Android Non Root has three versions:
- The HTML version: https://willie169.github.io/Android-Non-Root.
- The Markdown version: https://github.com/Willie169/Android-Non-Root.
- The app version: https://github.com/Willie169/Android-Non-Root-App.
- App download link: https://github.com/Willie169/Android-Non-Root-App/releases/download/v1.0/com.willie.androidnonroot%5F10.apk.
In this tutorial, we'll explore a range of powerful, open-source tools such as Termux, Shizuku, Tor, TrackerControl, InviZible Pro, QEMU, and Andronix to enhance your Android device’s functionality, security, privacy, and customization without the need for root access.
Please read the Global Note before you start or you may encounter errors.
- Table of Contents
- Author Information
- Global Note
- Termux: A Powerful Terminal Emulation with an Extensive Linux Package Collection
- Termux Graphical Environment with VNC Server, and Fluxbox or Openbox Windows Manager or XFCE, LXQt, or MATE Desktop Environment
- Andronix with Termux: Install Linux Distributions in Termux on Non-Rooted Android Devices
- QEMU System Emulation with Termux: Full System Emulation of Multiple CPU Architectures and Operating Systems with ISO Image Method or QCOW2 Cloud Image
- AVNC: A VNC Client for Android
- Shizuku, SystemUI Tuner, and aShell: Use Local ADB of Android Device on Terminals Such as Termux without Another Device with Shizuku, Leave Developer Options off When Doing So with SystemUI Tuner, and Use ADB with Features like Autocomplete Suggestion with aShell
- Install Shizuku
- Introduction of Shizuku and ADB
- Connect Shizuku to Wireless ADB
- Use Shizuku in a Terminal Application for the First Time (Termux for Example)
- Install SystemUI Tuner
- To Leave Developer Options off When Using Shizuku to Connect to ADB
- Reconnect Shizuku in Case it Stops with SystemUI Tuner
- Other SystemUI Tuner Usage
- Using aShell
- TrackerControl and InviZible Pro: Route Traffic through Tor, Block DNS over UDP, Set DNS Server, and Block Trackers
- Install InviZible Pro
- Install TrackerControl
- Use TrackerControl to Block Trackers
- Configure TrackerControl (TC) to be used with InviZible Pro
- Configure InviZible Pro to be used with TrackerControl
- Use Tor but not DNSCrypr of InviZible Pro
- Use DNSCrypr But not Tor of InviZible Pro
- Check Whether the Tor Route Setup Is Successful
- Use Invizible Pro without TrackerControl
- Tor Browser
- OpenSSL: Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Protocols and Cryptography Library Implementation
- File and Directory Management of Termux and Linux
- cp (Copy files and directories)
- mv (Move or rename files and directories)
- rm (Remove files or directories)
- mkdir (Create directories)
- ls (List directory contents)
- rmdir (Remove empty directories)
- find (Search for files and directories)
- touch (Create or update file timestamps)
- chmod (Change File Permissions)
- chown (Change File Ownership)
- df (Disk Space Usage)
- du (Disk Usage)
- pwd (Check Current Directory)
- OpenSSH with Linux or Termux and SFTP Server Mount on Material Files: Secure Remote Access
- droidVNC-NG: VNC server app for Android that does not require root privileges
- SD Maid SE: A File Management Tool and System Cleaner
- Linux Command Library
- Linux and Termux Odds and Ends
- Promoted or Related Works, References, and Bibliography
- Termux by Fredrik Fornwall / Termux / termux
- Andronix by Devriz Technologies LLP / Andronix App /AndronixApp
- Shizuku by Xingchen & Rikka / RikkaApps
- SystemUI Tuner by Zachary Wander / zacharee
- Invizible Pro by Garmatin Oleksandr / Oleksandr Garmatin / Gedsh
- TrackerControl / TC by TrackerControl / Oxford HCC
- NetGuard by Marcel Bokhorst / M66B / Marcel Bokhorst, FairCode BV
- DontKillMyApp / DontKillMyApp: Make apps work by Urbandroid Team / urbandroid-team / Petr Nálevka (Urbandroid)
- aShell by Sunil Paul Mathew M. / sunilpaulmathew
- QEMU by Qemu Project / QEMU
- Tor and Tor Browser by The Tor Project
- MyIP / IPCheck.ing by Jason Ng / jason5ng32
- Debian
- Linux Command Library by Simon Schubert / SimonSchubert
- OpenSSL by OpenSSL / openssl
- ANC by Gaurav Ujwal / gujjwal00
- Material Files / MaterialFiles by Hai Zhang / zhanghai
- SD Maid SE / SD Maid 2/SE - System Cleaner / sdmaid-se by d4rken / d4rken-org / darken / darken development
- droidVNC-NG / droidVNC-NG VNC Server by Christian Beier / bk138
- Others
- Contribution
- License
The author of this tutorial is Willie169 (Willie Shen).
If for whatever reason you want to send me money, here are where you may do so:
- BTC: bc1qm7fuvza2tktvjzfmvf37vw6yft5ntd2u5gh9l0
- ETH: 0xC5A26bF0F3564a77973a261624231Ac9DE647967
- BNB (BNB Smart Chain): 0xC5A26bF0F3564a77973a261624231Ac9DE647967
- SOL: 5ytjeNsMqxUqCZGHghGWjZNZHFSebwfAkKXepExmqvTU
- DOGE: DQUWv5vBhCLgoCCyNU2T4fh35ZhGi9cM4T
- XMR: 48j6iQDeCSDeH46gw4dPJnMsa6TQzPa6WJaYbBS9JJucKqg9Mkt5EDe9nSkES3b8u7V6XJfL8neAPAtbEpmV2f4XC7bdbkv
Many sections of the tutorial mention Termux and Linux. Read the tutorial about them in Termux: A Powerful Terminal Emulation with an Extensive Linux Package Collection, Termux Graphical Environment with VNC Server, and Fluxbox or Openbox Windows Manager or XFCE, LXQt, or MATE Desktop Environment, File and Directory Management of Termux and Linux, OpenSSH with Linux or Termux: Secure Remote Access, Linux Command Library, and Linux and Termux Odds and Ends.
- Always run
apt update
before anyapt install
command in Termux or Linux, including virtual machines and emulations. - Add
sudo
at the beginning of commands in Linux if needed, and removesudo
from the beginning of commands in Termux. - Always run
pkg update
before anypkg install
command in Termux. - Always type
Y
,y
,Yes
, oryes
in response to any prompts that request confirmation during command execution. - Most of the software mentioned in this tutorial is open source unless explicitly stated otherwise. However, it is provided WITHOUT ANY WARRANTY, including but not limited to the implied warranties of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
- Some sections about Linux usages are included since we also cover methods to build a Linux VM in Android device.
- Change the file names, directories, and paths in the commands in the tutorial to the actual ones of yours.
