Hi, I always got this error and never connect successfully:

java.io.IOException: No such file or directory
Unable to connect to localSocksFile [/data/data/com.gluu.life/ki4a/tunfd_file]

Any recommendation?

I almost tried many way (some mentioned below) to Stop/Kill the VPN but none of these works:

Util.stopKi4aVPN(getActivity(),getActivity().getPackageName());
###########################################################

Intent intent = new Intent(getActivity(), ki4aService.class);
                ki4aService.current_status = Util.STATUS_CONNECTING;
                ki4aService.toState = Util.STATUS_DISCONNECT;
                getActivity().startService(intent);

I even tried killing the service but that didn't worked too.

I am getting the following logs

2019-02-04 08:18:40.091 26706-26706/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2019-02-04 08:18:40.091 26706-26706/? A/DEBUG: Build fingerprint: 'OnePlus/OnePlus6/OnePlus6:9/PKQ1.180716.001/1812250000:user/release-keys'
2019-02-04 08:18:40.091 26706-26706/? A/DEBUG: Revision: '0'
2019-02-04 08:18:40.091 26706-26706/? A/DEBUG: ABI: 'arm'
2019-02-04 08:18:40.091 26706-26706/? A/DEBUG: pid: 26703, tid: 26703, name: busybox >>> /data/data/com.gluu.life/ki4a/bin/busybox <<<
2019-02-04 08:18:40.091 26706-26706/? A/DEBUG: signal 31 (SIGSYS), code 1 (SYS_SECCOMP), fault addr --------
2019-02-04 08:18:40.091 26706-26706/? A/DEBUG: Cause: seccomp prevented call to disallowed arm system call 214
2019-02-04 08:18:40.091 26706-26706/? A/DEBUG: r0 000028b5 r1 aeab4be2 r2 6e647000 r3 000028b5
2019-02-04 08:18:40.091 26706-26706/? A/DEBUG: r4 00000002 r5 ffa76ed8 r6 0000005b r7 000000d6
2019-02-04 08:18:40.091 26706-26706/? A/DEBUG: r8 aeacd0e4 r9 00000043 r10 aeabfa14 r11 ffa76ecc
2019-02-04 08:18:40.091 26706-26706/? A/DEBUG: ip 00000000 sp ffa76e08 lr aea70c67 pc f0c5dd10
2019-02-04 08:18:40.092 26706-26706/? A/DEBUG: backtrace:
2019-02-04 08:18:40.092 26706-26706/? A/DEBUG: #00 pc 00054d10 /system/lib/libc.so (setgid+12)
2019-02-04 08:18:40.092 26706-26706/? A/DEBUG: #1 pc 00032c63 /data/data/com.gluu.life/ki4a/bin/busybox
2019-02-04 08:18:40.093 26706-26706/? A/DEBUG: #2 pc 000289ef /data/data/com.gluu.life/ki4a/bin/busybox
2019-02-04 08:18:40.093 26706-26706/? A/DEBUG: #3 pc 00028a47 /data/data/com.gluu.life/ki4a/bin/busybox
2019-02-04 08:18:40.093 26706-26706/? A/DEBUG: #4 pc 00028c6d /data/data/com.gluu.life/ki4a/bin/busybox
2019-02-04 08:18:40.093 26706-26706/? A/DEBUG: #5 pc 00007193 /data/data/com.gluu.life/ki4a/bin/busybox
2019-02-04 08:18:40.093 26706-26706/? A/DEBUG: #6 pc 0008af6d /system/lib/libc.so (__libc_init+48)
2019-02-04 08:18:40.093 26706-26706/? A/DEBUG: #7 pc 00007374 /data/data/com.gluu.life/ki4a/bin/busybox

Hello
Will you update and relaunch the app in google play store?
Is there any similar app there?

I got this error message in my openssh server:
Jul 10 14:29:27 machine sshd[11022]: Unable to negotiate with ipaddr port 25555: no matching MAC found. Their offer: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 [preauth]

My server is using openssh-7.6p1. Many of the MACs supported by this app are considered insecure. A newer MAC algorithm should be added. Something like [email protected]

some output from ssh-audit.py:

(mac) hmac-md5                              -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
                                            `- [warn] using encrypt-and-MAC mode
                                            `- [warn] using weak hashing algorithm
                                            `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
(mac) hmac-sha1                             -- [warn] using encrypt-and-MAC mode
                                            `- [warn] using weak hashing algorithm
                                            `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
(mac) [email protected]                   -- [warn] using encrypt-and-MAC mode
                                            `- [warn] using small 64-bit tag size
                                            `- [info] available since OpenSSH 4.7

i had to remove: hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
to get my sshd process to start

app error log:

[libsuperuser][O][SH*] no matching mac found: client hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 server [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,[email protected]
[libsuperuser][O][SH-] 255
[libsuperuser][C][SH%] END
Disconnected

UDP forwarding is required for some apps, particularly VoIP. It'll be a great addition.

