Here is simple way to listen to self-hosted music on Android without installing specific streaming software on your server.
This method relies 100% on SSH.
Table of contents ¶
- Table of contents
- Software needed
- Final testing
Software needed ¶
Install these apps from F-Droid
At the time of writing VLC for Android does not support public key authentication with SFTP. To solve this problem, we will use ConnectBot to:
- connect to the server
- make a local SSH tunnel for VLC
The following instructions apply to a GNU/Linux system.
New user ¶
Connect to the server.
For sake of security I created a new user called
useradd -m -s /bin/bash music passwd music
I then moved all the music files in a directory called
To further harden the server in terms of security we must disable TTYs and force the internal SFTP server for the SSH daemon. Here is what I added to
Match User music Address 127.0.0.1 PasswordAuthentication yes IPQoS throughput PermitTTY no ForceCommand internal-sftp Match User music X11Forwarding no AllowTcpForwarding yes PermitTTY no ForceCommand internal-sftp IPQoS throughput
Now, restart OpenSSH
systemctl restart ssh
Key pair generation ¶
Open ConnectBot on your phone and generate a key pair:
- tap the menu icon, in the top right of the screen
- Manage Pubkeys
- tap the
- set these values
- Password: <a password>
- Load key on start: true
The encryption password will be prompted unless it has not been previously unlocked, for example by a previous connection.
Unlock the key by tapping it. Tap the key longer and select Copy public key.
You now have to copy the public key to the server (
/home/music/.ssh/authorized_keys). You can send it by email for example (it is now in Android’s copy-paste buffer).
Add a new host to ConnectBot ¶
Now we need to add an SSH host on ConnectBot. Go back to Connectbot’s home screen and tap on the
+ button. Add the host and tap Use pubkey authentication.
Enable these flags:
- Stay connected
Disable this flag:
- Start shell session
myserver public key by tapping Use pubkey authentication.
Disconnect from the server and reconnect to it. If everything works as expected you won’t see any errors.
Port forwarding ¶
Make a long tap on the host and select Edit port forwards and then tap the
To be able for VLC to connect to the server we need to create a port forward, like this:
- Source Port:
Open the VLC app.
Go to the Browse section and tap the
+ button. Select
SFTP as protocol and edit the fields like this:
- Server address (domain name):
- Folder path (optional):
- Server name, for conveniency:
Once you add the server tap the new directory icon you find in VLC Browse page. The first time you do this you will be prompted for the
music user’s password.
You should now be able to see and play the music files.
Final testing ¶
Close ConnectBot and VLC and retry everything.
- Not bandwidth efficient.
- No transcoding is possible using this method.