- Many sections of the tutorial mention VNC server. You can connect VNC server with a VNC client on any devices (Linux, Windows, macOS, Android, IOS, etc.). Read the tutorial about AVNC, a VNC client for Android, in AVNC: A VNC Client for Android.
- You may encounter
Process completed (signal 9) press Enter
error even if you follow the steps in this tutorial. Read the tutorial about how to fix it in Process completed (signal 9) press Enter Error. - Many sections of the tutorial mention ADB (Android Debug Bridge). You can connect to an Android device's ADB shell from another device via Android SDK Platform Tools or from the same device via Shizuku. Read the tutorial about Shizuku ADB connection in Shizuku, SystemUI Tuner, and aShell: Use Local ADB of Android Device on Terminals Such as Termux without Another Device with Shizuku, Leave Developer Options off When Doing So with SystemUI Tuner, and Use ADB with Features like Autocomplete Suggestion with aShell.
- Many sections of the tutorial mention Tor. Read the tutorial about it in Introduction of Tor.
- Uncommenting a line means to remove the comment signs (
#
for bash) from the beginning of the line. - When the tutorial uses
nano
,vim
, orvi
to edit a file, you can use any text editor you want, suchnano
,vim
, andvi
.
- Download and Install Termux from F-Droid: https://f-droid.org/packages/com.termux/.
- Note: It is recommended to use Termux's F-Droid version and avoid using Google Play version because the latter is depreciated.
- Many of the following guides work on or depend on Termux.
- If you installed termux from Google Play or a very old version, then you will receive package command errors. Google Play builds are deprecated and no longer supported. It is highly recommended that you update to termux-app v0.118.0 or higher as soon as possible for various bug fixes, including a critical world-readable vulnerability reported at https://termux.github.io/general/2022/02/15/termux-apps-vulnerability-disclosures.html. It is recommended that you shift to F-Droid or Github releases.
- Termux is an Android terminal application and Linux environment. Termux combines powerful terminal emulation with an extensive Linux package collection. Some of the commands available in Linux are available in Termux too, such as
cp
,mv
,ls
,mkdir
,apt
, andapt-get
. - Features:
- Enjoy the bash and zsh shells.
- Edit files with nano and vim.
- Access servers over ssh.
- Compile code with gcc and clang.
- Use the python console as a pocket calculator.
- Check out projects with git and subversion.
- Run text-based games with frotz.
- and more
- At first startup, a small base system is downloaded. Desired packages can then be installed using the apt package manager, which is known from the Debian and Ubuntu Linux distributions. To learn more, access the built-in help by long-pressing anywhere on the terminal and selecting the Help menu option.
$PREFIX
and~
refer to/data/data/com.termux/files/home
.
- Wiki: https://wiki.termux.com/.
- Reddit Community: https://termux.com/community.
- Pinch to zoom in or out.
- Swipe right from the left edge of the screen to drag out the navigation bar, where you can open Termux Settings, start another NEW SESSION, switch to another session, or launch KEYBOARD.
- Long press on screen to:
- COPY: Copy
- PASTE: Paste
- More: More
- Select URL: Select URL
- Share transcipt: transfer all output of the current session (via Android api)
- Reset: Reset
- Kill process: Kill the current terminal session process
- Style: Style (requires Termux: Styling plugin)
- Keep screen on:
- Help: Help documentation (Termux Wiki)
The following are some of the shortcuts commonly used in the terminal, and they also work in Termux. The volume plus button (abbreviated to Volume below) can be used as a special key to generate a specific input, which can be roughly understood as the Fn key on a laptop.
- Ctrl + A - Move cursor to the start position
- Ctrl + E - Move cursor to the end
- Ctrl + K - Cut everything from here to the end
- Ctrl + U - Cut everything from here to the beginning
- Ctrl + W - Cut everything from here to the left
- Ctrl + Y - Paste words cut by Ctrl + U, Ctrl + D, or Ctrl + W
- Ctrl + L - Equivalent to clear command or clear screen
- Ctrl + C - Send Signal Interrupt (SIGINT), which terminate the process
- Ctrl + D - Close the terminal
- Ctrl + Z - Send Signal Terminal Stop (SIGTSTP), which suspend the current process
- Volume + E - Esc
- Volume + T - Tab
- Volume + 1 - F1
- Volume + 2 - F2
- Volume + 3 - F3
- Volume + 4 - F4
- Volume + 5 - F5
- Volume + 6 - F6
- Volume + 7 - F7
- Volume + 8 - F8
- Volume + 9 - F9
- Volume + 0 - F10
- Volume + B / Alt + B - Return a word when using readline
- Volume + F / Alt + F - Forward a word when using readline
- Volume + X / Alt + X
- Volume + W - Up Arrow
- Volume + A - Left Arrow
- Volume + S - Down Arrow
- Volume + D - Right Arrow
- Volume + L - | (pipe character)
- Volume + H - ~ (tilde character)
- Volume + U - _ (underscore character)
- Volume + P - Page Up (previous page)
- Volume + N - Page Down (next page)
- Volume + . / Ctrl + \ - Signal Quit (SIGQUIT)
- Volume + V - Show volume control
- Volume + Q / Volume + K - Show extra button view
Run the following command Termux:
termux-setup-storage
and tap Allow.
Many processes mentioned in this tutorial need Termux to have this permission.
You can edit properties of Termux by:
nano ~/.termux/termux-properties
Properties can be changed including default-working-directory
, allow-external-apps
, volume-keys
, etc.
pkg is a tool for managing apt packages.
Usage: pkg [--check-mirror] command [arguments]
.
--check-mirror
- forces a re-check of availability of mirrors- Commands:
autoclean
- Remove all outdated packages from apt cache.clean
- Remove all packages from apt cache.files <packages>
- Show all files installed by packages.install <packages>
- Install specified packages.list-all
- List all packages available in repositories.list-installed
- List installed packages.reinstall <packages>
- Reinstall specified installed packages at the latest version.search <query>
- Search package by query, for example by name or description part.show <packages>
- Show basic metadata, such as dependencies.uninstall <packages>
- Uninstall specified packages. Configuration files will be left intact.upgrade
- Upgrade all installed packages to the latest version.update
- Update apt databases from configured repositories.
Nano and Vim are both text editors used in Unix-like operating systems.
Install:
apt install nano
Nano is a simple, user-friendly text editor designed for ease of use.
- Basic Functions: It supports basic editing features like cut, copy, paste, search, and replace.
- Command Shortcuts: Common commands are displayed at the bottom of the screen (e.g., ^X to exit).
- Usage: Typically used for quick edits or for users who prefer a no-frills experience. You can open a file by typing
nano filename
.
Vim (Vi IMproved) is a highly configurable and powerful text editor, which is an enhanced version of the original Vi editor. It is favored by experienced users and programmers.
- Modes: Vim operates in different modes (Normal, Insert, Visual, etc.), allowing for more complex editing tasks and commands.
- Extensibility: Users can customize Vim extensively through configuration files and plugins.
