Not exactly the same but wanted to share what has worked wonders for me for years. I needed to run a terminal multiplexer on a remote machine, SSH into it, and be able to use emacs (key bindings and all) on my Pixel 5.
I found this combination of now defunct open source apps worked better than any I've tried.
https://github.com/klausw/hackerskeyboard
Keyboard that has Ctrl/Alt/Meta keys without having to switch modes. A bit cramped and the UI for AutoSuggestion dissappeared in Android 13 :(
These tools are not without their quirks tho but I'm sure with some TLC they can be ironed out. Funny I'm an Android dev by day but haven't had time to look into the minor issues both tools have because they are so old. Then again, they are not serious issues and I've been able to whip out emacs and write code (clojure: so succinctness helps) when the moment strikes or in lieu of social media.
A bit of offtopic, but what do you use termux for on your Android phones?
I use it to run my restic backup script to backup my phone data, it's a bit barebones but seems to work.
I find it cool to have a shell on my phone, to be able to launch vim (but definitely not use it with the onscreen keyboard, lol)... was wondering what others are up to!
- it's possible to set up a vnc server and a full gui desktop environment, for a highly portable system that gets you the same program and file setup on any computer supporting a vnc client.
Once you build up a collection of aliases / shell functions it can be very powerful even with a small virtual keyboard. The fish shell is also a great qol addition.
How do you get ffmpeg and other goodies you mentioned? Is there some software repo termux maintains? Is downloading software that way reasonably "safe"? I've used Termux before but never considered these things...
Termux doesn't get special privileges unless you root your device. It can't go messing with your phone data unless you granted it permission to do so (but even then it doesn't have access to everything). It's no worse than any other Android app IMHO.
There are number of different places to get this info. I use Termux with yt-dlp and decode to MP4 or extract audio only which requires ffmpeg and it works fine if a little slow. I decoded a 300 GB twitch stream that after downloading took about 20 mins to complete the decode (encode?) to mp4 on my Pixel6. But it works perfectly.
When we are on holidays, I like to chill on the beach and learn new programming languages, practice algorithms, reading books and taking notes with markdown and syncing these notes with git.
I don't want to take my MacBook because it's too expensive and the sand and water can get into the keyboard. Leaving it on the sun for hours is also a bad idea.
I took my wife's relatively old Android tablet (at least 5 yo), connected one of my cheaper Bluetooth keyboard. Then installed a terminal, git, vim, rust, dart. This setup lets me practice a little bit, I don't need to worry about stuff getting stolen (first, because it's not something people steal, and even if they did, I wouldn't really mind as the whole setup is less than 100 dollars).
> what do you use termux for on your Android phones?
When I go on vacation, I bring my Android / Termux equipped phone to have access to cloud VMs I manage in case of an emergency. I verify my .ssh/config is in order before I leave. I have an external Bluetooth keyboard and a surprisingly full-fledged emacs in Termux. This solution has come in handy a number of times, and I am always impressed by how well it works.
When I was a volunteer sysadmin, I sometimes used Termux to ssh into the servers I managed. More than once I triaged an incident from the same phone that paged me about it, while I was on a bus or train commuting to my day job.
mosh[1] was especially useful for this over mobile data.
1. Running an HTTP server in a directory, so people can connect to my hotspot and get a listing of the files. (I've done this twice, for sharing movies.) This is easy enough to do with `python -m http.server 12345`, and this lets you get a file on nearly any single device with a webbrowser in it.
2. SSHing into my various servers, or getting a file off my home machine that I forgot that I need.
3. Python is a general-purpose calculator for me, so I primarily use Termux instead of a calculator app.
I was once upon a time plumbing together an ARM matrix multiply backend for an on-device neural machine translation engine.
The objective was to get something working for the Mac M1 (which none of us had at the time). So I'd just cross-compile targeting my android phone, download built binary using wget on tmux and then run it to test if it's working. I remember I could build just the matrix multiply library locally on termux as well (after getting cmake and build-essentials via `pkg`).
I run Termux on an Onyx Boox Leaf (e-ink reader). As well as using Onyx for ebooks, I keep 10 years worth of notes in markdown txt files that I edit in Vim & sync with git.
I use Termux to ssh to my home system and access my Emacs session and also various shell stuff. I do my email, chat, notetaking and everyday Emacs things this way. I access this same Emacs session from my desktop, laptop and phone.
Been doing this since the Treo 650 days (pssh) and then Connectbot and nowadays Termux on Android. I always use phones with a physical keyboard, must have had a dozen different ones over the decades.
