Using ConnectBot with Intents

Question

Is there any way to access the ConnectBot functionality via intents? I want to start a ssh-session out of my application and authenticate via Private/Public Key, and close the session afterwards. Is this possible with ConnectBot and if yes, how can I call the Intents? Sadly, I didn't find any documentation on this topic :(

Answer 1

The answer to this question depends on what you want to use the ssh session for: is it something programmatic, or do you want to show the user a terminal session or console where they can type in arbitrary commands? That second option is for the most part quite easily supported, as you can see from studying the ConnectBot manifest - the app has an intent filter registered for the ConsoleActivity which matches this pattern:

• action : android.intent.action.VIEW
• uri : ssh://user@host:port/#nickname

...it won't close the session afterwards, but apart from that, it will do everything you specified, using ConnectBot's own infrastructure for the connection, and employing any SSH keys the user has registered within the ConnectBot app.

Alternatively, you might be talking about the former option: for your app to execute some particular command against an SSH server in a programmatic fashion.

This isn't currently supported in any way by the official release of ConnectBot. Depending on your requirements, you might imagine that you would just fire off an intent to ConnectBot with the address of a server and a command you want it to execute; that wouldn't be too hard for ConnectBot to implement and it would save you the headache of learning too much about the ssh protocol. However, this intent doesn't exist, and if it did it would be very dangerous, any app on the phone could use it to execute arbitrary code with the users credentials on remote servers.

What does exist is this intent I created in a patched version of ConnectBot a few months ago to support Agit, the Git client for Android:

org.openintents.ssh.BIND_SSH_AGENT_SERVICE

This patched version of ConnectBot allows ConnectBot to act like an ssh-agent - your app is responsible for managing the ssh connection, but you can call out to ConnectBot to obtain the necessary credentials - ConnectBot will let you know what public keys it has available for the connection, and will sign the digital challenges required for authentication. The details of the protocol are on OpenIntents.org, but basically you use the intent to bind to ConnectBot, obtaining an AIDL interface which provides the ssh-agent functionality:

org.openintents.ssh.BIND_SSH_AGENT_SERVICE

As a security precaution, your app will need to declare that it uses this permission, or it won't be able to bind to the service:

org.openintents.ssh.permission.ACCESS_SSH_AGENT

The patched version of ConnectBot can be downloaded off the Android Market here:

https://market.android.com/details?id=com.madgag.ssh.agent

The source code for the patch is here:

http://code.google.com/r/robertotyley-connectbot-ssh-agent/source/list?name=ssh-agent

Although this takes care of the public/private key management, it still leaves you with actually having to implement the ssh connection within your app. I'd recommend the sshj library for ssh protocol support, see their example of a simple 'command' connection:

https://github.com/shikhar/sshj/blob/v0.6.1/src/main/java/examples/Exec.java

The Bouncy Castle crypto libs are normally used in Java for providing encryption algorithms, however the version provided with Android is crippled and not easily overridden - consequently you should use the Spongy Castle libs for an Android-friendly repackaging of the BC libs:

https://github.com/rtyley/spongycastle