This app is now broken since updating to Android 9. Upon trying to connect, the log states:
[libsuperuser][O][SH*] Could not create directory '/data/local/home/u0_a212/.ssh'.
then later
[libsuperuser][O][SH*] Failed to add the host to the list of known hosts (/data/local/home/u0_a212/.ssh/known_hosts)
and
Couldn't connect to local socks proxy

The OpenVPN still launches, but there is no SOCKS proxy open, so all connections are basically dead.
So it just looks like a permissions issue with creating the required .ssh folder.

I friggen loved this app, please fix!

@perrohunter @jramosf @staf621

Sent from my Asus ASUS_Z00UD using FastHub

Shadow socks adds a tile to to quick settings drawer. I wish Ki4a did the same.

It would be nice if it was possible to easily switch between diffrent ssh servers.

I love Ki4a. I have tried different tunnelling apps, and they just do not work properly, and Ki4a works very well.

I was surprised there is no option to auto-start on boot. Can you please add an option to autostart when Android starts, and auto-connect when the app starts?

I have a rooted phone, I can autostart Ki4a, and I have tried configuring tasker and the autoinput plugin but I have not been able to make it work properly.

Please add options to Ki4a:

1 - autoconnect when Ki4a starts

2 - autostart when Android starts (even if just for rooted devices)

Thanks!

How to compile this project? I need this project too much, but I can't compile it in Android (a lot of errors)

It would be really cool to be able to build this app fully from sources including all the binary dependencies. It would bring the app to the next level of trust

I can log in with another ssh client on the same device and ping google.com

Log with server and user name redacted
ki4a.txt

Nexus 5X with Android 7.1.1

not connect to server "no hostkey alg "

Hello,
Im trying to Enable proxy on App, but I get an error. Im using Proxy port:21
When I try to connect it makes this error:
D/libsuperuser: [libsuperuser][C][SH%] START
D/libsuperuser: [libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 tun2socks
D/libsuperuser: [libsuperuser][O][SH*] Bad system call
D/libsuperuser: [libsuperuser][C][SH%] END
I/ki4a: Stopping VPN tunnel
Closing
D/EGL_emulation: eglMakeCurrent: 0xde8858a0: ver 2 0 (tinfo 0xde883830)
I/ki4a: Closing
D/EGL_emulation: eglMakeCurrent: 0xde8858a0: ver 2 0 (tinfo 0xde883830)

Regards,

I can't compile the project, there are a lot of files missing, but I will start to see the code, this is will a tunnel in all the application? if i consume an retrofit to localhost with this implemented will search on the localhost of the computer

Hello
It is very neccessary to add a feature which allow setting IP/Network Address, FQDNs and applications which when set will be connected directly instead of over the tunnel.

It is neccessary for connecting Local Network servers, services when working on networked environments.

when trying to use on samsung galaxy s9 connction close after 2 minutes .