- Powerful Editing Capabilities: It has a steep learning curve but offers efficient ways to manipulate text.
- Usage: Often used for programming and extensive text manipulation. You can open a file by typing
vim filename
.
Termux had to move the primary Termux package repository hosting from Bintray to Fosshost since Bintray shut down on May 1st, 2021 which created problems for users while running package installation and update commands with pkg or apt and their commands would fail with errors similar to the following:
E: The repository 'https://termux.org/packages stable Release' does no longer have a Release file.
N: Metadata integrity can't be verified, repository is disabled now.
N: Possible cause: repository is under maintenance or down (wrong sources.list URL?).
E: The repository 'https://dl.bintray.com/grimler/game-packages-24 games Release' does not have a Release file.
N: Metadata integrity can't be verified, repository is disabled now.
N: Possible cause: repository is under maintenance or down (wrong sources.list URL?).
E: The repository 'https://science.termux-mirror.ml science Release' does not have a Release file.
N: Metadata integrity can't be verified, repository is disabled now.
N: Possible cause: repository is under maintenance or down (wrong sources.list URL?).
- Run
termux-change-repo
command. - Select one or more repositories for which you want to change mirror by tapping "space" and navigating over list by up/down arrow keys. Tap enter to confirm the choice.
- Pick a mirror, it is recommended to begin with mirror hosted by Grimler. Same as previously, navigate over list by arrow keys, pick mirror by space key and confirm choice by pressing "enter".
- If you have installed other package repositories, like x11 and root, then you must select and change those mirrors as well. You can check your current mirrors by running the
termux-info
command. Note that the science and game repos have been merged into main repo and should be removed with apt remove science-repo game-repo if you have them installed. - If you receive errors like:
E: Repository 'https://grimler.se/termux-root-packages-24 root InRelease' changed its 'Origin' value from 'Bintray' to 'termux-root-packages-24 root'
E: Repository 'https://grimler.se/termux-root-packages-24 root InRelease' changed its 'Label' value from 'Bintray' to 'termux-root-packages-24 root'
N: This must be accepted explicitly before updates for this repository can be applied. See apt-secure(8) manpage for details.
Do you want to accept these changes and continue updating from this repository? [y/N]
, then accept them by typing y
.
- After changing the mirror, it is highly advisable to run
pkg upgrade
command to update all packages to the latest available versions, or at least updatetermux-tools
package withpkg install termux-tools
command. Also make sure your device has internet connectivity and the repository URLs are accessible in a browser.
- If for some reason
termux-change-repo
is not available, you can manually editsources.list
to replace the main url with a value obtained from Termux Mirrors List. - Run
nano $PREFIX/etc/apt/sources.list
to edit it. - This will not change the urls of other package repositories, to change those run
pkg install termux-tools
afterwards and usetermux-change-repo
or manually edit their files under$PREFIX/etc/apt/sources.list.d
directory. - Changing the mirror may specially be needed if a user is still using bintray as the mirror or
pkg upgrade
command hasn't been run in a while to update termux package related scripts.
- https://github.com/termux/termux-packages/wiki/Package-Management.
- termux/termux-packages#6726.
- termux/termux-packages#6455.
- https://github.com/termux/termux-packages/wiki/Mirrors.
- https://github.com/cyb0rgdoll/freshtermux.
Some Android OS will kill any (phantom) processes greater than 32 (limit is for all apps combined) and also kill any processes using excessive CPU. You may get Process completed (signal 9) - press Enter
message in the terminal without actually exiting the shell process yourself. Here is the guide of how to turn it off.
- In phone's Settings or something similar, go to About Phone > Software Information or something similar, and tap the Version Number seven times to enable Developer Options. Some phones may have different methods to enable Developer Options.
- Find the section named Feature Flags, enter via clicking it.
- Find the switch to toggle off settings_enable_monitor_phantom_procs to disable phantom process killer.
- To enable phantom process killer again, just toggle on the switch.
- Connect to Android Debug Bridge (ADB) of your Android device from Linux, Windows, MacOS, etc. or via Shizuku.
- Type
adb shell
to enteradb shell
. - Run the following commands inside
adb shell
:
/system/bin/device_config set_sync_disabled_for_tests persistent
/system/bin/device_config put activity_manager max_phantom_processes 2147483647
settings put global settings_enable_monitor_phantom_procs false
- To check the status of whether phantom process killer is disabled, run the following commands inside
adb shell
:
/system/bin/dumpsys activity settings | grep max_phantom_processes
/system/bin/device_config get activity_manager max_phantom_processes
- To enable phantom process killer again, run the following commands inside
adb shell
:
/system/bin/device_config set_sync_disabled_for_tests none; /system/bin/device_config put activity_manager max_phantom_processes 32
settings put global settings_enable_monitor_phantom_procs true
- termux/termux-app#2366 (comment).
- termux/termux-app#2366.
- https://docs.andronix.app/android-12/andronix-on-android-12-and-beyond.
- https://www.xda-developers.com/android-13-phantom-process-toggle/.
- https://youtu.be/mjXSh3yq-I0.
- https://ivonblog.com/en-us/posts/fix-termux-signal9-error/.
- https://kskroyal.com/disable-phantom-process-killer-in-android-12-13/#google%5Fvignette.
- https://issuetracker.google.com/u/1/issues/205156966.
- https://github.com/agnostic-apollo/Android-Docs/blob/master/en%2Fdocs%2Fapps%2Fprocesses%2Fphantom-cached-and-empty-processes.md.
Termux Graphical Environment with VNC Server, and Fluxbox or Openbox Windows Manager or XFCE, LXQt, or MATE Desktop Environment
X11 packages are available in a separate APT repository. You can enable it by running the following command:
pkg install x11-repo
It will automatically add appropriate sources.list file and PGP key.
You can disable this repository by running the following command:
pkg uninstall x11-repo
In this section, you will learn how to set up a VNC server in Termux for graphical output.
pkg install tigervnc
Not specifying port:
vncserver -localhost
VNC server will start on unused port with the smallest positive integer number, like localhost:1
if port 1 is not used.
Specifying port:
vncserver :1
VNC server will start on the port you specified.
Specifying resolution:
vncserver :1 -geometry 1920x1080
You can specify resolution with -geometry
.
At first time, you will be prompted for setting up passwords:
You will require a password to access your desktops.
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
Note that passwords are not visible when you are typing them and maximal password length is 8 characters.
If everything is okay, you will see this message:
New 'localhost:1 ()' desktop is localhost:1
Creating default startup script /data/data/com.termux/files/home/.vnc/xstartup
Creating default config /data/data/com.termux/files/home/.vnc/config
Starting applications specified in /data/data/com.termux/files/home/.vnc/xstartup
Log file is /data/data/com.termux/files/home/.vnc/localhost:1.log
It means that the server is available on display localhost:1
.
To make programs do graphical output to the display localhost:1
, set environment variable like shown here (yes, without specifying localhost
):
export DISPLAY=":1"
You may even put this variable to your bashrc or profile so you don't have to always set it manually unless display address will be changed.
