0

I am writing an Android app which needs to call an OpenSSH binary. Things get challenging when OpenSSH requires a password or passphrase. When run from something other than a terminal, I understand one can set the SSH_ASKPASS environment variable to a binary with roughly the following specs:

  • Command line arguments, if any, are used as a prompt.
  • Exit status reports success if the user clicks OK, failure if the user canceled.
  • The passphrase is printed on stdout.

On Android, this is a bigger challenge: basically, you would need to write a native binary which either:

  • displays a GUI dialog and processes the result, or
  • defers passphrase entry to the calling application, e.g. by sending a broadcast and then waiting for a response containing the passphrase

Are there any examples of this being done by Android apps?

user149408
  • 5,385
  • 4
  • 33
  • 69
  • Why do you need opens so binary? A pure Java SSH library like sshj would in most cases the better solution. – Robert Jun 11 '23 at 20:06
  • The Android app is a wrapper around a binary written in OCaml, which in turn calls OpenSSH. Integrating a pure Java SSH library would require a complete rewrite of the existing code. So there’s no way around OpenSSH, or a drop-in replacement that exposes a CLI and behaves exactly the same. – user149408 Jun 11 '23 at 20:52
  • Executing binaries is no longer allowed because of the write xor execute restriction. See https://stackoverflow.com/q/67974978/150978 Note that apps for Play Store have to use targetSdkVersion 33 or higher at the moment. – Robert Jun 12 '23 at 06:44

0 Answers0