A big advantage of this workflow is consistency. For example chat systems come and go, each with their own wacky UI. But for me they are all IRC buffers in my Emacs session, configured just the way I wanted it.
I tried doing this in the past on an Android tablet, and was unable to get the caps lock switched with the ctrl key. Any suggestions on making this work, or do you do without?
It's a very versatile tool, can be handy even if you don't have a keyboard.
It is also possible to use custom keyboard layouts but I don't have a link handy for that.
Yes, on a bluetooth keyboard. I downloaded something similar to keymapper back in the day, the only paid app that I've purchased for android, and even it wasn't able to get any bluetooth keyboards to play nicely.
I run a very crude shell-based scanning app (termux has an option to add shell scripts as "apps" on the homescreen), amongst others.
termux supports native GUI dialogues (input/checkboxes), and the scan-shellscript uses that for input (name, greyscale/color, jpg/pdf output and number of pages for pdf) then launches a couple of remote scanimage + ocr postproc + pdf generation commands and transfers + opens that in the local pdf app
youtube-dl works for a lot more sites than just YT.
Also: if you use the git sources you can do a quick "git pull" in case there were breaking changes and restart the download. ytdl is written in python, you can launch it via python -m "module name" within the src folder
You can also use different forks of ytdl or run multiple downloads in parallel
Newpipe is exceptionally buggy and unstable in my experience. yt-dlp always works vs. newpipe just randomly stops downloading anything until the phone is reset.
Newpipe rocks and those guys are doing an awesome job. The problem is that google changes stuff upstream an once every 3 months you need to upgrade your newpipe to account for those changes. But please, lets not bash the work of people that do it altruistically
I have termux installed to quickly run `ip neigh` to find the IP addresses of devices connected to the hotspot - unfortunately my version of Android doesn't have this feature built in.
This is especially useful when you have multiple Pis connected and need to know the IP address to ssh to.
I was using it to run YouTube-dl to save or backup online video (not just from YouTube; it can also effectively rip video from sites that are annoying like Reddit and Twitter.) until I found dvd on F-Droid, which is a nice UI for that.
Now I mostly use it to ssh. But it is surprisingly powerful, and occasionally you find a new use case that makes it worth having a generic Linux shell.
Very primitively - I run ping in a loop when there are network issues on the phone.
PS: Oh, and once I was ssh'ing into an embedded device in a lab, while standing next to it and fiddling with wires. I could have brought a laptop, but it's a big hassle - VPN goes down, wifi network may be misbehaving, all windows are moved to the laptop screen etc.
I used it mainly to communicate with my local services on Android, It's excellent but I have moved on to a Linux phone and so I have little use for Termux anymore.
But here's a security researcher from Zambia using only Termux for his development[1] and research as he couldn't afford a computer. I'm sure there are plenty more like him in developing economies, Where using smartphone for general purpose computing is not just a lifestyle but a necessity for livelihood.
So I really appreciate Termux for catering to those who might be still running older android versions.
I use it termux mainly to ssh to a server but also to ssh from my laptop to the phone by running sshd inside termux. By using scp and with the right ssh host config and authorized_keys I can send and receive files across devices, really useful when devices are on the same VPN but not on the same network.
I also use Termux:Widget [1] to launch scripts. For example, I have added all my contacts to abook [2], and with a bash script that use fzf I can filter my contacts and it automatically get the contact gps field and automatically start the navigation.
I switched to UserLAnd a while back, but I mainly use it when I want to try something quickly in code and I can't SSH into my laptop.
For a while I also played around with having my Android phone as an SSH server and connecting to it from my iPad for a lightweight portable coding setup.
I installed git, compilers/interpreters for all languages I use and synced my personal git repos in Termux on an old 7" tablet. Combined with Wireguard, it's a cramped,slower version of my home workstation, if I need more speed, I can also Wake-on-LAN and ssh into my home workstation.
As for what I use for: it's an on-the-go computer I use to kill time anytime I'm waiting/bored, i.e. a lazy man's "cyberdeck". I've had fantasies of busting it out in an emergency and saving the day, but it has only been mundane code changes so far :(
I use it for nearly the same thing. It seems to me like the best solution to back up to rsync.net. Other tools that claimed to support rsync, like FolderSync, didn't actually work. It also helps that termux can avoid cron and instead uses termux-job-scheduler to get around power saving issues.[1]
I love this tool. Use it for emacs and I've written a few c++ programs that help me take quick notes on my phone via the shell. For example, if someone suggests I should listen to this or that album/movie/whatever, I note it down and let my mini program throw it into a file that gets sent to my server. It's like a ghetto cloud service :)
from termux I use mosh (and wireguard) to attach to a tmux session at home, how the latest build is doing and give it a nudge if it makes sense. Helps to leave the house for good weather and worry about failing builds later. Even with on-screen keyboard tmux can be handled, though I bought a little bluetooth keyboard
Many times I would download interesting videos, pictures etc. and scp them into my TV. My TV setup is a smart TV which has been un-smarted by never connecting to the internet but it is connected to a linux computer via HDMI. So when I need to send any files to the computer I use scp from termux.