Connect to the VNC server from a VNC viewer to view the output, you will not see anything except your mouse pointer if no windows manager or desktop environment is started.
vncserver -kill localhost:1
Change the port with the actual port your VNC server started on.
pkg install fluxbox
nano ~/.vnc/xstartup
Copy below command and paste to it:
#!/data/data/com.termux/files/usr/bin/sh
## Fluxbox desktop.
# Generate menu.
fluxbox-generate_menu
# Start fluxbox.
fluxbox &
Fluxbox will start automatically on VNC server startup.
pkg install openbox pypanel xorg-xsetroot
nano ~/.vnc/xstartup
Copy below command and paste to it:
#!/data/data/com.termux/files/usr/bin/sh
# Start Openbox.
openbox-session &
Don't put any else command to the file ~/.vnc/xstartup
but only the lines shown above since Openbox has its own autostart script, which is located at ${PREFIX}/etc/xdg/openbox/autostart
.
nano ~/etc/xdg/openbox/autostart
Copy below command and paste to it:
# Make background gray.
xsetroot -solid gray
# Launch PyPanel.
pypanel &
Openbox will start automatically on VNC server startup.
pkg install xfce4
nano ~/.vnc/xstartup
Copy below command and paste to it:
#!/data/data/com.termux/files/usr/bin/sh
xfce4-session &
Don't put any other command to the file ~/.vnc/xstartup
but only the lines shown above.
XFCE will start automatically on VNC server startup.
netsurf
- Simple graphical web browser. Javascript is not supported.xfce4-terminal
- Terminal emulator for XFCE. It is not included as part of XFCE installation to allow use ofaterm
orst
.
pkg install lxqt
nano ~/.vnc/xstartup
Copy below command and paste to it:
#!/data/data/com.termux/files/usr/bin/sh
startlxqt &
Don't put any other command to the file ~/.vnc/xstartup
but only the lines shown above.
LXQt will start automatically on VNC server startup.
otter-browser
- Free and open source web browser that aims to recreate aspects of Opera 12.xqterminal
- Terminal emulator for LXQt. It is not included as part of LXQt installation to allow use ofaterm
orst
.
pkg install mate-* marco
nano ~/.vnc/xstartup
Copy below command and paste to it:
#!/data/data/com.termux/files/usr/bin/sh
mate-session &
Don't put any other command to the file ~/.vnc/xstartup
but only the lines shown above.
MATE will start automatically on VNC server startup.
netsurf
- Simple graphical web browser. Javascript is not supported.mate-terminal
- Terminal emulator for MATE. It is not included as part of MATE installation to allow use ofaterm
orst
.
Install Andronix from Google Play: https://play.google.com/store/apps/details?id=studio.com.techriz.andronix.
- Andronix is an app that lets you install Linux distributions like Ubuntu, Debian, Manjaro etc. in Termux on non-rooted Android devices with PRoot. Andronix provide paid, close-source modded OS too, which won't be mentioned in this tutorial.
- PRoot is a user-space implementation of chroot, mount --bind, and binfmt_misc. This means that users don't need any privileges or setup to do things like using an arbitrary directory as the new root file system, making files accessible somewhere else in the file system hierarchy, or executing programs built for another CPU architecture transparently through QEMU user-mode.
- chroot is an operation on Unix and Unix-like operating systems that changes the apparent root directory for the current running process and its children. A program that is run in such a modified environment cannot name (and therefore normally cannot access) files outside the designated directory tree.
- Further readings and references:
- https://en.m.wikipedia.org/wiki/Chroot.
- https://github.com/AndronixApp/AndronixOrigin.
- Open Andronix app.
- Click the Linux Distribution card.
- Click on the Linux distribution you want to install. It is recommended to get started with Ubuntu or Debian if you are overwhelmed by the options.
- Click on the user interface you want. Graphical User Interface or GUI is the visual interface that you interact with to do things in your Linux distribution. Command Line Interface or CLI is the text-based interface that you interact with to execute commands and perform tasks in your Linux distribution.
- Desktop Environment: You can choose a Desktop Environment if you would like to use your mouse as well as your keyboard, or you've little or no experience with Linux.
- Window Manager: You can choose a Window Manager if you only want to use your keyboard to manage Windows and other OS-level tasks. These are pretty light and fast, but do require some skill before getting productive.
- CLI Only: If you don't want a Graphical User-interface, you can go ahead with the Command Line Interface. You'll have a terminal, which is enough if you know what you're doing in your session.
- Andronix will automatically copy the command to your clipboard.
- Paste and run in Termux.
- Open Andronix app.
- Click the Linux Distribution card.
- Long press on the Linux distribution you want to uninstall.
- SelectUninstall.
- Andronix will automatically copy the command to your clipboard.
- Paste and run in Termux (Not inside Linux).
Run the following command in Termux (Not inside Linux):
pkg install wget && wget https://andronixos.sfo2.cdn.digitaloceanspaces.com/OS-Files/setup-audio.sh && chmod +x setup-audio.sh && ./setup-audio.sh
pulseaudio --start
pkg update -y && pkg install wget curl proot tar -y && wget https://raw.githubusercontent.com/AndronixApp/AndronixOrigin/master/Installer/Debian/debian-xfce.sh -O debian-xfce.sh && chmod +x debian-xfce.sh && bash debian-xfce.sh
The file directory of the Debian OS will be debian-fs
. You can read, write, and execute files in it both in Termux or in the Debian OS.
./start-debian.sh
- Run
vncserver-start
in the OS to start the VNC server (default on port 1). - Get a VNC viewer.
- Add a new connection with address
localhost:1
. - View GUI of the OS from VNC viewer.
- Run
vncserver-start
in the OS to kill all VNC servers.
pkg update -y && pkg install wget curl proot tar -y && wget https://raw.githubusercontent.com/AndronixApp/AndronixOrigin/master/Installer/Debian/debian.sh -O debian.sh && chmod +x debian.sh && bash debian.sh
The file directory of the Debian OS will be debian-fs
. You can read, write, and execute files in it both in Termux or in the Debian OS.
./start-debian.sh
wget https://raw.githubusercontent.com/AndronixApp/AndronixOrigin/master/Uninstall/Debian/UNI-debian.sh && chmod +x UNI-debian.sh && bash UNI-debian.sh
QEMU System Emulation with Termux: Full System Emulation of Multiple CPU Architectures and Operating Systems with ISO Image Method or QCOW2 Cloud Image
Run the following command in Termux:
pkg install qemu-system-x86_64 qemu-utils qemu-common openssl
This method is more customizable but may encounter some issues like GRUB menu not showing on CLI or stuck at 79% or 83% of the installation of the base system. Use qcow2 cloud image method if you don't prepare to solve these problems. This tutorial assumes no such problems are encounter.
It is recommended to get started with Ubuntu or Debian if you are overwhelmed by the options.
