Three useful Android tools for administrators of Linux and Windows systems. SSH clients for Android Using certificates for secure access

Other 

Developers often use SSH clients for mobile operating systems in their work. Quite a few SSH agents have been created for various operating systems, but in this material we will consider only SSH solutions tailored for Android. We will not consider paid clients with existing free analogues.

ConnectBot – client for remote SSH management on Android

ConnectBot is the oldest of all existing clients, because it even still has support for devices with trackballs, although they stopped installing them with the advent of Android 4.x. However, according to Google, the developers have forgotten about their brainchild since October 2010, which is why the application has a constant rating of 4.7. Upon first launch, it becomes clear that the SSH client was created for the very first devices with Android 1.x/2.x, but this does not prevent it from working on more recent versions of the operating system.

The Android client has a nice feature in the form of the ability to quickly create a connection (for example, to Ubuntu servers). The user only needs to select the protocol (local, telnet or SSH), and then enter the user name, host name in the text field and press Return.

Otherwise, the application does not have very many settings (it all mainly comes down to hardware keys and screen/wi-fi lock).
When you try to connect to a server (for example, to Ubuntu), ConnectBot will prompt you to enter a password, but in the host properties you can also specify the key, and send the public part of it to the clipboard and send it, for example, to yourself by mail, so that you can later upload it to key folder on the server (for example, Ubuntu).

As soon as you connect the agent to the server, a terminal will open, a small panel with three keys at the bottom (esc, ctrl and an electronic keyboard button) and a context menu. If you swipe on the left side of the screen, the keys for managing pages will be displayed, and if you swipe on the right, the clipboard scrolling will open. True, we did not find the ability to press the alt key, and we also could not display the arrows. All this was possible on keyboard devices, but their days are long gone. Actually, like this agent, because the developers have long forgotten about it.

You can get the client, which usually connects to the Ubuntu server, at the URL: http://connectbot.ru.uptodown.com/android

JuiceSSH – agent SSH on Android

JuiceSSH is a full-fledged mobile agent for Android with Telnet and Mosh support. There is remote server management, the ability to work with several background sessions at once (for example, Ubuntu), two-factor authentication, encryption, etc. are supported.

Key features of the JuiceSHH client:

  • remote server management (for example, Ubuntu);
  • pop-up keyboard with a lot of symbols;
  • adjusting the font using the volume rocker;
  • external keyboard support;
  • IPv6 support;
  • RSA key generator;
  • local Android terminal;
  • the ability to copy and paste in sessions;
  • two-factor authentication;
  • agent supports connection by groups;
  • UTF-8 support;
  • opening the URL in a browser;
  • Works out of the box with Ubuntu, CentOS, Mint and other Linux products.

JuiceSHH also has an additional set of PRO options that are available after purchase in the application itself: integration with Amazon, synchronization between multiple devices, AES-256 backup encryption, widget for quick access to frequently used connections, attractive themes for the terminal, Zlib compression to improve SSH sessions.

SSH Tunnel – client for accessing SSH via tunnel

SSH Tunnel is an excellent application that allows you to access the network through a tunnel. Remote control of the program is completely safe, and it itself was developed based on Connectbot and Dropbear. SSH Tunnel requires root access.

The principle of operation of the SSH Tunnel is as follows: a tunnel is created through an SSH connection and is used to encrypt the tunneled data. This solution completely protects data transmission on the Internet; unencrypted protocol traffic is encrypted at one end of the SSH connection and decrypted only at the other.

If you have a choice between using an SSH Tunnel or a VPN tunnel, then you should choose the second option, because the SSH Tunnel has no advantages over a VPN. But VPN offers versatility and support by many programs according to standards. If you do not have the opportunity to keep an SSH server, then to create an SSH Tunnel you need to rent a server for a fee from any hoster that provides such a service.