Not exactly a phone, but I use it on my Android tablet (having a proper keyboard) to SSH into my server for coding. On my phone I used to use it to remotely reboot services on my server during a period when they seemed to be randomly crashing.
I used to have git annex in termux to sync files according to their metadata, but without a Bluetooth or USB keyboard I found if far too slow and annoying to use the shell as a normal shell and wrote a dialog based menu system.
To transfer gigabytes of music to my phone with rsync over wifi.
Why:
1. You can start again if interrupted.
2. From MacOS to Android, I didn't find a drag-and-drop way of doing it
Well I need a terminal emulator, and Termux is pretty good, and behaves predictably like a normal term window. And it's open source and can be installed with F-Droid which I prefer.
It seems like the crowd here is pro things like this. I understand the e-waste angle. How do you protect and defend android devices that haven't received security updates for a long time?
I think only core OS vulnerabilities (kernel plus a few libraries) are not updated. 9 times of 10 these are local privilege escalation that are less important if you don't run random apps.
Depending on the Android version, most other things could be updated in other ways (security updates from OEM, system updates via play services, app updates including system apps via play store).
On top of that, you can add local and network firewalls and similar stuff to harden the system.
Basically, probably good enough for the intended usage.
I'm aware the play store can do a LOT more than the name implies.
What I wasn't thinking about was this tool generally doesn't need the device to be on public IP, so remove the cellular access and have it behind a LAN firewall and it should be ok.
Previously I was thinking along the lines of MMS attack's being a problem. I seem to get suspicious links regularly.
That came to mind for extending device support. As I understand it though the hardware drivers are all closed source and end support rather quickly. I believe that the drivers are sometimes the source of the problem which sort of complicates extending the lifespan.
The only problems I experienced are when the wireless bands are deprecated. I'd still be rolling my n900, otherwise. Old drivers or not, there is/was still some development going on; Leste & PostmarketOS, IIRC.
Android has pretty good "defense in depth" security, from screening in the Play Store, to the app sandbox, to kernel hardening. If you only get reputable apps from reputable sources, have an eye on phishing attempts, and have no reason to think you are a target, you may afford to have a few weak spots in your system. A lot of people run outdated Android version, and most don't get hacked, and among those who do, it is almost always phishing techniques that software updates wouldn't have prevented.
If you really can't, it you have a popular, higher-end Android phone from years ago, you may find up-to-date custom ROMs, that you can further optimize for security.
You don't, because you mostly don't have to unless you're installing random malware apps, same as a desktop computer. "If you use a phone that hasn't been updated in 2 months the evil hackers will hack into it and make the battery explode to kill you" is fear-mongering from hardware manufacturers.
termux doesn't use most of the system libraries that are likely to be remotely exploitable, e.g. openssl and webview. the remaining unupdatable weakness is the kernel, but it's pretty unlikely to have a TCP RCE or something like that. there's SACK Panic, but that's only DoS, not RCE, and if you're running something on android 5 you probably have low reliability expectations anyways.
Only real way is never connecting it to the internet. Otherwise you will always have a vulnerable server with the only hope that it's not a mainstream server and by that not that much threatened by script kiddies and mass scans
I guess in this use case removing the cellular access and only using it on LAN would be good enough?
Edit; second though NO. Clicking a bad link with some browser exploit on it will still get you infected in that case. So you couldn't use this to browse the internet safely. Still as a Termux only tool seems safe.
Unlike on iOS, your browser runtime is not tied to your phone. Most phones come with Google Chrome as the default browser which no longer gets updates below Android 7, but Firefox still gets updates on Android 5.0+.
With an up-to-date browser you run about the same risk you run if you're using a computer. The kernel exploits are problematic, but Android also adds annoying sandboxing that requires a lot of device-specific exploit code to bypass properly.
Realistically, even if just the browser was exploited and the kernel and runtime around it were perfectly secure, you'd still have a huge problem. Your browser is where all the access tokens and passwords go into and where your search history is coming from.
I wouldn't bank on these long unmaintained devices, but I think they're fine to use for most people.
I use old Android devices for smart home stuff (e.g. tablet as sensor overview). I guess as long as it is not exposed to a public endpoint, there is not much to fear?
