a-shell icon indicating copy to clipboard operation
a-shell copied to clipboard
verified publisher icon holzschu

Support SSH onnections into a-shell (`sshd`)

Open bbb651 opened this issue 1 year ago • 6 comments

I think it would be really useful to be able to ssh into a-shell from a computer for setup and experimentation (it's also useful for shortcuts although a-shell already supports them natively). I read some of the ios_system code but I'm unfamiliar with iOS development and couldn't figure not exactly how it works, but it looks sshd is already built as part of ssh-agent..? If I understand correctly it needs to be a ios_system bulitin rather than a normal binary in order to properly handle establishing ssh connections?

bbb651 avatar Jun 06 '24 06:06 bbb651

I have, indeed, compiled sshd for iOS in ios_system. I'm currently stuck on the user-experience and configuration part of sshd. In order to run commands from the outside world, sshd has a lot of security (that's understandable). You need to generate server keys, store them, deliver them to the client. And of course these keys are tied to the server IP address, and ssh (the client) will print an ominous warning or refuse to connect if the server IP address has changed since the server keys were generated, or if the server keys have changed. All of that makes sense for a desktop server; it is more complicated for an iPad or iPhone that is mobile by design, and will change IP address several times during the day. Short version: the binary is not the problem, the configuration is. I'm taking time to think about how to do it right.

holzschu avatar Jun 06 '24 06:06 holzschu

I found a useful thread with some options for ssh configuration, specifically CheckHostIP and HostKeyAlias, although it requires manual configuration and I'm not even sure how to identify a-shell in the config, maybe by hostname?

I also found a suggestion somewhere to use ssh with a reverse shell which does handle ip changes, but that requires the connecting client having sshd running, authenticating on a-shell for the connecting client after authenticating on the connecting client for a-shell and is probably more inconvenient at this point than losing the connection on ip changes.

Another path is mosh support #3 which sounds like it would solve this from their README:

Mosh allows the client and server to "roam" and change IP addresses, while keeping the connection alive. Unlike SSH, Mosh can be used while switching between Wi-Fi networks or from Wi-Fi to cellular data to wired Ethernet.

But this seems to just be not true...

bbb651 avatar Jun 06 '24 07:06 bbb651

Dear Holzschu,

Can you release the binary as is and let everybody try?

I think it will already be helpful even just in foreground, especially it's possible to open a-shell windows side-by-side.

speculaas avatar Jul 21 '24 04:07 speculaas

I use a-shell over a vpn so my IP does not change. sshd binary (even resident in terminal) would be very useful for me also

nerflad avatar Nov 13 '24 02:11 nerflad

I would like this feature as well. Mainly so that I don't have to type on the on-screen keyboard.

shibenb avatar Dec 04 '24 18:12 shibenb

Running a minimal sshd server able to forward ports would be really good. Currently using ish for running a lightweight http server and proxy which would help me to connect the other devices via ios vpn without needing to run actual vpn on external devices.

hasan4791 avatar Jan 10 '25 23:01 hasan4791