Has nix-on-droid user a password ? about nix-on-droid HOT 11 CLOSED

Have you tried setting one inside nix-on-droid with passwd?

from nix-on-droid.

In order to copy your key via ssh-copy-id, you need to already have a ssh key in ~/.ssh/authorized_keys present or the user password.

Unfortunately, passwd does not work for nix-on-droid, see:

bash-4.4$ nix run nixpkgs.shadow
bash-4.4$ passwd
passwd: pam_start() failed, error 26

Currently the only way to fix your problem would be to copy your via any other way onto your phone.

If you have ambitions you may have a look at termux patches for passwd, maybe we can adapt them to provide a working passwd.

from nix-on-droid.

@Gerschtli thanks for the clarification.

from nix-on-droid.

@Gerschtli are your guys talking about that termux patches can be support a working version of passwd on nix-on-droid. But what I understand is that as long as we do not have root privilege, it almost impossible for us to run command like passwd.
But one thing is quite interesting is that we can build some tools related to root by nix-on-droid user but we can not run them by nix-on-droid user.

from nix-on-droid.

Termux indeed enables users to manage a password through various patches of binaries. They save the password manually in a different place and ensure that sshd and others are using the new password check functionality.

If someone wants to dig into these patches to port them, it would be a nice feature for nix-on-droid.

from nix-on-droid.

@Gerschtli same like saving passwd is related to the individual apps as I saw that they used to work on the pull request 2975 in the repo termux/termux-packages (termux/termux-packages#2975), they tried to have the branch like termux-auth, but finally they remove that.@xeffyr

from nix-on-droid.

they tried to have the branch like termux-auth, but finally they remove that

Completely incorrect. Termux uses this library for password authentication (account-less) https://github.com/termux/termux-auth and patches authentication methods to use implementation from termux-auth. OpenSSH uses https://github.com/termux/termux-packages/blob/master/packages/openssh/auth2-passwd.c.patch#L18.

from nix-on-droid.

@xeffyr Thanks your point out. It like your guys decided to have a separate repo (termux/termux-auth) for password authentication (account-less), Inside the repo (termux/termux-packages) have build.sh and patches.
One thing question is that what is that meaning (account-less) in this context. What I understood is that, password is for the user who owner that termux . Let us say in my side, u0_a185 is the owner of termux as I saw by ps command. Thanks in advance.

from nix-on-droid.

One thing question is that what is that meaning (account-less) in this context.

Nope. Password is set regardless of current account and is stored as PBKDF hash inside /data/data/com.termux/files/home/.termux_authinfo.

Same password is working for any user, no matter whether it is root, u0_a185 or other. Since auth is based on result whether PBKDF hash of input password matches the one from authinfo file, you need to make sure that user who runs the login service (say sshd) should have read access to that file.

On Android there no way to set a password for users because they are generated by libc. Just query some "nonexistent" user with id command (e.g. id 15000) and you will see that it actually exists.

from nix-on-droid.

@xeffyr Thanks. you are right. It doesn't matter the user, it is about IP address. whatever the string as user name like [email protected]. people can always to connect to sshd service running on 192.168.1.168 with the password ,which is managed by termux/termux-auth on termux.
On more point is that as we talked issues 82 with @t184256 in #82. What I find is that after install nix-on-droid, in the file /etc/passwd, we can see information the user root, nix-on-droid. like
root:X:0:0:System Administrator :/root:/bin/bash
nix-on-droid:X:10201:10201:nix-on-droid :/home:/nix/store/9m766yhgfghhj/bash

Maybe your guys can find more about information about that user on Android.

from nix-on-droid.

It's a 'fake' user record with a name nix-on-droid and some random user id that was assigned to the Nix-on-Droid app on installation time by the Android system.

from nix-on-droid.