实现平台: 全志A33_Android4.4
一:密钥
1. build/envsetup.sh
2.Lunch
3.mmm -B external/zlib
{
/out/target/product/vstar/system/lib/libz.so
/out/target/product/vstar/system/bin/gzip
}
4. mmm -B external/openssl
{
/out/target/product/vstar/system/lib/libcryphto.so
/out/target/product/vstar/system/lib/libssl.so
/out/target/product/vstar/system/bin/ssltest
/out/target/product/vstar/system/bin/openssl
}
5.mmm -B external/openssh
{
/out/target/product/vstar/system/lib/libssh.so
/out/target/product/vstar/system/bin/ssh
/out/target/product/vstar/system/bin/sftp
/out/target/product/vstar/system/bin/scp
/out/target/product/vstar/system/bin/sshd
/out/target/product/vstar/system/bin/ssh-keygen
/out/target/product/vstar/system/bin/start-ssh
/out/target/product/vstar/system/etc/ssh/sshd_config
}
6.将生成的二进制push进 /system/bin/
7.将生成.so的库文件push进 /system/lib/
8.修改配置文件sshd_config,路径:/etc/ssh/sshd_config
{
将#Port 22改为Port 22
#PermitRootLogin yes改为PermitRootLogin without-password
#RSAAuthentication yes改为RSAAuthentication yes
#PubkeyAuthentication yes改为PubkeyAuthentication yes
PasswordAuthentication no改为#PasswordAuthentication no
#PermitEmptyPasswords no改为PermitEmptyPasswords yes
#ChallengeResponseAuthenticationyes改为ChallengeResponseAuthentication yes
#UsePrivilegeSeparation yes改为UsePrivilegeSeparation no
chmod 600 sshd_config
}
9.创建目录结构,在系统中data目录下创建ssh和empty文件夹,empty文件夹在运行sshd服务的时候需要的,源码中应该是有这个定义的,所以不创建empty空文件夹的话,运行sshd服务的时候会报错:
{
$mkdir -p /data/ssh
$mkdir -p /data/ssh/empty
$chmod 700 /data/ssh
$chmod 700 /data/ssh/empty
}
10. 在/data/ssh/文件夹下生成系统密钥
{
$cd /data/ssh/
$ssh-keygen -t rsa -f ssh_host_rsa_key -N “”
$ssh-keygen -t dsa -f ssh_host_dsa_key -N “”
}
11. 主机PC windows/ubuntu下生成通讯的密钥,目录: .ssh/id_rsa.pub,id_rsa
{ #ssh-keygen -t rsa -C “your_email_address” }
12.将公钥push进Android系统,ssh权限700,authorized_keys权限600
{
#adb push id_rsa.pub /data/ssh/authorized_keys
#adb shell chmod 600 /data/ssh/authorized_keys
#adb shell chown root:root /data/ssh/authorized_keys
}
13.手动开启服务 start-ssh
二:密码
通过openssh将root密码写死,暂无实现。