How to have control over raspberry from an android using SSH

by hash3liZer . 12 May 2018

How to have control over raspberry from an android using SSH

In this tutorial, you will learn how you could use your Android smartphone to supervise your raspberry pi over a secure SSH tunnel. We will set up a wireless network which would allow these two systems of ours to have a transmitting path between them. Ultimately we will be able to develop connections and transmit necessary traffic or whatever in between these devices.

There at least comes a time for a Pi user where he would like to run it headless, i.e. no screen, no keyboard, nothing in particular at all but just a power source to have it on the run. That's where Android could be pretty useful. Well, in our case, we'll use the Android hotspot to set up a network and will make Pi connect this network as soon as it boots. Then it would just be the matter of using SSH or a likely secure remote utility.

Prerequisities

Before you start, you would need a keyboard, a mouse, an HDMI cable or an HDMI to VGA converter, a power source with the power of 5-6 Voltage and an LCD screen with the support of either VGA or HDMI. I assume that you've already setup everything with your PI and now you are on screen, waiting for the green signal.

STEP 1

HoTsPot

Pick up Your Android Phone. Go to Settings --> WiFi Hotspot. Configure your Android HotSpot and launch the WiFi. This network will let these devices to communicate with each other. Remember the name, password and encryption of Hotspot.

wifi launching

STEP 2

WiFi on PI

We want the PI to connect the hotspot as soon as it boots which is the default behavior. So, all we need to do is to add this hotspot network. Remember, I presume that you are on CLI, so I am doing this below but in case of GUI, just connect the hotspot network as usual.

sudo nano /etc/wpa_supplicant/wpa_supplicant.conf
network{
    ssid="shellvoide"
    psk="password"
    key_mgmt=WPA-PSK    Leave this, if you are not sure
}

PARAMETER BREAKDOWN

  • ssid: Name of the Hotspot Network from the Android
  • psk: Password of Hotspot Network
  • key_mgmt: Encryption Mechanism of Wireless Network

Reconfigure the interface to see the effects and use iwconfig to make sure if you are connected or not.

wpa_cli -i wlan0 reconfigure
pi connected to desired intereface

You can check on this link for more in depth about connecting networks via wpa-supplicant on raspbian: Setting WiFi Via Command Line on Raspberry Pi

STEP 3

Static OR Dynamic IP

When the PI will connect to the required network, as always a dynamic IP will be assigned to it which we could use for further implementations. But using dynamic IP would be a little filthy because we have to always find out which IP is assigned to PI before we start establishing SSH connections. Static IP will help us with this. We will always know that this must be the IP of PI. Edit the dhcpd configuration as per required.

sudo nano /etc/dhcpcd.conf
...
interface wlan0
static ip_address=192.168.43.173/24    # Don't forget to add /24 at the end
static routers=192.168.43.1
static domain_name_servers=192.168.43.1

Where, wlan0 is the interface for which we have to assign a static IP. domain_name_servers will be the DNS Server. routers is the gateway of Wireless Network(Hotspot) which can be found using route command.

finding gateway of network in linux
static ip on raspberry pi

Over Dynamic IP

While using static IP, one major problem that you will face is again the IP itself. If you connect to another network using this wifi interface, again you will be assigned the defined IP. Hence, the networks with different IP ranges will become unworthy. In such cases, its better to do nothing with the IP, just use what is assigned. Here's a screenshot from an Android which shows the IP of connected devices.

Ip assigned to PI by hotpsot

Some newer versions of android hide such important details from a normal user, like the encryption used for WPA-2 protocol. You can try developer options and check if you are able to disclose any sort of extra details.

STEP 4

Setup OpenSSH

Since we intend to run the raspberry Pi headless. SSH will let us have a terminal on the android under the same network. Install OpenSSH server. Optionally, you can install openssh client too.

apt-get install openssh-server openssh-client

We can't just make it fully open for anyone to connect and use the PI. So, stop the SSH service and generate new keys since anyone can easily guess the default keys.

mkdir /etc/ssh/old_keys
cd /etc/ssh/
mv ssh_host* old_keys/

Generate new keys

dpkg-configure openssh-server

Add the following line in /etc/ssh/sshd_config. Possible values are no, yes and without-password. What this will do is define the settings that how a client would connect to root account.

PermitRootLogin yes

You might want to change the banners that will be displayed to SSH client when remote terminal appears in front of the client. You can do that so by adding the line in /etc/ssh/sshd_config and changing the content of /etc/issue.net

Banner /etc/issue.net

At the end, start the SSH service and enable it using systemctl to start it at boot time.

sudo service ssh start
sudo systemctl enable ssh

Make sure that the server is running correctly with the command:

sudo systemctl status ssh
SSH server on raspberry pi

STEP 5

Install SSH client on your android

Now, you have to install an SSH client on your android. There are numerous applications available on Google Play Store to work as an SSH client. Some famous are JuiceSSH, Termius and ConnectBot

JuiceSSH provides a very nice interface and hence got my attention. Install the application from Play Store and add a New Connection...

JuiceSSH adding connection

In the Address field, add the IP address of raspberry pi which we assigned it in step 3 or the dynamic one. The below field from Address is supposed to have the identity of Your PI which in clear is the username and password of your PI. Click on Identity dropdown and create a New identity. You can leave the password field clean, in case you want to be asked for password in real-time connection. Save the connection after being done.

JuiceSSH setup

STEP 6

Rebooting PI

Now, make sure that you are connected to Wireless Hotspot Network. If you do, reboot the PI and check if you are assigned the required static IP address to wireless wlanN interface.

sudo reboot
# After Rebooting
ifconfig
ifconfig after rebooting

Now we know that which IP address will be assigned to PI on it's startup. Lets make sure if SSH working correctly. Use command-line SSH or check with JuiceSSH that if you are able to make connections with PI.

Pi connectivity

When you know that everything is working clear and fine. ShutDown Your Pi and disconnect everything from PI except power cable and then give it power again. Wait a minute for PI to start and open the connection from JuiceSSH application which we created earlier in step 5

sudo poweroff        # Shutdown PI
Successful connection with PI from JuiceSSH

Conclusion

Raspberry Pi can be easily taken out anywhere without any screen. All you need is a power source and mass storage cable to power it up. With the help of OpenSSH server which starts every time as the PI boots up, an SSH client can make connections from PI for they are part of the same network. You will have a terminal that redirects commands to PI within a few seconds after the PI boots.

If you want to provide Internet connectivity to raspberry pi, the only options you have in this case is to either forward it from your Android Network i.e. Hotspot or you can use another external WiFi adapter for a real WiFi connection. If you planning to use something is like aircrack-ng, make sure that the card you buy support promiscuous mode with the capability of packet Injection.