Prepare the ISO image. Here takes Debian AMD64 for example. Change the URL to the download link of the ISO image you want or cp
or mv
the ISO image you want to the directory you want.
wget https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-12.7.0-amd64-netinst.iso
qemu-img create -f qcow2 debian_amd64.qcow2 20G
Change the debian_amd64.qcow2
to the file name you want. 20G
indicates 20GB disk image. You can adjust the size as needed.
nano install-qemu.sh
Copy below command and paste to it:
qemu-system-x86_64 -machine q35
-drive if=pflash,format=raw,read-only=on,file=$PREFIX/share/qemu/edk2-x86_64-code.fd
-m 2G
-accel tcg,thread=multi
-smp sockets=1,cores=4,threads=1
-cpu qemu64
-vga std
-netdev user,id=n1,hostfwd=tcp::2222-:22 -device virtio-net,netdev=n1
-device intel-hda
-device qemu-xhci
-boot d
-boot menu=on
-drive file=debian_amd64.qcow2
-nographic
-serial mon:stdio
-display none
-cdrom ~/debian-12.7.0-amd64-DVD-1.iso
Adjust hostfwd
as needed. In the above command, tcp
specifies the TCP protocol for the forwarding rule, ::2222
indicates that on the host machine, TCP connections to port 2222 will be forwarded, and -:22
indicates that these connections will be forwarded to port 22 (the default SSH port) on the guest virtual machine. Change the debian_amd64.qcow2
to the real file name. Change the debian-12.7.0-amd64-netinst.iso
to the real ISO path. 20G
indicates 20GB disk image. You can adjust the size as needed.
Make it executable:
chmod +x install-qemu.sh
Run it:
./install-qemu.sh
Follow the screen guide to install.
nano install-qemu.sh
Copy below command and paste to it:
qemu-system-x86_64 -machine q35
-drive if=pflash,format=raw,read-only=on,file=$PREFIX/share/qemu/edk2-x86_64-code.fd
-m 2G
-accel tcg,thread=multi
-smp sockets=1,cores=4,threads=1
-cpu qemu64
-vga std
-netdev user,id=n1,hostfwd=tcp::2222-:22 -device virtio-net,netdev=n1
-device intel-hda
-device usb-tablet
-boot menu=on
-drive file=debian_amd64.qcow2
--vnc :0
-cdrom ~/debian-12.7.0-amd64-netinst.iso
Adjust hostfwd
as needed. Change the debian_amd64.qcow2
to the real file name. Change the debian-12.7.0-amd64-netinst.iso
to the real ISO path. 20G
indicates 20GB disk image. You can adjust the size as needed. Change the numerical value after --vnc :
to the port you want to use.
Make it executable:
chmod +x install-qemu.sh
Run it:
./install-qemu.sh
Connect to the VNC server from a VNC viewer and follow the screen guide on the VNC viewer to install.
nano qemu-cli.sh
Copy below command and paste to it:
qemu-system-x86_64 -machine q35
-drive if=pflash,format=raw,read-only=on,file=$PREFIX/share/qemu/edk2-x86_64-code.fd
-m 2G
-accel tcg,thread=multi
-smp sockets=1,cores=4,threads=1
-cpu qemu64
-vga std
-netdev user,id=n1,hostfwd=tcp::2222-:22 -device virtio-net,netdev=n1
-device intel-hda
-device usb-tablet
-boot menu=on
-drive file=debian_amd64.qcow2
-serial mon:stdio
-display none
Adjust hostfwd
as needed. Change the debian_amd64.qcow2
to the real file name. 20G
indicates 20GB disk image. You can adjust the size as needed.
Make it executable:
chmod +x qemu-cli.sh
Run it to boot the VM with CLI:
./qemu-cli.sh
nano qemu-gui.sh
Copy below command and paste to it:
qemu-system-x86_64 -machine q35
-drive if=pflash,format=raw,read-only=on,file=$PREFIX/share/qemu/edk2-x86_64-code.fd
-m 2G
-accel tcg,thread=multi
-smp sockets=1,cores=4,threads=1
-cpu qemu64
-vga std
-netdev user,id=n1,hostfwd=tcp::2222-:22 -device virtio-net,netdev=n1
-device intel-hda
-device usb-tablet
-boot menu=on
-drive file=debian_amd64.qcow2
--vnc :0
Adjust hostfwd
as needed. Change the debian_amd64.qcow2
to the real file name. 20G
indicates 20GB disk image. You can adjust the size as needed. Change the numerical value after --vnc :
to the port you want to use.
Make it executable:
chmod +x qemu-cli.sh
Run it to boot the VM with GUI:
./qemu-gui.sh
Connect to the VNC server from a VNC viewer.
This method is more easy but less customizable.
It is recommended to get started with Ubuntu or Debian if you are overwhelmed by the options.
Prepare the qcow2 image. Here takes Debian AMD64 qcow2 cloud image for example. Change the URL to the download link of the qcow2 image you want or cp
or mv
the qcow2 image you want to the directory you want.
wget https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-nocloud-amd64.qcow2
nano qemu-cli.sh
Copy below command and paste to it:
qemu-system-x86_64 -m 2G
-drive file=debian-12-nocloud-amd64.qcow2,format=qcow2
-nographic
-serial mon:stdio
-display none
-netdev user,id=net0,hostfwd=tcp::2222-:22
-device e1000,netdev=net0
Change the debian-12-nocloud-amd64.qcow2
to the real file name. 20G
indicates 20GB disk image. You can adjust the size as needed. Adjust hostfwd
as needed.
Make it executable:
chmod +x qemu-cli.sh
Run it to boot the VM with CLI:
./qemu-cli.sh
nano qemu-gui.sh
Copy below command and paste to it:
qemu-system-x86_64 -m 2G
-drive file=debian-12-nocloud-amd64.qcow2,format=qcow2
-vnc :0
-netdev user,id=net0,hostfwd=tcp::2222-:22
-device e1000,netdev=net0
Change debian-12-nocloud-amd64.qcow2
to the real file name. 20G
indicates 20GB disk image. You can adjust the size as needed. Change the numerical value after --vnc :
to the port you want to use. Adjust hostfwd
as needed.
Make it executable:
chmod +x qemu-cli.sh
Run it to boot the VM with GUI:
./qemu-gui.sh
Connect to the VNC server from a VNC viewer.
You can install a window manager such as Fluxbox or Openbox, or desktop environment such as XFCE, LXQt, or MATE for your GUI.
When you see something similar to the below in the VM:
Debian GNU/Linux 12 localhost ttyS0
localhost login:
In the first time, type root
and you will be logged in without a password.
You can set password latter by:
passwd
The password should be at least 4 letters long.
If you don't want to set a password, just type root
and you will be logged in without a password every time.
In Termux (outside VM), run:
qemu-img resize debian-12-nocloud-amd64.qcow2 +30G
Change debian-12-nocloud-amd64.qcow2
to the real file name. +30G
indicates increasing 30GB disk image. You can adjust the size as needed.
