by hash3liZer . 12 May 2018
In this tutorial, you will learn how you could use your Android smartphone to supervise your raspberry pi over a secure SSH tunnel. We will set up a wireless network which would allow these two systems of ours to have a transmitting path between them. Ultimately we will be able to develop connections and transmit necessary traffic or whatever in between these devices.
There at least comes a time for a Pi user where he would like to run it headless, i.e. no screen, no keyboard, nothing in particular at all but just a power source to have it on the run. That's where Android could be pretty useful. Well, in our case, we'll use the Android hotspot to set up a network and will make Pi connect this network as soon as it boots. Then it would just be the matter of using SSH or a likely secure remote utility.
Prerequisities
Before you start, you would need a keyboard, a mouse, an HDMI cable or an HDMI to VGA converter, a power source with the power of 5-6 Voltage and an LCD screen with the support of either VGA or HDMI. I assume that you've already setup everything with your PI and now you are on screen, waiting for the green signal.
STEP 1
Pick up Your Android Phone. Go to Settings --> WiFi Hotspot. Configure your Android HotSpot and launch the WiFi. This network will let these devices to communicate with each other. Remember the name, password and encryption of Hotspot.
STEP 2
We want the PI to connect the hotspot as soon as it boots which is the default behavior. So, all we need to do is to add this hotspot network. Remember, I presume that you are on CLI, so I am doing this below but in case of GUI, just connect the hotspot network as usual.
sudo nano /etc/wpa_supplicant/wpa_supplicant.conf
network{
ssid="shellvoide"
psk="password"
key_mgmt=WPA-PSK Leave this, if you are not sure
}
PARAMETER BREAKDOWN
Reconfigure the interface to see the effects and use iwconfig to make sure if you are connected or not.
wpa_cli -i wlan0 reconfigure
You can check on this link for more in depth about connecting networks via wpa-supplicant on raspbian: Setting WiFi Via Command Line on Raspberry Pi
STEP 3
When the PI will connect to the required network, as always a dynamic IP will be assigned to it which we could use for further implementations. But using dynamic IP would be a little filthy because we have to always find out which IP is assigned to PI before we start establishing SSH connections. Static IP will help us with this. We will always know that this must be the IP of PI. Edit the dhcpd configuration as per required.
sudo nano /etc/dhcpcd.conf
...
interface wlan0
static ip_address=192.168.43.173/24 # Don't forget to add /24 at the end
static routers=192.168.43.1
static domain_name_servers=192.168.43.1
Where, wlan0 is the interface for which we have to assign a static IP. domain_name_servers will be the DNS Server. routers is the gateway of Wireless Network(Hotspot) which can be found using route command.
While using static IP, one major problem that you will face is again the IP itself. If you connect to another network using this wifi interface, again you will be assigned the defined IP. Hence, the networks with different IP ranges will become unworthy. In such cases, its better to do nothing with the IP, just use what is assigned. Here's a screenshot from an Android which shows the IP of connected devices.
Some newer versions of android hide such important details from a normal user, like the encryption used for WPA-2 protocol. You can try developer options and check if you are able to disclose any sort of extra details.
STEP 4
Since we intend to run the raspberry Pi headless. SSH will let us have a terminal on the android under the same network. Install OpenSSH server. Optionally, you can install openssh client too.
apt-get install openssh-server openssh-client
We can't just make it fully open for anyone to connect and use the PI. So, stop the SSH service and generate new keys since anyone can easily guess the default keys.
mkdir /etc/ssh/old_keys cd /etc/ssh/ mv ssh_host* old_keys/
Generate new keys
dpkg-configure openssh-server
Add the following line in /etc/ssh/sshd_config. Possible values are no, yes and without-password. What this will do is define the settings that how a client would connect to root account.
PermitRootLogin yes
You might want to change the banners that will be displayed to SSH client when remote terminal appears in front of the client. You can do that so by adding the line in /etc/ssh/sshd_config and changing the content of /etc/issue.net
Banner /etc/issue.net
At the end, start the SSH service and enable it using systemctl to start it at boot time.
sudo service ssh start sudo systemctl enable ssh
Make sure that the server is running correctly with the command:
sudo systemctl status ssh
STEP 5
Now, you have to install an SSH client on your android. There are numerous applications available on Google Play Store to work as an SSH client. Some famous are JuiceSSH, Termius and ConnectBot
JuiceSSH provides a very nice interface and hence got my attention. Install the application from Play Store and add a New Connection...
In the Address field, add the IP address of raspberry pi which we assigned it in step 3 or the dynamic one. The below field from Address is supposed to have the identity of Your PI which in clear is the username and password of your PI. Click on Identity dropdown and create a New identity. You can leave the password field clean, in case you want to be asked for password in real-time connection. Save the connection after being done.
STEP 6
Now, make sure that you are connected to Wireless Hotspot Network. If you do, reboot the PI and check if you are assigned the required static IP address to wireless wlanN interface.
sudo reboot # After Rebooting ifconfig
Now we know that which IP address will be assigned to PI on it's startup. Lets make sure if SSH working correctly. Use command-line SSH or check with JuiceSSH that if you are able to make connections with PI.
When you know that everything is working clear and fine. ShutDown Your Pi and disconnect everything from PI except power cable and then give it power again. Wait a minute for PI to start and open the connection from JuiceSSH application which we created earlier in step 5
sudo poweroff # Shutdown PI
Conclusion
Raspberry Pi can be easily taken out anywhere without any screen. All you need is a power source and mass storage cable to power it up. With the help of OpenSSH server which starts every time as the PI boots up, an SSH client can make connections from PI for they are part of the same network. You will have a terminal that redirects commands to PI within a few seconds after the PI boots.
If you want to provide Internet connectivity to raspberry pi, the only options you have in this case is to either forward it from your Android Network i.e. Hotspot or you can use another external WiFi adapter for a real WiFi connection. If you planning to use something is like aircrack-ng, make sure that the card you buy support promiscuous mode with the capability of packet Injection.