There are many fields in the SSH Tunnel settings, but we are only interested in a few:

  • host – here you need to enter the IP address or domain through which your SSH works;
  • port – standard port is 22nd;
  • user – enter the username from SSH here;
  • password – enter the password here;
  • use socks proxy – activate dynamic port forwarding;
  • auto connect – automatic connection of the tunnel when connecting to the Internet;
  • auto reconnect – auto reconnect to the SSH server in case of a break;
  • global proxy – if this field is active, then all traffic will pass through the ssh tunnel.

Now you can click the “Tunnel Switch” button to start the tunneling process.

In our review, we will consider only the most useful and functional SSH clients for working with the Android OS. These utilities allow you to organize remote work of your device with an SSH server. By default, we did not use paid software in the review, of which there is a great variety on Google Play, but settled on free applications.

One of the oldest SSH remote management apps on Android. Its development ended back in 2010 with the release of the 4th version of this operating system, but despite this, the client is still popular with users today.

Its distinctive feature is the function of quickly creating a connection to the server. The user only defines the protocol, in our case ssh, and fills in the fields with the name and host name. After entering, remote access is connected.

ConnectBot functionality in general does not have a wide range of settings. After connecting to the server, the client offers to protect the login with a password and specify the key in the host properties. In this case, the public part of the key can be copied to a buffer and saved on the device or sent to the cloud.

Once connected, a terminal panel with 3 keys at the bottom and a context menu will appear.

Full featured mobile agent that supports Telnet and Mosh. It also acts as a client for remote server management. JuiceSSH is securely protected by two-factor authentication.

Main features:

  • ability to customize the font;
  • IPv6 and UTF-8 support;
  • RSA key generator;
  • local Android terminal;
  • work with all Linux products.

After purchasing the pro version of the application, a number of possible settings are added to the options listed.

SSH Tunnel

A feature of this application, as is already clear from its name, is the creation of a secure tunnel between the server and the device. To work you will need root rights.

The application allows the user to completely protect data transmission. The principle of operation of the tunnel is to encrypt data when leaving the device and decrypt it directly on the server.

Connect to your servers via SSH, VNC or web browser

Administering systems is hard work, and the ability to respond quickly to problems is a definite plus. Not so long ago, a problem with a server meant a phone call followed by a trip to the data center to correct the situation. Today, having full-fledged computers, such as smartphones or tablets, literally in their hands, a system administrator can make their life much easier. Load up a few apps on Android and you can remotely monitor servers and services, receive alerts and alerts, and resolve problems without having to travel.

This guide covers simple but important tasks related to connecting to remote servers. I use ConnectBot for SSH command line work, for VNC and browser based TeamViewer for GUI work.

What can you do with Android?

Since Android devices are portable computers, and quite powerful ones at that, it wouldn’t be too much of a stretch to charge them with the same tasks that can be done with a PC or laptop. This guide will show you how to connect to a remote server, but it certainly won't solve every system administrator's problems. For example, you need tools to receive and send files, monitor servers and services, and perform other important network management tasks such as mapping a network drive, diagnosing a machine, or querying a DNS server. I will cover these tasks in future tutorials in this series.

I'm also not covering tasks that can be accomplished using tools already on the device, such as a browser (such as PhpMyAdmin or Webmin), an email client (for receiving alerts), or chat clients. Instead, I'll focus on dedicated, lesser-known Android apps.

Access to the SSH console

If I could only work with one application, I would prefer to host console sessions, so let's start with ConnectBot. Please note that the current version on Google Play is version 1.7.1 from October 2010, but work is ongoing and intermediate and new versions are available on GitHub. With several million installs and an average score of 4.6 out of 5, this free app is really hard to beat.

Update your keyboard

Update your keyboard

To use the console, you'll need a better keyboard than the stock Android offering. I installed Hacker's Keyboard on both machines to have access to function keys, Esc, Tab, etc. If the device does not have hardware buttons (like my Nook Tablet), use Button Savior, which with the arrow on the edge screen allows you to call up icons for all sorts of missing buttons, such as Menu, Back and Settings.