This is awesome, now we can use our old cellphones as small cloud servers (I have one with a 128Gb SD card running rsyncd, sshd, smbd, nginx, php, openvpn, transmission)
Termux is not available via the Google Play store (or not the current version at least, is this still true?) so you have to download it via the F-Droid app repository. I do this, but I am always a bit uneasy going via a non-sanctioned store. My main concern is a malware attack via F-Droid.
For what it's worth the F-Droid folks are pretty tight about security, eg. they do manual reviews and insist on building apps themselves (often delaying updates). You can sometimes add additional repos to circumvent this curation and/or get faster updates (depending on whether the apps you're using have such a third-party repo).
Considering how the sanctioned store basically already acts like malware, you're SOL, but you should be fine as long as you stay away from apps by Rahul Kumar Patel.
Rahul Kumar Patel (whyorean) is the developer of Aurora Store (https://gitlab.com/AuroraOSS/AuroraStore), a FOSS client for the Play Store. Aurora Store is one of the most convenient ways to download apps from the Play Store without using Google Play Services or needing your own Google account.
Recent versions of Termux are not available on Aurora Store because they are also not available on the Play Store. However, whyorean also develops Aurora Droid, an alternative F-Droid client, which does have the latest version of Termux. (Aurora Droid has not seen updates for a while.)
whyorean's apps are trusted by many Android users, and I don't know of any good reason to avoid his work in general.
I downloaded the PayPal app from the Aurora Store, on a brand new phone, and the app tried stealing money from me. Worked fine with small amounts, but once I got my tax return, it changed. Will not go into specifics in an open post with strangers, so it can be replicated.
You know, I wish we could do something similar for iOS, but their toolchain generally drops support for targeting older versions of iOS faster than we do so. Has anyone checked to see if you can patch apps and submit them through App Store review with doctored deployment targets?
I am easily able to use my tablet as a client to either one of my hosted machines or my development workstation. Can highly recommend =D
That said my use-case is basically either ssh or mosh, so I haven't really tested how capable termux really is, but it is enough that I don't get artifacts and such when connecting over ssh.
I use Termux for a lot of things on my phone. git, neovim, ffmpeg, ImageMagick, mass downloading using scripts in various languages, SSH to other systems, grepping the Wordle list with regex when I'm stuck at 5 guesses...
Anyway it's great. It handles everything I've thrown at it like a champ. I am constantly amazed someone managed to make a phone environment this reliable and full featured.
I'm well aware it's just apt packages with the base path modified but I'm still really impressed.
The documentation is also really good. I've never had to ask a question to do anything I've wanted.
Cheapest Spreadtrum (now Unisoc) you can buy is SC7731E, which has at the very least Android 7, and is slated to get Android 13 BSP.
Most current cheap rockchips are rk3328/rk3228, who got at least Android 8, even more recent (I think 3328 got Android 12). Last Allwinner board, H616, I got was running Android 9, but it was few years ago so it was pretty recent, and it's considered an obsolete SoC on several accounts. I don't really know what Amlogic sells nowadays
Granted, I only buy devices for which the the Android devices is displayed, because well I want GSI to run on it, but I haven't seen a device sold as Android 4.* for years. I ordered an iPhone knock-off that might prove me wrong... (it says Android 11 on the spec sheet)
in what formfactors? as phones or in other devices (TV,..) ? would be interested in seeing examples. I wonder about the Chinese android scene, haven't had much insight. Actually just yesterday built an old 3.10 spreadtrum kernel
There are a fair few devices out there still running old versions of Android¹ – particularly a number of ebook devices that are commonly rooted to do more/other than run the officially included software which may be inadequate², deprecated³, or simply dead⁴.
Yup. Notably, these devices are pre-Treble, so there's no prospect for any sort of GSI support (which would open up things like Droidian). So Termux is pretty much the best you can do if you care about providing a sensible environment in a device-independent way.
I found this combination of now defunct open source apps worked better than any I've tried.
https://github.com/irssiconnectbot/irssiconnectbot For SSH client. (not version 2. version 1.7.1-irssi specifically)
https://github.com/klausw/hackerskeyboard Keyboard that has Ctrl/Alt/Meta keys without having to switch modes. A bit cramped and the UI for AutoSuggestion dissappeared in Android 13 :(
These tools are not without their quirks tho but I'm sure with some TLC they can be ironed out. Funny I'm an Android dev by day but haven't had time to look into the minor issues both tools have because they are so old. Then again, they are not serious issues and I've been able to whip out emacs and write code (clojure: so succinctness helps) when the moment strikes or in lieu of social media.