Inside VM, run:
sudo apt update
sudo apt install parted e2fsprogs
sudo parted /dev/sda
print
fix
resizepart 1 100%
quit
sudo resize2fs /dev/sda1
In Termux (outside VM), run:
qemu-img info debian-12-nocloud-amd64.qcow2
Change debian-12-nocloud-amd64.qcow2
to the real file name.
Inside VM, run:
df -h
and for partition, run:
lsblk
You can start a SSH server in QEMU VM and start a client in another Termux session with openssh
.
- https://ivonblog.com/posts/termux-qemu-system-linux/
- https://www.qemu.org/docs/master/index.html
- https://www.debian.org/distrib/index.en.html
- https://chatgpt.com/
- https://www.reddit.com/r/debian/s/s871vXlGRI
You can install AVNC from F-Droid: https://f-droid.org/packages/com.gaurav.avnc/.
- Tap the + sign in the lower right corner,
- Input Name (arbitrary name), Host address (
localhost
for localhost), and Port, input Username and Password if needed, adjust ADVANCED options if needed, and then tap SAVE. - Tap the Server name to connect.
- If you encounter incorrect mouse display or recieving, going to Settings => Input => Mouse and toggling on Hide local pointer may help.
- Gesture styles: Automatic, Touchscreen (Do actions at touch-point), or Touchpad mode (Do actions at pointer).
- Material Design: Dark theme and light theme.
- Configurable gestures: Configure the meaning of each gesture.
- Tight encoding.
- Virtual Keys: Go to Settings => Input => Virtual keys => Customize keys to customize Virtual Key layout.
- Picture-in-Picture mode.
- View-only mode.
- Zeroconf Server Discovery.
- TLS support: AnonTLS and VeNCrypt.
- SSH tunnel: VNC over SSH.
- Import/Export servers.
- VNC Repeater support.
- Clipboard Sync with server.
- Pause update in background.
- Automatic reconnection.
- Automatically find supported servers.
Shizuku, SystemUI Tuner, and aShell: Use Local ADB of Android Device on Terminals Such as Termux without Another Device with Shizuku, Leave Developer Options off When Doing So with SystemUI Tuner, and Use ADB with Features like Autocomplete Suggestion with aShell
- Install Shizuku from Google Play: https://play.google.com/store/apps/details?id=moe.shizuku.privileged.api.
- Official tutorial of Shizuku: https://shizuku.rikka.app/guide/setup/?night=1
- Shizuku is An open-source app for serving multiple apps that require root/adb.
- The Android Debug Bridge (commonly abbreviated as adb) is a programming tool used for the debugging of Android-based devices. The daemon on the Android device connects with the server on the host PC over USB or TCP, which connects to the client that is used by the end-user over TCP. Made available as open-source software under the Apache License by Google since 2007, its features include a shell and the possibility to make backups. The adb software is available for Windows, Linux and macOS. It has been misused by botnets and other malware, for which mitigations were developed such as RSA authentication and device whitelisting.
- Further readings and references:
- https://developer.android.com/tools/adb.
- https://android.googlesource.com/platform/packages/modules/adb/.
- Grant Shizuku notification permission.
- Tap Pairing in Start via Wireless debugging block in Shizuku.
- Connect to a WiFi you trust. You don't need to log in to the WiFi if the WiFi needs that. You just need to let your phone think that you're connected to WiFi.
- In phone's Settings or something similar, go to About Phone > Software Information or something similar, and tap the Version Number seven times to enable Developer Options. Some phones may have different methods to enable Developer Options.
- In the Developer Options, enable Wireless ADB and tap Pair with a pairing code.
- Input the pairing code in the notification of Shizuku.
- In the Developer Options, togle on Disable adb authorization timeout if you don't want to do all the above again every few times using Shizuku. If the connection is disconnected due to whatever reason, follow Reconnect Shizuku in Case it Stops with SystemUI Tuner to reconnect if you're using SystemUI Tuner, or follow above guide again to reconnect if not.
- Back to Shizuku and tap Start in Start via Wireless debugging block. You all see Shizuku is running on the top of the interface of Shizuku.
- Tap Use Shizuku in terminal applications in Shizuku and export files
rish
andrish_shizuku.dex
to somewhere on your phone. - Use a text editor to replace
PKG
inrish
with the package name of your terminal application. Take Termux for example, Termux's package name iscom.termux
. Runtermux-setup-storage
and tap Allow to grant Termux storage permission if you want to use it to run ADB commands (and many other commands). - Open your terminal application and move the exported files to somewhere it can access with
mv old_location new_location
. The root directory of the main storage of Android is usually/storage/emulated/0
. The home directory of Termux is/data/data/com.termux/home
, which is abbreviated as~
in Termux. - Go to the directory you moved the exported files to with
cd directory
(assumed~/shizuku
below) and runsh rish
. - Where used to be
~ $
should becomee2q:/ $
or something similar ifsh rish
succeeded. Write ADB commands here. Note that there is no need to useadb
oradb shell
prefixes before commands and thatdevices
command gets/system/bin/sh: devices: inaccessible or not found
. - You can turn WiFi off after ADB is connected. The notification of Shizuku may say Paring failed after that, but you can check Shizuku app to check whether there's a block read Shizuku is running on the top.
- Optionally, create a
.sh
file (nano ~/shizuku.sh
for example), paste the following code block, save it, and make it executable withchmod +x shizuku.sh
so that you can run this shortcut to start Shizuku on your terminal afterward.#!/data/data/com.termux/files/usr/bin/bash cd shizuku sh rish
- Note: It is recommended to use Termux's F-Droid version and avoid using Google Play version because the latter is depreciated. F-Droid: https://f-droid.org/packages/com.termux/.
Install SystemUI Tuner (pub: Zachary Wander) from Google Play: https://play.google.com/store/apps/details?id=com.zacharee1.systemuituner.
Some financial apps may require Developer Options to be off when using them. This section is the tutorial about how to turn Developer Options off while still using Shizuku ADB Shell.
- Follow the screen instructions of SystemUI Tuner.
- Run
adb shell
commandpm grant com.zacharee1.systemuituner android.permission.WRITE_SECURE_SETTINGS
(you can do it with Shizuku and a terminal such as Termux or aShell). - Connect to a WiFi. You don't need to log in or have real WiFi access, just make your phone believes you are connected to WiFi.
- Turn off Developer Options if it's on. The toggle switch is usually on the top of Developer Options.
- In SystemUI Tuner, go to Developer and turn on Enable ADB and Enable Wireless ADB.
- Go to Persistent Options and select Enable ADB.
- Press Start on Shizuku.
- Turn off WiFi. Enable Wireless ADB will be turned off automatically by system settings. You can check that in SystemUI Tuner.
- Connect to a WiFi. You don't need to log in or have real WiFi access, just make your phone believes you are connected to WiFi.
