Termux is capable of accessing remote devices by using some common tools. It is also possible to turn a device running Termux into remote controlled server.
Warning: plain FTP is deprecated and insecure anyway. Termux FTP server supports only anonymous login, there no any authentication and everyone on your network can access files on your device. Use SFTP (OpenSSH) instead!
Termux FTP server is based on busybox and service is managed by [Termux-services]. If you decided to use FTP server, install these packages:
After installation you need to restart session or source this file:
Now you ready to enable and start the FTP daemon service:
FTP server will run on port 8021 in read-only mode.
If you need to stop server, run
sv down ftpd.
SSH provides a secure way for accessing remote hosts and replaces tools such as telnet, rlogin, rsh, ftp. Termux provides SSH via two packages: dropbear and openssh. If you never used these tools before, it is recommended to install 'openssh' as it is more common.
You can obtain an SSH client by installing either
To login to a remote machine where the ssh daemon is running at the standard port (22):
Same as above, but if the ssh daemon running on different port, e.g. 8022:
Using public key authentication with ssh running on the standard port and a private key stored in the file
Note, that if
id_rsa will be stored in
~/.ssh directory, you can omit specifying it in the command. But if you have multiple keys, it is necessary to pick a specific key with
Important note: this does not work for Dropbear.
If you wish to use an SSH agent to avoid entering passwords, the Termux openssh package provides a wrapper script named
ssha (note the
a at the end) for ssh, which:
- Starts the ssh agent if necessary (or connect to it if already running).
- Runs the
- Runs the
sshwith the provided arguments.
This means that the agent will prompt for a key password at first run, but remember the authorization for subsequent runs.
OpenSSH (also known as OpenBSD Secure Shell) is a suite of secure networking utilities based on the Secure Shell (SSH) protocol, which provides a secure channel over an unsecured network in a client–server architecture.
Default SSH port in Termux is 8022.
Since Termux does not use initialization system, services are started manually from command line.
To start OpenSSH server, you need to execute this command:
If you need to stop
sshd, just kill it's process:
SSH daemon does logging to Android system log, you can view it by running
logcat -s 'sshd:*'. You can do that either from Termux or ADB.
Password authentication is enabled by default. This will allow you to get started with it much easier. Before proceeding, make sure that you understand that password authentication is less secure than a pubkey-based one.
- Ensure that everything is up to date and package
- Password authentication is enabled by default in configuration file. But you can still review it ($PREFIX/etc/ssh/sshd_config), it should be like this:
- Set new password. Execute command passwd. While program allows minimal password length is 1 character, the recommended password length is more than 8-10 characters. Passwords are not printed to console.
Public key authentication is the recommended way for logging in using SSH. To use this type of authentication, you need to have a public/private key pair. For successful login, the public key must exist in the authorized keys list on remote machine while private key should be kept safe on your local host.
In the following example it will be assumed that you want to establish public key authentication between your PC (host) and your Android device running Termux (remote). It also will be assumed that you running Linux distribution on your PC.
- If you do not have keys, you can generate them. In this example we will generate RSA key. On PC, execute this command:
The command shown above generates private RSA key with 2048 bit key length and saves it to file
id_rsa. In the same directory you can find a file
id_rsa.pub – it is a public key.
Important note: 2048 bit is the minimal key length that is considered safe. You can use higher values, but do not use higher than 4096 as remote server may not support big keys.
- Copy key to the remote machine (Termux). Password authentication has to be enabled in order to install pubkey on remote machine. Now do:
Do not forget to replace
IP_ADDRESS with the actual LAN IP address of your device. It can be determined by using command ifconfig.
If everything was okay, you will see a message like this one:
- From this point password authentication can be disabled. Edit file $PREFIX/etc/ssh/sshd_config and replace line beginning with "PasswordAuthentication" by
Then execute command pkill sshd; sshd in order to restart server with updated configuration file.
Dropbear is a software package written by Matt Johnston that provides a Secure Shell-compatible server and client. It is designed as a replacement for standard OpenSSH for environments with low memory and processor resources, such as embedded systems.
Important note: Dropbear does not provide SFTP server.
Same as for OpenSSH, you will need to execute it's binary manually. Also, unlike OpenSSH, Dropbear does not use a configuration file but only command line arguments.
Server is running in background, both password and public key authentication available. To achieve this, just type in console:
If you need only public key authentication, do this instead:
Also, server can be started in foreground. For this purpose use a parameter
Server started in foreground can be stopped by just Ctrl-C key combination. If it is in the background, then you can use a
Same as for OpenSSH, password authentication is enabled by default.
Everything you have to do, is:
- Make sure that everything is up to date and dropbear is installed:
Set password by executing command passwd.
Start dropbear server. You can execute either just dropbear to start it in background or dropbear -F to start it in the foreground.
Same as for OpenSSH, you can put your keys by using ssh-copy-id. But if you consider to setup a public key authentication from Termux to something else, it is worth to mention some important differences between OpenSSH and Dropbear.
- Dropbear uses a different command for generating keys. Example of generating RSA key (2048 bit):
- Public key should be obtained manually. To do this, you have to use 'dropbearkey' again, but in different way:
- Dropbear and OpenSSH uses a different key formats. To use a Dropbear's key in OpenSSH, you will have to convert it:
This procedure can be done vice versa to obtain a key in Dropbear's format:
Package OpenSSH provides a tool for accessing remote hosts over SFTP. This will allow you to work with files in same way as via FTP but with better security.
Connecting to Termux (sshd listening on port 8022):
Connecting to somewhere else (sshd listening on standard port):
However, to use command line SFTP client you should know some basic commands:
cd PATH- change current directory to
get REMOTE [LOCAL]- download file
REMOTEand rename it as
mkdir PATH- create directory
ls [PATH]- list files in directory
PATH. If no argument, files in current directory will be listed.
put LOCAL [REMOTE]- Upload file
LOCALand rename it as
rm FILE- Delete file
This is not a complete list of SFTP commands. To view all available commands, consider to view man page (man sftp) or view short help in interactive SFTP session by issuing command
Mosh is a remote terminal application that allows roaming, supports intermittent connectivity, and provides intelligent local echo and line editing of user keystrokes.
Important note: Mosh should be installed on both client and server side.
Connecting to remote host (sshd listening on standard port):
Connecting to Termux (sshd listening on port 8022):
Rsync is a tool for synchronizing files with remote hosts or local directories (or drives). For better experience of using rsync, make sure that package
dropbear) is installed.
Sync your photos with PC:
Get photos from remote Android device:
Sync local directories (e.g. from external sdcard to Termux home):
You may want to see man page (
man rsync) to learn more about it's usage.