here is app log

[libsuperuser][C][SH%] START
[libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 korkscrew;/data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 ssh;/data/data/com.staf621.ki4a/ki4a/bin/busybox killall pdnsd
[libsuperuser][O][SH*] killall: korkscrew: no process killed
[libsuperuser][O][SH*] killall: ssh: no process killed
[libsuperuser][O][SH*] killall: pdnsd: no process killed
[libsuperuser][C][SH%] END
Service received a request! toState=1, current_status=0
Asking for permission to use VPN
Service received a request! toState=4, current_status=2
[libsuperuser][C][SH%] START
[libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/pdnsd -c /data/data/com.staf621.ki4a/ki4a/pdnsd.conf -d; echo $?
[libsuperuser][O][SH-] 0
[libsuperuser][C][SH%] END
Util.startVPN
Starting VPN tunnel
Starting
Protecting SSH fd
Starting new wait4connection
Let's get sshfd
[libsuperuser][C][SH%] START
[libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/sshpass -p ******** /data/data/com.staf621.ki4a/ki4a/bin/ssh 62.113.254.116 -p 22 -l user -NT -g -D 7777 -L 127.0.0.1:8163:4.2.2.4:53 -C -o "ProxyCommand /data/data/com.staf621.ki4a/ki4a/bin/korkscrew --ancillaryfile /data/data/com.staf621.ki4a/ki4a/sshfd_file --directconnection --desthost %h --destport %p" -o "KeepAlive yes" -o "ServerAliveInterval 15" -o "StrictHostKeyChecking=no" -o "GlobalKnownHostsFile=/dev/null"; echo $?
[libsuperuser][O][SH*] Could not create directory '/data/local/home/u0_a471/.ssh'.
Got SSHfd [160]
Configure
Routing all traffic
[libsuperuser][C][SH%] START
[libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/tun2socks --netif-ipaddr 26.26.26.2 --netif-netmask 255.255.255.0 --socks-server-addr 127.0.0.1:7777 --tunmtu 1500 --dnsgw 26.26.26.1:8153 --pid /data/data/com.staf621.ki4a/ki4a/tun2socks.pid; echo $?
[libsuperuser][O][SH-] 0
[libsuperuser][C][SH%] END
Let's send FD to tun2socks
Closing
Closing
[libsuperuser][C][SH%] START
[libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 korkscrew;/data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 ssh;/data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 tun2socks/data/data/com.staf621.ki4a/ki4a/bin/busybox killall pdnsd
[libsuperuser][O][SH*] Connection closed by UNKNOWN
[libsuperuser][O][SH-] 255
[libsuperuser][C][SH%] END
Wait4connection: verifying connectivity...
Reconnecting...
[libsuperuser][O][SH*] killall: ssh: no process killed
Util.stopVPN
[libsuperuser][C][SH%] START
[libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 tun2socks
[libsuperuser][O][SH*] killall: tun2socks/data/data/com.staf621.ki4a/ki4a/bin/busybox: no process killed
Stopping VPN tunnel
Closing
ToStatus = 2
[libsuperuser][O][SH*] killall: killall: no process killed
[libsuperuser][C][SH%] END
[libsuperuser][C][SH%] START
[libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/busybox killall pdnsd; echo $?
[libsuperuser][C][SH%] END
Closing
[libsuperuser][O][SH*] killall: pdnsd: no process killed
[libsuperuser][O][SH-] 1
[libsuperuser][C][SH%] END
Connected
Wait4connection: connection detected [first connection]
ToStatus = 4
Ad loaded callback.
Service received a request! toState=0, current_status=4
Disconnected
[libsuperuser][C][SH%] START
[libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 korkscrew;/data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 ssh;/data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 sshpass;/data/data/com.staf621.ki4a/ki4a/bin/busybox killall pdnsd
[libsuperuser][O][SH*] killall: korkscrew: no process killed
[libsuperuser][O][SH*] killall: ssh: no process killed
[libsuperuser][O][SH*] killall: sshpass: no process killed
[libsuperuser][O][SH*] killall: pdnsd: no process killed
[libsuperuser][C][SH%] END
Util.stopVPN
[libsuperuser][C][SH%] START
[libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 tun2socks
[libsuperuser][O][SH*] killall: tun2socks: no process killed
[libsuperuser][C][SH%] END
ToStatus = 0
Stopping VPN tunnel
Closing
Closing
Ad loaded callback.
Ad loaded callback.
Ad loaded callback.
Ad received callback.

whatsapp and telegram voice call does not work when connected using the vpn way

is this unblock WhatsApp voice call when using SSH+Proxy?
Any solution for unblocking?

nice project but I see binaries in assets folder, would like to give me direct link of or link to project to compile myself. thanks!

'deducted'

E/ki4a: Unable to connect to localSocksFile [/data/data/com.spotvpn.ssh/ki4a/tunfd_file]

Okay, edited. Correcting the typo didn't help. Below is a new log (I substituted "domain" for the actual name in a spate of paranoia):