- Turn off Developer Options if it's on. The toggle switch is usually on the top of Developer Options.
- In SystemUI Tuner, go to Developer and turn on Enable Wireless ADB.
- Press Start on Shizuku.
- Turn off WiFi. Enable Wireless ADB will be turned off automatically by system settings. You can check that in SystemUI Tuner.
SystemUI Tuner exposes some hidden options in Android. You can set them, add them to Persistent Options to keep them on, etc. Different manufacturers may remove or change these options, which SystemUI Tuner CANNOT work around.
You may need to run the following adb shell
command (you can do it with Shizuku and a terminal such as Termux or aShell) in order to change the settings:
pm grant com.zacharee1.systemuituner android.permission.WRITE_SECURE_SETTINGS
pm grant com.zacharee1.systemuituner android.permission.PACKAGE_USAGE_STATS
pm grant com.zacharee1.systemuituner android.permission.DUMP
- aShell has features like autocomplete suggestions and optional log.
- Download and Install aShell from F-droid. F-droid: https://f-droid.org/packages/in.sunilpaulmathew.ashell/.
- Give aShell the permission
moe.shizuku.manager.permission.API_V23
. - Connect Shizuku to local ADB according to above guide.
- Use aShell.
TrackerControl and InviZible Pro: Route Traffic through Tor, Block DNS over UDP, Set DNS Server, and Block Trackers
- Download and install InviZible Pro from F-Droid or Google Play. F-Droid: https://f-droid.org/packages/pan.alexander.tordnscrypt.stable/. Google Play: https://play.google.com/store/apps/details?id=pan.alexander.tordnscrypt.gp.
- Download and install TrackerControl (also known as TC) from F-Droid. F-Droid: https://f-droid.org/packages/net.kollnig.missioncontrol.fdroid/.
- Note: Avoid use the Google Play version because it doesn't have the feature like trackers blocking in order to comply with Google's terms.
- Block unwanted trackers in the main interface of the apps.
- Note: TrackerControl categorizes trackers by port, corporation, category, etc. You can easily block and allow connections. You may have to try several time to figure out what trackers to allow in order to prevent apps from crashing in few cases.
- Turn on TrackerControl as the VPN service of the entire device.
- Blocking trackers can be used independently or with Prxoy mode of InviZible Pro.
- Turn on TrackerControl as the VPN service of the entire device.
- Disable monitoring of InviZible Pro (
pan.alexander.tordnscrypt.stable
) within TrackerControl. - Go to the Advanced options in Settings.
- Turn on Block Trackers on UDP.
- Set the SOCKS5 address to
127.0.0.1
. - Set the SOCKS port to the port you've configured Tor to use in InviZible Pro (
9050
by default). - Enable the Use SOCKS5 proxy option.
- Go to Port forwarding.
- Add
UDP 53>/127.0.0.1:
the port you configure DNSCrypt to listen to in DNSCrypt Settings in InviZible Pro (5354
by default)nobody
. - Add
TCP 53>/127.0.0.1:
the port you configure DNSCrypt to listen to in DNSCrypt Settings in InviZible Pro (5354
by default)nobody
. - Set first (above) VPN DNS as
9.9.9.9
. - Set second (below) VPN DNS as
149.112.112.112
. - Set where to validate the internet connection in Validate at if you want,
www.f-droid.org
for example. - Set other things if you want.
- Block unwanted trackers.
- Note: If you export settings and import it on another device, the blocklist won't be able to be configured as that in the previous device. You can apply some of the above settings with the
.xml
below (assuming the configuration of Invizible Pro is as in this guide) by coping it, storing it in a.xml
file and going to Settings > Backup > Import settings to import this file. However, it just contains some of the settings, you have to configure others yourself and test whether your applications work as normal because things may vary from case to case.
<?xml version='1.0' encoding='UTF-8' standalone='yes' ?>
<trackercontrol>
<application>
<setting key="dns2" type="string" value="149.112.112.112" />
<setting key="filter_udp" type="boolean" value="true" />
<setting key="domain_based_blocking" type="boolean" value="true" />
<setting key="dark_theme" type="boolean" value="true" />
<setting key="dns" type="string" value="9.9.9.9" />
<setting key="hosts_url_new" type="string" value="https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" />
<setting key="wifi_homes" type="set" value="" />
<setting key="traffic_blocked" type="boolean" value="true" />
<setting key="hosts_url" type="string" value="https://www.netguard.me/hosts" />
<setting key="socks5_addr" type="string" value="127.0.0.1" />
<setting key="socks5_port" type="string" value="9050" />
<setting key="proto_tcp" type="boolean" value="true" />
<setting key="manage_system" type="boolean" value="true" />
<setting key="validate" type="string" value="www.f-droid.org" />
<setting key="update_check" type="boolean" value="true" />
<setting key="socks5_enabled" type="boolean" value="true" />
<setting key="filter" type="boolean" value="true" />
</application>
<apply>
<setting key="com.termux" type="boolean" value="false" />
<setting key="pan.alexander.tordnscrypt.stable" type="boolean" value="false" />
</apply>
<forward>
<port pkg="nobody" protocol="17" dport="53" raddr="127.0.0.1" rport="5354" />
<port pkg="nobody" protocol="6" dport="53" raddr="127.0.0.1" rport="5354" />
</forward>
</trackercontrol>
- Note: TrackerControl has a Traffic log feature for free, which can help a lot in identifying which trackers should be unblocked when the services crash.
- Note: The above guide, including the setting
.xml
, can be used in NetGuard as well because TrackerControl uses NetGuard's code. However, Traffic log feature is not available in NetGuard's free version but only available in TrackerControl and NetGuard's Pro version. NetGuard is available on Google Play and F-Droid. Google Play: https://play.google.com/store/apps/details?id=eu.faircode.netguard. F-Droid: https://f-droid.org/packages/eu.faircode.netguard/. - Note: You may have to disable monitoring of apps route traffic through Tor itself within TrackerControl, like Tor Browser, and Termux if you're using
tor
,torsocks
, or similar things.
- Change to Proxy mode by tapping the 3-point button in the upper right corner.
- Go to Fast settings.
- Turn on Autostart DNSCrypt and Autostart Tor if you want.
- Set Delay, DNSCrypr servers, bridges, whether to spoof SNI, etc. if needed.
- Go to Common Settings and turn on Prevent device sleep if needed.
- Go to DNSCrypt Settings
- Go to Listen port and set it to the port TrackerControl forwarding UDP and TCP of port
53
to (5354
by default). - Set requirements if you want.
- Turn on Force TCP.
- Turn on Outbound proxy in SOCKS proxy section.
- Set Proxy port as the port you want to configure Tor to use in InviZible Pro (
9050
by default). - Ensure the Forwarding rules is coordinate with the DNS port in Tor settings (
onion 127.0.0.1:5400
by default). - Turn on Query logging and Suspicious logging if you want.
- Go to Tor settings.