ConnectBot allows you to connect to a remote server via SSH or Telnet, or even to your own device for console operation. You enter a username, the name of the host to connect to, and (optionally) the port to use. Your connection settings are saved, so the next time you open the app, you'll be able to connect faster. ConnectBot attempts to establish the selected connection and then asks for a password.

You can connect to multiple servers at the same time and alternate these connections.

You can use public key certificates (see section) and also use an application for tunnel connections.

Button Back phone allows you to return to the main menu, where already open connections are displayed with a green icon. To disconnect, you can use the exit command, the Ctrl+D keyboard shortcut, or the menu item Disconnect. After disconnecting from the server, you will see a red icon in the main application menu. Select any open connection and you will be returned to that session. To prevent the connection from being interrupted in the background, check the box Persistent Connections In chapter Settings main menu. Also check the boxes Keep WiFi Active(so that the connection is not accidentally interrupted) and Keep Screen Awake(so that the screen does not turn off in the midst of work).

ConnectBot works in portrait and landscape modes, but to see the entire Hacker's Keyboard (see the "Upgrade Your Keyboard" sidebar above), you'll need landscape mode.


When you need more screen area, use the button Back to hide the keyboard (you can tap anywhere on the screen to bring it up). Some customization options allow you to use special keys, but I find this inconvenient.

The phone's volume keys increase and decrease the screen font size, and there is a menu option that sets a specific screen size. If you don't have enough space, you can even remove the status bar. Screen content scrolls using sliding movements; in the main menu you can set the scrolling size (in lines) - I recommend 500 or more lines. In any case, I try to use landscape mode and hide the keyboard whenever possible.

Using certificates for secure access

Select on your device Menu > Manage Pubkeys and follow the instructions to create a key pair. You must provide a description, the type of key pair (RSA or Digital Signature Algorithm), the number of bits used, and an optional password. (If no password is set, then any user with access to an Android device will be able to access your servers). By selecting Generate, swipe your finger to generate a random code, after which a key will be generated and saved. After this, the public part of the key will be transferred to the remote server:

  • select Copy Public Key from the menu;
  • connect to the server (using a regular password);
  • Once the connection is established, run the command echo "...generated public key..." >> .ssh/authorized_keys. The insert function allows you to enter quotation marks. Make sure the authorized_keys file has permission 644.

To test the new access method, disconnect from the server and try connecting again. You should establish connections by simply typing your local key password.

To disable a specific key, click the block icon next to it. The key will change from green to red and will not be used until you re-enable it.

Graphical access via VNC

If the server is running X Server for Windows, it can be accessed via VNC. Productivity will not be the highest, but you can work. For this purpose I prefer the . It is relatively old (the latest build was released in March 2011), but it is free, compact and has several million installations. This app works great, although development seems to have stopped. Of course, I only use it on a tablet: trying to pan and scroll the full screen in a small phone window is problematic to say the least.

When you open this application, you will receive a list of previously established connections, empty fields where you can define a new connection, and a button Connect.


To create a new connection, give it a short, descriptive name and enter a password if the VNC server you're connecting to requires one; server address, port (which depends on the server) and color format. 24-bit color looks nice, but noticeably slows things down.

Not all VNC servers support all color rendering capabilities; If you can't connect, try a different color depth. The color mode can also be changed dynamically while a VNC session is open by selecting Menu > Color Mode. If you want to save connection data, check the box Keep, otherwise they will be deleted upon exit.

Once the connection is established, you'll get a normal view on your tablet, which acts as an Android browser. (This mode of operation is called Touch Mouse Pan and Zoom.) You can scroll the image using sliding or gestures. The finger plays the role of a mouse; a tap corresponds to a left click, and a double tap corresponds to a right click. If you need something else, try it Menu > Send Keys: A pop-up window will open to send any other combination of keys and clicks. You can also simulate dragging. If you lose your cursor then Menu > Mouse@ will place it in the center of the screen. A delayed touch causes three buttons to appear: two of them are used to resize the screen (the same effect can be achieved using a pinch gesture), and the third is for displaying a virtual keyboard.

