Saner environment in SSH sessions, and automatically restart sshd.HEAD main

author: Julian Blake Kongslie 2020-05-24 23:02:20 -0700
committer: Julian Blake Kongslie 2020-05-24 23:55:52 -0700
commit: 2379a457a87afc9507f0f2a9664fcb47006a2aa2 (patch)
tree: b2911f06721ce3b2cca269af3b2782747478f527
parent: Initial commit. (diff)
download: magisk-ssh-2379a457a87afc9507f0f2a9664fcb47006a2aa2.tar.xz
4 files changed, 41 insertions, 4 deletions
diff --git a/customize.sh b/customize.sh
index 90dc030..2f029b3 100644
--- a/customize.sh
+++ b/customize.sh
@@ -9,5 +9,7 @@ ssh-keygen -t rsa -b 2048 -N "" -f "$MODPATH"/ssh/ssh_host_rsa_key || exit 1
 ui_print "Setting permissions..."
 set_perm "$MODPATH"/service.sh 0 0 0755
 set_perm "$MODPATH"/ssh/authorized_keys 0 0 0644
+set_perm "$MODPATH"/ssh/run 0 0 0755
+set_perm "$MODPATH"/ssh/setup-connection 0 0 0755
 set_perm "$MODPATH"/ssh/ssh_host_rsa_key 0 0 0600
 set_perm "$MODPATH"/ssh/ssh_host_rsa_key.pub 0 0 0644
diff --git a/service.sh b/service.sh
index 2f4b72b..96093ba 100755
--- a/service.sh
+++ b/service.sh
@@ -2,12 +2,10 @@
 set -eux
-MODDIR="${0%/*}"
+export MODDIR="${0%/*}"
 until [ $(getprop sys.boot_completed) ]; do
    sleep 1
 done
-SSHD="$(which sshd)"
+"$MODDIR"/ssh/run
-nohup "$SSHD" -f "$MODDIR"/ssh/sshd_config -h "$MODDIR"/ssh/ssh_host_rsa_key -o "AuthorizedKeysFile $MODDIR/ssh/authorized_keys" > /dev/null &
diff --git a/ssh/run b/ssh/run
new file mode 100755
index 0000000..470c91b
--- /dev/null
+++ b/ssh/run
@@ -0,0 +1,18 @@
+#!/system/xbin/bash -l
+SSHD="$(which sshd)"
+while true; do
+    nohup "$SSHD" \
+        -D \
+        -f "$MODDIR"/ssh/sshd_config \
+        -h "$MODDIR"/ssh/ssh_host_rsa_key \
+        -o "AuthorizedKeysFile $MODDIR/ssh/authorized_keys" \
+        -o "ForceCommand $MODDIR/ssh/setup-connection" \
+        > /dev/null &
+    wait
+    sleep 1
+done
diff --git a/ssh/setup-connection b/ssh/setup-connection
new file mode 100755
index 0000000..b0e59da
--- /dev/null
+++ b/ssh/setup-connection
@@ -0,0 +1,19 @@
+#!/system/xbin/bash
+export ANDROID_ASSETS=/system/app
+export ANDROID_BOOTLOGO=1
+export ANDROID_CACHE=/cache
+export ANDROID_DATA=/data
+export ANDROID_ROOT=/system
+export ANDROID_RUNTIME_ROOT=/apex/com.android.runtime
+export ANDROID_STORAGE=/storage
+export ANDROID_TZDATA_ROOT=/apex/com.android.tzdata
+export ASEC_MOUNTPOINT=/mnt/asec
+export DOWNLOAD_CACHE=/data/cache
+export EXTERNAL_STORAGE=/sdcard
+if [[ "$SSH_ORIGINAL_COMMAND" == "" ]]; then
+    exec /system/xbin/bash -i
+else
+    exec /system/xbin/bash -c "$SSH_ORIGINAL_COMMAND"
+fi
author	Julian Blake Kongslie	2020-05-24 23:02:20 -0700
committer	Julian Blake Kongslie	2020-05-24 23:55:52 -0700
commit	2379a457a87afc9507f0f2a9664fcb47006a2aa2 (patch)
tree	b2911f06721ce3b2cca269af3b2782747478f527
parent	Initial commit. (diff)
download	magisk-ssh-2379a457a87afc9507f0f2a9664fcb47006a2aa2.tar.xz