[libsuperuser][C][SH%] START
[libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 korkscrew;/data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 ssh;/data/data/com.staf621.ki4a/ki4a/bin/busybox killall pdnsd
[libsuperuser][O][SH*] killall: korkscrew: no process killed
[libsuperuser][O][SH*] killall: ssh: no process killed
[libsuperuser][O][SH*] killall: pdnsd: no process killed
[libsuperuser][C][SH%] END
Service received a request! toState=1, current_status=0
Ad loaded callback.
Ad received callback.
Asking for permission to use VPN
Service received a request! toState=4, current_status=2
[libsuperuser][C][SH%] START
[libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/pdnsd -c /data/data/com.staf621.ki4a/ki4a/pdnsd.conf -d; echo $?
[libsuperuser][O][SH-] 0
[libsuperuser][C][SH%] END
Util.startVPN
Starting VPN tunnel
[libsuperuser][C][SH%] START
Starting new wait4connection
Starting
Protecting SSH fd
Let's get sshfd
[libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/ssh "domain" -p 8000 -l -NT -g -D 7777 -L 127.0.0.1:8163:8.8.8.8:53 -R 8000:"domain":8000 -i "/data/data/com.staf621.ki4a/ki4a/id_rsa" -C -o "ProxyCommand /data/data/com.staf621.ki4a/ki4a/bin/korkscrew --ancillaryfile /data/data/com.staf621.ki4a/ki4a/sshfd_file --directconnection --desthost %h --destport %p" -o "KeepAlive yes" -o "ServerAliveInterval 15" -o "StrictHostKeyChecking=no" -o "GlobalKnownHostsFile=/dev/null"; echo $?
[libsuperuser][O][SH*] Pseudo-terminal will not be allocated because stdin is not a terminal.
[libsuperuser][O][SH*] Could not create directory '/data/local/home/u0_a97/.ssh'.
Got SSHfd [190]
Configure
Routing all traffic
[libsuperuser][C][SH%] START
[libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/tun2socks --netif-ipaddr 26.26.26.2 --netif-netmask 255.255.255.0 --socks-server-addr 127.0.0.1:7777 --tunmtu 1500 --dnsgw 26.26.26.1:8153 --pid /data/data/com.staf621.ki4a/ki4a/tun2socks.pid; echo $?
[libsuperuser][O][SH-] 0
[libsuperuser][C][SH%] END
Let's send FD to tun2socks
Done tun2socks RUN
[libsuperuser][O][SH*] Failed to add the host to the list of known hosts (/data/local/home/u0_a97/.ssh/known_hosts).
Ad loaded callback.
Ad loaded callback.
Wait4connection: verifying connectivity...
Couldn't connect java.net.UnknownHostException: Unable to resolve host "google.com": No address associated with hostname
[libsuperuser][O][SH*] Permission denied (publickey).
[libsuperuser][O][SH-] 255
[libsuperuser][C][SH%] END
Wait4connection: verifying connectivity...
Couldn't connect java.net.UnknownHostException: Unable to resolve host "google.com": No address associated with hostname
Disconnected
[libsuperuser][C][SH%] START
[libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 korkscrew;/data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 ssh;/data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 sshpass;/data/data/com.staf621.ki4a/ki4a/bin/busybox killall pdnsd
[libsuperuser][O][SH*] killall: korkscrew: no process killed
ToStatus = 0
[libsuperuser][O][SH*] killall: ssh: no process killed
[libsuperuser][O][SH*] killall: sshpass: no process killed
[libsuperuser][C][SH%] END
Util.stopVPN
Stopping VPN tunnel
Closing
[libsuperuser][C][SH%] START
[libsuperuser][C][SH+] /data/data/com.staf621.ki4a/ki4a/bin/busybox killall -9 tun2socks
[libsuperuser][C][SH%] END
Closing
Ad loaded callback.
Ad received callback.
Ad loaded callback.
Ad received callback.

In android 9 when you click on disconnect button, the app will toast "disconnected" and notification icon will disappear but vpn connection will still remain

How can I verify server's pub key sha256 or md5? Otherwise this VPN solution would be vulnerable to Man in the Middle attack

Looking at the log file it seems as if you are using the ServerAliveInterval option in SSH. Consider letting the user configure it for better connection stability.

Hi, Would you please tell me how to build and compile after clone it in Android Studio? thanks!

I cannot find any already available apk file.
Do I have to compile it myself?

Application does not reconnect when switching between mobile and WiFi data.
Everything seems to be fine, but there is no network connectivity.

Application should detect that and try to reconnect.

Thanks for your Open source . SSH VPN.
I used it . For personal use only.

See the screenshot
http://imgur.com/sQYVJe6

Maybe i´m only doing something wrong, sorry, didn´t find a forum for ki4a:

I can´t enter my hostname like myserver.com, only IP Adress works, but unfortunately this changes each day
Trying this hostname with putty works straightforward, so it must be something in ki4a?

Button goes from yellow back to red imediately, log also shows nothing relevant

Hello,

i want to forward ports which are used for udp and some for tcp. May i am missing something but it seems like i cannot change the protokoll from tcp to udp. Ki4a always forwards with tcp. Is this a missing feature? BTW i'm using iptables instead of stock vpn, since i am using Pie which does not work flawlessly with ki4a)

Greetings,
NoDiskNoFun

Version 1.1.9 has been available on the Play Store for months, yet the source code is still 1.1.8.
Any plans to push the latest code to the repo?

Hi, I like your application a lot. Could you add one application filter for the SSH tunnel? Thanks a lot

Adding timestamps and also an option to clear the log would be much appreciated.

Need the ability to set the domain name for DNS resolution when the VPN is active, otherwise hosts on the SSH termination network can't be resolved without a fully qualified name. The VPN should make the device behave as if it is directly connected to the destination network, and without a domain name that isn't the case.

For example, if the internal network that SSH connects to is known to DNS as bobby.myisp.net, and you want to connect to host 'sam' you can't use:

http://sam/

You have to use:

http://sam.bobby.myisp.net/

First of all thank you for making this app and making it open source. I'm using it for couple of days now and I realised that it's battery usage is very high. Is there anything I can do to reduce it's battery drain?