notes for configuring a new android phone for USB serial connection to an Arduino Uno R3 via SSH or tmate in Termux, with some security concerns (i am no longer a security expert at all)
Note that with this approach human intervention is needed on each USB serial device connection (or likely reboot), to confirm permission access to it. This might be addressable with a small patch to termux. - if you experience persistent compromise, activate the phone from a clean device unafilliated with you - install all OS updates for the phone before using it for anything. note that other apps such as text messaging can be a vector for attack just like the traditional web browser. until the device is updated, keep it in airplane mode when the updates are installing rather than downloading. put it online only during the download portion of each install. - APKs could be transferred from another device, installed via f-droid, installed via github, or installed via some other means. Install Termux, Termux-Boot, and Termux-API. Note that vanilla Termux needs internet to download the initial image. Here are some urls. The urls below contain high version strings in the latest version which could be indicative of somebody mutating them to maintain persistent compromise of me. So, I include a lower version as well in case that's helpful. https://f-droid.org/F-Droid.apk https://github.com/termux/termux-app/releases https://f-droid.org/repo/com.termux_1000.apk # 0.118.1 https://f-droid.org/repo/com.termux_118.apk # 0.118.0 https://github.com/termux/termux-app/releases/download/v0.118.1/termux-app_v0.118.1+github-debug_universal.apk https://github.com/termux/termux-app/releases/download/v0.118.0/termux-app_v0.118.0+github-debug_universal.apk https://github.com/termux/termux-boot/releases https://f-droid.org/repo/com.termux.boot_1000.apk # 0.8.1 https://f-droid.org/repo/com.termux.boot_8.apk # 0.8.0 https://github.com/termux/termux-boot/releases/download/v0.8.1/termux-boot-app_v0.8.1+github.debug.apk https://github.com/termux/termux-boot/releases/download/v0.8.0/termux-boot_v0.8.0+github.debug.apk https://github.com/termux/termux-api/releases https://f-droid.org/repo/com.termux.api_51.apk # 0.50.1 https://f-droid.org/repo/com.termux.api_50.apk # 0.50.0 https://f-droid.org/repo/com.termux.api_49.apk # 0.49 https://github.com/termux/termux-api/releases/download/v0.50.1/termux-api_v0.50.1+github-debug.apk GitHub is not showing me any APK downloads for termux-api <= 0.50.1, which seems very strange. - settings->apps enable appropriate permissions for each termux app. enable notifications to allow running in the background. set app battery usage to unrestricted to keep processes active. enable location if GPS access is needed. - settings->security & privacy->device unlock->screen lock set screen lock to none to enable termux-boot services to run when phone is powered without user intervention; new android versions seem to wait until the user logs in to run these there might be more settings to configure for things to work well - if using the public tmate server for NAT traversal (ill-advised but convenient) you can get an API key at https://tmate.io/#api_key , My current API key is tmk-3KZfau2nkqhK2G8HfDcP8jX5Dm . This will used as YOUR_TMATE_API_KEY in .tmate.conf in termux. - launch termux: # package installation pkg upgrade -y # not strictly required, may be quite ill-advised pkg install -y openssh tmate git termux-api libusb clang make # usb setup git clone https://github.com/tytouf/libusb-cdc-example curl https://bpa.st/download/WRAA | patch -d lisbusb-cdc-example -p1 # quick arduino uno fudge make -C libusb-cdc-example # remote access setup mkdir -p .termux/boot cat > .termux/boot/sshd <<EOF #!/data/data/com.termux/files/usr/bin/sh termux-wake-lock sshd EOF cat > .termux/boot/tmate <<EOF #!/data/data/com.termux/files/usr/bin/sh termux-wake-lock tmate -F EOF cat > .tmate.conf <<EOF set tmate-api-key "YOUR_TMATE_API_KEY" set tmate-session-name "YOUR_PRIVATE_SECURE_STRING_TO_CONNECT_TO_TMATE" set tmate-session-name-ro "OPTIONAL_PUBLIC_STRING_TO_WATCH_TMATE_SESSION" EOF chmod 755 .termux/boot/* ifconfig # show ip addresses, store these to access device via direct ssh whoami # show ssh login user, store this to access device via direct ssh passwd # set a password for direct ssh - leave Termux and launch Termux:Boot to install the boot service - reboot (for me that's volume-up and power) - connect an Arduino Uno R3 running a serial monitor interface - shell into YOUR_TMATE_USERNAME/your_private_secure_string_to_connect_to_tm...@nyc1.tmate.io for me the host appears to always be nyc1.tmate.io . nyc happens to be a major city geographically near me. tmate -F outputs this information on launch. - in the shell, run `termux-usb -l` this should show connected USB devices. if there are none, then remove them all (if there's more than one) and plug them in again slowly and carefully one by one trying after each one to isolate if something is drawing too much power. Try also with a different device. - identify the device in termux-usb -l that is the arduino uno, /dev/bus/usb/001/005 or so - run `termux-usb -r /dev/bus/usb/001/005` or so replacing the device string with your device - a popup launches on the phone to request permission to access the device. confirm permission. - it will take a long time for termux-usb -r to recognise permission is given. the device is not usable until it does. there is an open PR for this at https://github.com/termux/termux-api/pull/685 - now we can run `termux-usb -e libusb-cdc-example/cdc_example /dev/bus/usb/001/005` replacing the device string with your device, and engage the serial content of the arduino on the phone via the internet In writing this I also learned there is an app on F-Droid called SerialPipe that lets one access a serial device via socat over udp from any terminal app. This is a much more general solution that would be preferred to my cdc_example patch if it works.
