Summarizing the CyanogenMod wiki page on SSH:
It's assumed that you have your personal private and public SSH keys. If not, the wiki page shows how to create them. Copy the public key to any convenient location on the phone, like the SDcard.
Use your favorite hacking tool, like ADB or the terminal app.
If you have not set up ADB to always run as root, use
su to get root.
All of the files below should be owned by root.
Your umask is 000, so be sure to fix the modes of the files created.
Create /data/dropbear (mode 755) and /data/dropbear/.ssh (mode 700).
Copy (or append) your public key to authorized_keys in this dir (mode 600).
Generate the host key(s):
The page says dss, not dsa; it has a fixed size of 1024 bits.
Determine the IP address of your phone. Determine the interface names
by either of:
ls /sys/class/net or
On the Dream, wireless is tiwlan0 while the cellular data interface is
rmnet0, 1 or 2 (guess which). These names vary between devices.
ifconfig tiwlan0 to get the IP address. If the phone is
napping it may have shut off WiFi; if so, wake it up. This could
be a problem: make sure the phone doesn't go to sleep while you're
trying to get work done.
Manual operation of Dropbear for testing. Run dropbear with these command line options: -s = no passwords accepted, publickey only. -v = verbose output, -F = no daemon, stay in foreground. It will use the default key files, which are the ones you just created.
Now try to slogin as root to your phone (using the IP address found two steps back).
slogin firstname.lastname@example.orgFor me it worked the first time, with much verbosity in the debug output. If the sending host already has a (different) host key in ~/.ssh/known_hosts, you will get a nasty message, including the line number. Get rid of the obsolete key and try again. You need to log in as root rather than yourself because yourself has no account (i.e. known loginID) on the phone.
For normal operation you can start it when needed by just
dropbear -s. Recommended to redirect stdin-stdout-stderr because
otherwise it holds open your TTY and you can't exit from the ADB shell
until you kill Dropbear.
To make it start at boot, do this:
mount -o remount,rw /system
Append this stanza to /etc/init.local.rc (actually in /system/etc):
# start Dropbear (ssh server) service on boot service sshd /system/xbin/dropbear -s user root group root oneshot
This done, Dropbear starts at boot, and I can execute commands and get a shell session on it, using its IPv6 (or IPv4) address, just like a normal host. Yay!
Since this is an alpha version of CyanogenMod-9, I'm going to be installing new versions every week or two, and every one that I've had so far has required wiping the data partition. Here I make a plan for restoring my configuration afterward. You did make a complete backup of /data, didn't you?
It's not a good idea to blindly restore everything, which would be the same as not wiping data at all. You need to restore selectively.
Turn on Menu -> Developer Options -> USB Debugging. This is required before you can use ADB.
Restore all the downloaded (non-included) apps, with their data. I have a script to restore the apps. Run it as root, because Android sets weird permissions preventing an ordinary user from reading the data to be restored. The following apps are/were in /data/app but were already installed (in CM9-01-12); these were skipped by the script.
Selectively restore data for apps with APK files in /system/app. 21 of 93 apps were restored. Run it as root, because Android sets weird permissions preventing an ordinary user from reading the data to be restored. Oops, at least one of the selected apps makes the UI crash, causing a bootloop. Symptom: within about 10-15 secs the phone reboots. You can unlock the lock screen (still reboots). You have just enough time to long-press the power button, select power off, and confirm it.
Recovering from the bootloop: I drastically pruned the set of apps that were restored (successfully), to just 7 or 93.
One of these two was the culprit causing the bootloop:
Set up wi-fi. I can't find the file that stores the wi-fi connection information. I did find the Bluetooth info, but there is a fix for Bluetooth problems in this image, so I'm reluctant to touch the data.
Restore Dropbear. See the instructions above, but you can just copy the data. However, ADB does not set the source permissions at all, so you have to use tar, like this. Run as root, so you have permission to read the secret key.
chmod 600 /tmp/dropbear.tar
tar cf /tmp/dropbear.tar dropbear
adb push /tmp/dropbear.tar /tmp/dropbear.tar
adb shell # Now executing on the phone
tar xpf /tmp/dropbear.tar