I have a rooted LG G3 with ROM CyanideL (Cyanogenmod 12.1 based) running Lollipop. This should work on most rooted android phones. We are going to make a set of private and public keys on the phone. Then we will transfer the public key to our server so that we can connect to that server without a password. When we transfer the public key via ssh we will need to use a password that time, but every time we connect to the server with ssh after that we will not need to use a password as we will be using the private key for authentication. Since the server will have the public key partner of our private key the connection will work and a password will not be asked.
mkdir -p /data/sshkey1 ssh-keygen -f /data/sshkey1/id_rsa -N "" ## or "ssh-keygen" and use interactively chmod 600 /data/sshkey1/id_rsa
Sidenote: The argument -f /data/sshkey1/id_rsa makes the private key /data/sshkey1/id_rsa and public key /data/sshkey1/id_rsa.pub. The argument -N “” assigns the key no password, as I dont want a password for my SSH key as that would defeat having password-less entry and make me put a password at a different part of the login
Sidenote: if you put the key in /data/.ssh or where ever “ssh-keygen” wants to put it by default (find out the default ssh key folder by running “ssh-keygen” without any options and cancel with control-c to get back), then you will not need to specify the private key with -i argument with ssh command when connecting to your server.
Sidenote: if you want to put your key in /root, dont do it because / is a ramfs filesystem and /root belongs to it (but if you did you would need to do “mount -o rw,remount /” and when your done “mount -o ro,remount /“). On reboot /root is cleared out because / is a ramfs/roofs filesystem. If you want to put your key in /system than you need to make /system readwrite (by default its readonly for security purposes) “mount -o rw,remount /” and when your done making the folder “/system/sshkey1” (or whatever you want to call it) and done making your key “/system/sshkey1/id_rsa” (or whatever you want to call it), then you need to remount it back to readonly for security “mount -o rw,remount /system“
The ssh-keygen command then makes the private key, “id_rsa“, which you keep and dont send anywhere. It also makes the public key, “id_rsa.pub“, which you send to other servers “authorized_keys” file (and append your key to that file, so that you can login to those other servers).
Now you will need to repeat this next part for all of the servers that you want password less entry to via ssh. Usually there is an ssh copy key command, but it doesnt look like it exists if I type ssh <TAB key> <TAB key> I only see ssh, ssh-keygen and sshd.
We will transfer the key not with scp and not with ssh-copyid, but with my favorite cat ssh cat method. Send the key via “cat” to “ssh” via a pipe and catching it with “cat” in append mode “>>” on the remote server. Im assuming out server (which has an ssh server, with the folder /root/.ssh present) is 10.1.1.100 (change that to meet your servers IP and user and port) for the sake of the example:
cat /data/sshkey1/id_rsa.pub | ssh -p 22 email@example.com "cat - >> /root/.ssh/authorized_keys"
Test connection by using your key with -i. This should now work without a password.
ssh -i /data/sshkey1/id_rsa -p 22 firstname.lastname@example.org
If you put your key in the default folder (so the private key is called /data/.ssh/id_rsa) use:
ssh -p 22 email@example.com
Now you should have password-less entry.
Sidenote: Some servers could be configured to not accept ssh keys and always rely on password. So if your server is like that, then this method of password-less entry will not work