diff --git a/customize.sh b/customize.sh index 90dc030..2f029b3 100644 --- a/customize.sh +++ b/customize.sh
@@ -9,5 +9,7 @@ ssh-keygen -t rsa -b 2048 -N "" -f "$MODPATH"/ssh/ssh_host_rsa_key \|\| exit 1
9	ui_print "Setting permissions..."	9	ui_print "Setting permissions..."
10	set_perm "$MODPATH"/service.sh 0 0 0755	10	set_perm "$MODPATH"/service.sh 0 0 0755
11	set_perm "$MODPATH"/ssh/authorized_keys 0 0 0644	11	set_perm "$MODPATH"/ssh/authorized_keys 0 0 0644
		12	set_perm "$MODPATH"/ssh/run 0 0 0755
		13	set_perm "$MODPATH"/ssh/setup-connection 0 0 0755
12	set_perm "$MODPATH"/ssh/ssh_host_rsa_key 0 0 0600	14	set_perm "$MODPATH"/ssh/ssh_host_rsa_key 0 0 0600
13	set_perm "$MODPATH"/ssh/ssh_host_rsa_key.pub 0 0 0644	15	set_perm "$MODPATH"/ssh/ssh_host_rsa_key.pub 0 0 0644


diff --git a/service.sh b/service.sh index 2f4b72b..96093ba 100755 --- a/service.sh +++ b/service.sh
@@ -2,12 +2,10 @@
2		2
3	set -eux	3	set -eux
4		4
5	MODDIR="${0%/*}"	5	export MODDIR="${0%/*}"
6		6
7	until [ $(getprop sys.boot_completed) ]; do	7	until [ $(getprop sys.boot_completed) ]; do
8	sleep 1	8	sleep 1
9	done	9	done
10		10
11	SSHD="$(which sshd)"	11	"$MODDIR"/ssh/run
12
13	nohup "$SSHD" -f "$MODDIR"/ssh/sshd_config -h "$MODDIR"/ssh/ssh_host_rsa_key -o "AuthorizedKeysFile $MODDIR/ssh/authorized_keys" > /dev/null &


diff --git a/ssh/run b/ssh/run new file mode 100755 index 0000000..470c91b --- /dev/null +++ b/ssh/run
@@ -0,0 +1,18 @@
		1	#!/system/xbin/bash -l
		2
		3	SSHD="$(which sshd)"
		4
		5	while true; do
		6
		7	nohup "$SSHD" \
		8	-D \
		9	-f "$MODDIR"/ssh/sshd_config \
		10	-h "$MODDIR"/ssh/ssh_host_rsa_key \
		11	-o "AuthorizedKeysFile $MODDIR/ssh/authorized_keys" \
		12	-o "ForceCommand $MODDIR/ssh/setup-connection" \
		13	> /dev/null &
		14	wait
		15
		16	sleep 1
		17
		18	done


diff --git a/ssh/setup-connection b/ssh/setup-connection new file mode 100755 index 0000000..b0e59da --- /dev/null +++ b/ssh/setup-connection
@@ -0,0 +1,19 @@
		1	#!/system/xbin/bash
		2
		3	export ANDROID_ASSETS=/system/app
		4	export ANDROID_BOOTLOGO=1
		5	export ANDROID_CACHE=/cache
		6	export ANDROID_DATA=/data
		7	export ANDROID_ROOT=/system
		8	export ANDROID_RUNTIME_ROOT=/apex/com.android.runtime
		9	export ANDROID_STORAGE=/storage
		10	export ANDROID_TZDATA_ROOT=/apex/com.android.tzdata
		11	export ASEC_MOUNTPOINT=/mnt/asec
		12	export DOWNLOAD_CACHE=/data/cache
		13	export EXTERNAL_STORAGE=/sdcard
		14
		15	if [[ "$SSH_ORIGINAL_COMMAND" == "" ]]; then
		16	exec /system/xbin/bash -i
		17	else
		18	exec /system/xbin/bash -c "$SSH_ORIGINAL_COMMAND"
		19	fi