search

nix-community / nix-on-droid

Nix-enabled environment for your Android device. [maintainers=@t184256,@Gerschtli]
https://nix-on-droid.unboiled.info
MIT License
1.15k stars 65 forks source link

How to setup SFTP (in order to make sshfs work) #307

Open unclechu opened 7 months ago

unclechu commented 7 months ago

How could I setup SFTP in order to make sshfs work? I made a simple script to start an SSHD server:

{ pkgs, lib }:

let
  hostKeyPath = toString
    /data/data/com.termux.nix/files/home/.ssh/ssh-host-key;

  # Add authorized keys to: ~/.ssh/authorized_keys
  sshdConfigFile = pkgs.writeText "sshd-config" ''
    HostKey "${lib.escape ["\""] hostKeyPath}"
    Port 8044
    Subsystem sftp "${lib.escape ["\""] e.sftp-server}"
  '';

  executables = {
    bash = "${pkgs.bash}/bin/bash";
    sshd = "${pkgs.openssh}/bin/sshd";
    sftp-server = "${pkgs.openssh}/libexec/sftp-server";
  };

  e = executables;
  esc = lib.escapeShellArg;

  run-sshd = pkgs.writeTextFile rec {
    name = "run-sshd";
    executable = true;
    destination = "/bin/${name}";
    text = ''
      #! ${e.bash}
      ${esc e.sshd} -f ${esc sshdConfigFile} -e -D
    '';
    checkPhase = ''(
      set -o xtrace
      ${builtins.concatStringsSep "\n" (
        map (x: "[[ -x ${esc x} ]]") (builtins.attrValues executables)
      )}
    )'';
  };
in
  run-sshd // { inherit sshdConfigFile; }

The regular ssh works fine but if I try to mount via sshfs I get an error like “Connection closed by the user". Here is the end of the log of sshfs call:

...
debug1: Sending subsystem: sftp
debug1: pledge: fork
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 4872, received 3844 bytes, in 0.3 seconds
Bytes per second: sent 18440.4, received 14549.4
debug1: Exit status 255
remote host has disconnected
Gerschtli commented 7 months ago

It might be that the path to the sftp-server executable is not found because it may be running outside of proot.. Not sure how to debug that though but the arch wiki says that this error message happens when the sftp-server executable is not valid: https://wiki.archlinux.org/title/SSHFS#Remote_host_has_disconnected

unclechu commented 7 months ago

@Gerschtli I’ve also tried internal-sftp, it makes no difference.

unclechu commented 7 months ago

Also I don’t think it should run outside proot since I run run-sshd from inside of the Nix-on-Droid shell?

azuwis commented 6 months ago

Looks like a proot problem https://github.com/proot-me/proot/issues/243

SonicStark commented 4 months ago

Looks like a proot problem https://github.com/proot-me/proot/issues/243

A patched sftp-server, as a workaround, can mitigate the problem. See https://github.com/proot-me/proot/issues/243#issuecomment-1962738694