Hi,
This is for everyone who's wondering why the USB Authorization dialog box does not show up, when you try to use adb from a new computer. This dialog box is the one that asks "Allow USB debugging?" and has your computer's RSA key fingerprint.
By default, ie any regular Androind implementation, whether or not this dialog pop-up is dictated by the ro.adb.secure property being 1. (You can see by running getprop ro.adb.secure from a shell). There's a couple of interrelated ones such as ro.secure and ro.debuggable. As an example, the GPE M8 follows this convention.
The non-GPE M8, on the other hand, is also based on S-Off. That's right! If you are S-Off, HTC has decided that you must want your phone to be a giant gapping security hole, so why anyone can adb your phone. This is regardless if the bootloader is locked or unlocked, whether the CID is superCID or not, whether you have root or not.
So, if you care about the security of data on your phone, either do not have S-Off or do not leave USB debugging enabled.
Related
After upgrading to Android 4.2.2, a new secure feature is introduced to adb. The first time a computer wants to connect to an Android device, a popup window will appear on the screen of the Android device.
I've already upgraded my /opt/android-sdk/platform-tools/adb and I mis-pressed the "No" button on the screen when the popup shows to let me confirm the RSA key! Now there are no more popup windows! No matter how I adb kill-server or even restart my computer and Nexus 7, the popup will not show for the second time, not giving me a second chance to confirm the RSA key...
I tried another Linux computer and the popup window shows correctly. How can I somhow edit the whitelist/blacklist file in Android and let the popup windows show for the second time for my computer? Where is the adb whitelist/blacklist file in Android?
If I recall correctly it doesn't have remember autolocked so it should show up again.
Maybe restart the machine itself or the device.
And this goes without saying but make sure USB debugging is on
There is a "remember" setting when choosing. I know a factory reset will fix it or flashing a new rom if rooted, but that might be a little extreme. But I cannot figure out what app would hold that data, so that might be your only choice if you need adb.
can't Pin login with device encryption enabled.
I'll hope that this is the right tread.
I have an s5 SM-G900F with device encryption enabled. With my nexus 7 running 4.4.2 and S4 active running 4.2.2 I have device encryption enabled. I use a python script to change the lockscreen pin. SO'll have an easy way to open the device. and a difficult password for unlocking the device when booting up.
This works on both S4 active and Nexus 7. also tested it on a Note 2 running 4.1.1.
Point is that this little trick doens't work om my shiny S5 gives an error: Password hash size mismatch.
I tried ohter apps with the same functionalitiy like: encpasschanger and cryptfs password. both gave a similar error.
Could it be that the s5 stores its PW database on a different location?
any solutions?
i'll attach the pithon sciypt with this post.
All of the devices run stock fw's
Sent from somewhere
found a solution
I asked the dev from "Cryptfs Password"
his answer:
Most Samsung devices use slightly different commands for disk encryption,
so the app doesn't work on those devices. You can always change the
password directly from the ADB shell. Connect your phone via USB and do
this on your PC:
$ adb shell
$ su
# vdc cryptfs changepw <newpassword>
See this article for details:
http://nelenkov.blogspot.jp/2012/08/changing-androids-disk-encryption.html
I am wondering around the internet to learn any method to disable MTP/PTP/all usb stuff except charging.
So, why i want this?
Because i want my device to be secure.
I don't anyone to sneak around and try to go into bootloader or recovery/connection to a pc etc to set my device to make a fresh start/copying data and end my privacy up.
So is there a way to disable those functions?
And if it is possible then what? Will it be secured?
And the big question is that can i enable it through recovery (from adb or moving mobile files) as you know if one has a messed up rom then he/she should have those functions workable.
.
@LGaljo?
@nik60?
@MAXSIMUS96?
@adityaupreti?
@Ciro?
@Renix63?
@sev3n1985?
delete mtpApplication.apk in syste/priv-app and in dev options..deflag debug usb
anyway ...not tried because i don't use pin in LS--but in S6 when phone is locked with pin is not recognized with PC
So will it disable the mobile to connect to a pc through bootloader?
I found this on a web:
.
The most device-compatible way to disable everything is to run this command at startup or set this in your build.prop:
Code:
setprop persist.sys.usb.config none
which is equivalent to charge-only on all Android devices.
That also disables adb. If you use adb regularly, then:
Code:
setprop persist.sys.usb.config adb
will allow adb when developer options are turned on/checked. If you don't use ADB often, I would not recommend it, because setting adb causes my S5 to still recognize in device manager, even when it is locked.
To restore original functionality,
Code:
setprop persist.sys.usb.config mtp,ptp,adb
allows all USB protocols.
Hi,
I recently rooted my Samsung Galaxy Tab A thanks to the wonderful folks of this forum. However, now that it's rooted I can't seem to connect to it via adb. For example, I see the device listed when I run "adb devices", but it is listed as "unauthorized". I no longer received the prompt to allow USB debugging. More precisely, I can still access the developer options and see that "USB debugging" is enabled, I just don't receive the pop-up prompt to "Allow USB debugging?" that list my local computer's RSA fingerprint/etc after I plug in the usb... the device just remains unauthorized and never asks me to click ok to allow usb debugging.