Another way to enter text is Menu > Send Text, which opens a window where you can enter text and send it to the server. You can even save text, such as passwords, to send without having to retype them. Paragraph Menu > More provides several additional capabilities, including disconnecting at any time, passing Ctrl+Alt+Del, and getting connection information. Note the relatively limited view of the remote screen when working via a VNC connection.


Using a GUI remotely doesn't usually provide the best experience, but android-vnc-viewer gets the job done, and performance issues aside, you get to work as if you were actually standing next to the remote machine. Keep this app handy just in case.

Web access

Configuring VNC to gain access through firewalls, routers, etc. can be a hassle. When I can't directly access the server I go to TeamViewer, which only requires the server's ability to connect to the Internet. The client and server connect to the TeamViewer server, which serves as an intermediary between the Android device and the server. Please note that TeamViewer is provided free of charge for non-commercial use only; For commercial, a license is required.

First, someone needs to run TeamViewer on the remote computer. I won't go into detail here, but your assistant can either install the program or run it just once. For Linux systems it works through Wine.

Your assistant will see a window with a 9-digit session ID and password.


To gain access, enter these values ​​in the Android client.

TeamViewer can be configured to use in standard mode, with a fixed password, or without a password at all, but you will have an assistant on the remote machine who will simply read the password to you.


While a communication session is open, the bottom line allows you to close the connection, access the virtual keyboard and mouse, change the zoom (using the slider at the bottom right) and perform some special actions (sending a Ctrl+Alt+Del command, rebooting the remote computer, blocking remote user input, so that only you can work on his machine, etc.). There are also menu options to change how information is displayed (to improve quality or performance), display session information, access connection logs, and other similar features.


TeamViewer developers have solved the problem of missing keys head-on: if you enable the virtual keyboard, a translucent tab appears that allows you to simulate all the special keys, such as Shift, Ctrl, Alt, Windows (familiar to UNIX and Linux users as META or MOD4), and even all function keys: Esc, Tab, etc. Working remotely with this app is similar to using VNC, but you'll notice a difference in performance given that the data goes through an additional server before reaching your device.

Despite requiring an on-site assistant and an intermediate host, TeamViewer allows you to handle tasks that would otherwise require you to be near a faulty remote machine, so don't neglect it.

Phone or tablet?

I used to work with an HTC Desire Z smartphone (with a slide-out keyboard - good for using the console) and a (good old) Nook tablet, but now I've switched to Google and am working with a Google Nexus 5 phone and a Nexus 7 tablet (waiting for a Nexus 9) . The tablet only has Wi-Fi access, but in the absence of a suitable network, I use the phone as a portable mobile network hotspot. Both devices have their advantages and disadvantages. The phone is more convenient, lighter and better suited for receiving notifications or quickly checking server availability. However, the smaller the screen, the more inconvenient it is, and in some cases it is almost impossible to operate the phone. SSH or VNC connections are the most obvious example; To work with them you will need a magnifying glass and really thin fingers.

Conclusion

The job of a system administrator is hard, but Android opens up several ways to make it easier by allowing you to access servers through a console or GUI directly from your mobile device.

What are your favorite mobile systems administration tools? Add your comment!

You may also like...
Fortune telling on coffee beans: methods and rules for conducting Fortune telling on coffee beans interpretation yes no

Fortune telling on coffee beans: methods and rules for conducting Fortune telling on coffee beans interpretation yes no

Zodiac sign Leo what month Horoscope Leo for the last months of the year

Zodiac sign Leo what month Horoscope Leo for the last months of the year

Gorgeous Lenten pie with berries “Fireworks of taste”

Gorgeous Lenten pie with berries “Fireworks of taste”