Tags


A simple method to play self-hosted music on Android

First written on June 11, 2022

Introduction

Here is simple way to listen to self-hosted music on Android without installing specific streaming software on your server.

This method relies 100% on SSH.

Table of contents

Software needed

GNU/Linux

Android

Install these apps from F-Droid

Configuration

Introduction

At the time of writing VLC for Android does not support public key authentication with SFTP. To solve this problem, we will use ConnectBot to:

The following instructions apply to a GNU/Linux system.

New user

Connect to the server.

For sake of security I created a new user called music:

useradd -m -s /bin/bash music
passwd music

I then moved all the music files in a directory called /home/music/files.

OpenSSH

To further harden the server in terms of security we must disable TTYs and force the internal SFTP server for the SSH daemon. Here is what I added to /etc/ssh/sshd_config:

Match User music Address 127.0.0.1
    PasswordAuthentication yes
    IPQoS throughput
    PermitTTY no
    ForceCommand internal-sftp

Match User music
    X11Forwarding no
    AllowTcpForwarding yes
    PermitTTY no
    ForceCommand internal-sftp
    IPQoS throughput

Now, restart OpenSSH

systemctl restart ssh

ConnectBot

Key pair generation

Open ConnectBot on your phone and generate a key pair:

  1. tap the menu icon, in the top right of the screen
  2. Manage Pubkeys
  3. tap the [+] button
  4. set these values
    • Nickname: myserver
    • Type: RSA
    • Bits: 4096
    • Password: <a password>
    • Load key on start: true

The encryption password will be prompted unless it has not been previously unlocked, for example by a previous connection.

Unlock the key by tapping it. Tap the key longer and select Copy public key.

You now have to copy the public key to the server (/home/music/.ssh/authorized_keys). You can send it by email for example (it is now in Android’s copy-paste buffer).

Add a new host to ConnectBot

Now we need to add an SSH host on ConnectBot. Go back to Connectbot’s home screen and tap on the + button. Add the host and tap Use pubkey authentication.

Enable these flags:

Disable this flag:

Set the myserver public key by tapping Use pubkey authentication.

Test

Disconnect from the server and reconnect to it. If everything works as expected you won’t see any errors.

Port forwarding

Make a long tap on the host and select Edit port forwards and then tap the + button.

To be able for VLC to connect to the server we need to create a port forward, like this:

connectbot port forwarding
ConnectBot port forwarding

VLC

Open the VLC app.

Go to the Browse section and tap the + button. Select SFTP as protocol and edit the fields like this:

Once you add the server tap the new directory icon you find in VLC Browse page. The first time you do this you will be prompted for the music user’s password.

You should now be able to see and play the music files.

Final testing

Close ConnectBot and VLC and retry everything.

Problems


Post a new comment