As suggested elsewhere, I tried removing the adbkey and adbkey.pub in the .android directory on my local computer and the killing/starting the adb server to generate new keys on the local machine, but that also doesn't seem to help...
Additionally, I noted that there is also no longer a button under developer option to "Revoke USB authorizaiton" (maybe because there are now no longer any keys in /data/misc/adb/adb_keys ?)
Any idea how to get adb shell to work again? Or maybe it not possible after rooting?
Thanks!
__adam_ said:
Hi,
I recently rooted my Samsung Galaxy Tab A thanks to the wonderful folks of this forum. However, now that it's rooted I can't seem to connect to it via adb. For example, I see the device listed when I run "adb devices", but it is listed as "unauthorized". I no longer received the prompt to allow USB debugging. More precisely, I can still access the developer options and see that "USB debugging" is enabled, I just don't receive the pop-up prompt to "Allow USB debugging?" that list my local computer's RSA fingerprint/etc after I plug in the usb... the device just remains unauthorized and never asks me to click ok to allow usb debugging.
As suggested elsewhere, I tried removing the adbkey and adbkey.pub in the .android directory on my local computer and the killing/starting the adb server to generate new keys on the local machine, but that also doesn't seem to help...
Additionally, I noted that there is also no longer a button under developer option to "Revoke USB authorizaiton" (maybe because there are now no longer any keys in /data/misc/adb/adb_keys ?)
Any idea how to get adb shell to work again? Or maybe it not possible after rooting?
Thanks!
Click to expand...
Click to collapse
I finally solved this problem.... I don't think it was particular to the Galaxy Tab A.
In order to get adb working again I had to put the device into recovery mode (power down, then power up while holding power, up-volume, home button). I then went to the terminal application of the Team Win Recovery. In terminal I issues "stop adbd" then "start adbd". At this point the device now shows up on the local host PC when I run "adb devices" (it shows up as "recovery" rather than unauthorized). I can adb root/shell to the device now. This is really all I need to do. I expect this will solve my problem in non-recovery mode as well. Or, at this point I can push my PC pub key to the device and it should be fine.
This has me stumped. I have tried erasing the .android folder which had the RSA key information and all, and I have also reinstalled all drivers. I have also unauthorized all previous keys under the developer menu.
When I unlocked the bootloader, it erased all the data. I made a backup beforehand, and then restored from that backup using the LG tool.
When I list devices using ADB, it just says my device is unauthorized and when trying to execute a command it throws this error:
Error: device unauthorized.
This adb server's $ADB_VENDOR_KEYS is not set
Try 'adb kill-server' if that seems wrong.
Otherwise check for a confirmation dialog on your device.
Now either I am an idiot or the backup messed with the RSA keys used in ADB.
Any help would be greatly appreciated.
Have you tried to just use the 'Revoke USB debugging authorization' function inside of the Dev Options menu and then type 'adb kill-server' then retry to connect your phone to adb. It should ask again to reauthorize the computer.
Twisted
twistedvip said:
Have you tried to just use the 'Revoke USB debugging authorization' function inside of the Dev Options menu and then type 'adb kill-server' then retry to connect your phone to adb. It should ask again to reauthorize the computer.
Twisted
Click to expand...
Click to collapse
Yes I have already tried that. I have restarted my computer, restarted my phone and I have revoked authorization many times. This was my last resort to ask here.
SOLVED!!!
originally discussed here:
https://forum.xda-developers.com/verizon-lg-g3/help/unable-to-access-adb-t2830087/page3#post71075750
I removed a user variable in windows environment:
click START -> right click COMPUTER -> click ADVANCED SYSTEM SETTINGS in the left margin -> click ENVIRONMENT VARIABLES
In the user variables section, delete the user variable with the value pointing to your android folder (for me it was C:\ Android). I had this location created when i first tried installing an older version of ADB. I later read that you could delete the RSA key (which was save in this directory) in order to get your phone to re-request RSA authorization (which is exactly what people here are trying to do). I deleted the adbkey and adbkey.pub files, but still could not get my phone to re-request RSA authorization. I then deleted the android folder itself (C:\Android). This did not solve the issue either. THEN, I DELETED THE USER VARIABLE WITH THE VALUE C:\ANDROID AS DESCRIBED. I restarted my computer and my S4 requested the RSA authorization and I am able to perform ADB communications.
You can also reinstall your phone drivers if this doesn't quite help. I did both.
You can do this through device manager, or by clicking start -> devices and printers -> right click your device -> click the hardware tab -> go through each function in the device function box and click properties -> driver -> uninstall. Reboot your computer. If windows does not auto-install your drivers, download the latest manufacture drivers and install them.
Between these two steps, i was FINALLY able to get my s4 to display the pop up for RSA authorization
If this helped you please hit thanks so I know I was able to help! Good luck guys and gals!! I know how painful this is, it took me trying on and off for months!!!