using apt-get and gem install. Continue reading