Android to SSH server connection password
https://stackoverflow.com/questions/8368403
-
27-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have an Android app, which is intended for use by about 10 people, i.e. it will not be published and is "in house". The app connects the user to an SSH server, using jsch. I hit a problem when deciding how the user logs on. Even though the app severely limits the user's functionality when logged onto the server (basically only allowing the upload of certain files), they still have to log on, with the user password (everyone uses the same user account). I don't think it is a good idea to give away the password like this, so I am thinking of ways to allow the user to use the app without knowing the login password. My ideas so far.
(1) generate a ssh key and put it on each android device. (I'm not sure how to do this yet, or if it is possible).
(2) encrypt the password and store it on the phone and then create an "app password" for the user to login to the app.
I would like advice about what is the best course of action.
Solution
First, you can restrict on the server side what a user account can do - do this. (See below for some hints.)
Second, I would use the public-key authentication method. Generate (different) private keys for each of the users and store it on their phones (Android phones have some kind of file system, don't they?), maybe encrypted by a password (so evil phone thieves can't use the key).
(There might be some build-in crypto key holding device - if so, you can certainly use this. But I don't know enough about Android to help here.)
Assuming the server uses OpenSSH sshd, you can put an ~/.ssh/authorized_keys file in the home directory of this user, which contains the public keys of each phone's private keys. These key lines can contain options, which might be used to force a command (to allow only sftp/scp) or disable all kinds of forwarding. More options are available in the sshd's sshd_config - you might want to start a separate sshd in a jailed environment for those uploads instead of using your main one.
From JSch, you can enable public-key authentication by using one of the addIdentity methods of the JSch object. (Disclaimer: JSch documentation was written by me.)
You also should deliver your server's public key with the application (and not disable checking on connection) to prevent man-in-the-middle attacks. You can use the setKnownHosts method to provide the list of known host keys to JSch.
OTHER TIPS
Since it's an in house app with only 10 users, why don't you send the phone's IMEI value in the login process. You could then have a small table/file on the server with permitted IMEI numbers. This would make it a bit like MAC address filtering for wireless routers.