- Set Nodes, Proxy, etc. if you want. Make sure the SOCKS port is coordinated with the SOCKS proxy in TrackerControl and the DNS port is coordinated with the Forwarding rules in DNSCrypt Settings (
onion 127.0.0.1:5400
by default). - Set other things if you want. You can apply some of the above settings with the files below (assuming the configuration of TrackerControl is as in this guide). However, they just contain some of the settings, you have to configure others yourself and test whether your applications work as normal because things may vary from case to case.
dns-proxy.toml
: Copy the text in the below block, tapEdit dns-proxy.toml
in DNSCrypt Settings, and paste.
ipv4_servers = true
ipv6_servers = true
require_dnssec = true
require_nolog = false
require_nofilter = false
block_ipv6 = false
force_tcp = true
server_names = ['adguard-dns', 'adguard-dns-ipv6', 'ahadns-doh-la', 'brahma-world-ipv6', 'dnsforge.de', 'mullvad-base-doh', 'sfw.scaleway-fr']
disabled_server_names = []
listen_addresses = ['127.0.0.1:5354', '[::1]:5354']
max_clients = 250
#user_name = '0'
dnscrypt_servers = true
doh_servers = true
odoh_servers = true
timeout = 5000
keepalive = 30
netprobe_timeout = -1
log_level = 2
log_file = '/data/user/0/pan.alexander.tordnscrypt.stable/logs/DnsCrypt.log'
use_syslog = false
cert_refresh_delay = 240
dnscrypt_ephemeral_keys = false
tls_disable_session_tickets = false
bootstrap_resolvers = ['9.9.9.9:53', '[2620:fe::fe]:53']
netprobe_address = '9.9.9.9:53'
block_unqualified = true
block_undelegated = true
reject_ttl = 10
ignore_system_dns = false
http3 = true
log_files_max_size = 1
log_files_max_age = 7
log_files_max_backups = 1
cache = true
cache_size = 4096
cache_min_ttl = 2400
cache_max_ttl = 86400
cache_neg_ttl = 60
cache_neg_max_ttl = 600
forwarding_rules = 'forwarding-rules.txt'
cloaking_rules = 'cloaking-rules.txt'
proxy = 'socks5://127.0.0.1:9050'
[captive_portals]
map_file = 'captive-portals.txt'
[dns64]
#prefix = ['64:ff9b::/96']
[local_doh]
#listen_addresses = ['127.0.0.1:3000']
#path = '/dns-query'
#cert_file = 'localhost.pem'
#cert_key_file = 'localhost.pem'
[query_log]
format = 'tsv'
file = '/data/user/0/pan.alexander.tordnscrypt.stable/cache/query.log'
ignored_qtypes = ['DNSKEY', 'NS']
[nx_log]
format = 'tsv'
file = '/data/user/0/pan.alexander.tordnscrypt.stable/cache/nx.log'
[blocked_names]
blocked_names_file = 'blacklist.txt'
[blocked_ips]
blocked_ips_file = 'ip-blacklist.txt'
[allowed_names]
allowed_names_file = 'whitelist.txt'
[sources]
[sources.'public-resolvers']
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md', 'https://ipv6.download.dnscrypt.info/resolvers-list/v3/public-resolvers.md']
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
cache_file = 'public-resolvers.md'
refresh_delay = 72
prefix = ''
[sources.'relays']
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/relays.md', 'https://download.dnscrypt.info/resolvers-list/v3/relays.md', 'https://ipv6.download.dnscrypt.info/resolvers-list/v3/relays.md']
cache_file = 'relays.md'
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
refresh_delay = 72
prefix = ''
[sources.'odoh-servers']
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/odoh-servers.md', 'https://download.dnscrypt.info/resolvers-list/v3/odoh-servers.md', 'https://ipv6.download.dnscrypt.info/resolvers-list/v3/odoh-servers.md']
cache_file = 'odoh-servers.md'
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
refresh_delay = 72
prefix = ''
[sources.'odoh-relays']
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/odoh-relays.md', 'https://download.dnscrypt.info/resolvers-list/v3/odoh-relays.md', 'https://ipv6.download.dnscrypt.info/resolvers-list/v3/odoh-relays.md']
cache_file = 'odoh-relays.md'
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
refresh_delay = 72
prefix = ''
[broken_implementations]
fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familyshield-ipv6', 'cleanbrowsing-adult', 'cleanbrowsing-adult-ipv6', 'cleanbrowsing-family', 'cleanbrowsing-family-ipv6', 'cleanbrowsing-security', 'cleanbrowsing-security-ipv6']
[anonymized_dns]
skip_incompatible = false
routes = [
{ server_name = 'adguard-dns', via=['anon-kama', 'anon-scaleway', 'anon-tiarap'] },
{ server_name = 'sfw.scaleway-fr', via=['anon-kama', 'anon-serbica', 'anon-tiarap'] },
{ server_name = 'adguard-dns-ipv6', via=['anon-ams-ipv6', 'anon-scaleway-ams-ipv6', 'anon-tiarap-ipv6'] }
]
[static]
tor.conf
: Copy the text in the below block, tap Edit tor.conf
in Tor Settings, and paste.
RunAsDaemon 0
AvoidDiskWrites 1
AutomapHostsOnResolve 1
AutomapHostsSuffixes .exit, .onion
#ExcludeExitNodes
TransPort 9040
DNSPort 127.0.0.1:5400
DNSPort [::1]:5400
SOCKSPort 127.0.0.1:9050
SOCKSPort [::1]:9050
HardwareAccel 1
Schedulers Vanilla
#Socks5Proxy 127.0.0.1:1080
ClientOnly 1
ExitPolicy reject *:*
ExitPolicy reject6 *:*
GeoIPFile /data/user/0/pan.alexander.tordnscrypt.stable/app_data/tor/geoip
GeoIPv6File /data/user/0/pan.alexander.tordnscrypt.stable/app_data/tor/geoip6
DataDirectory /data/user/0/pan.alexander.tordnscrypt.stable/tor_data
VirtualAddrNetworkIPv4 10.192.0.0/10
VirtualAddrNetworkIPv6 [FC00::]/8
Log notice file /data/user/0/pan.alexander.tordnscrypt.stable/logs/Tor.log
ConnectionPadding 1
ReducedConnectionPadding 1
#ExcludeNodes
ExitNodes {AU},{AT},{GB},{US},{DE},{SE},{CH},{LU},{NL},{NZ},{CA},{JP},{TW},{KR},{BE},{KY},{DK},{FI},{GL},{GR},{IS},{HU},{IE},{IT},{ES},{PT},{PL},{HR},{EE},{LV},{NO},{PH},{SG},{FR}
#EntryNodes
StrictNodes 0
#ReachableAddresses *:80,*:443
NewCircuitPeriod 30
MaxCircuitDirtiness 600
EnforceDistinctSubnets 1
HTTPTunnelPort 8118
DormantCanceledByStartup 1
DormantClientTimeout 15 minutes
CircuitsAvailableTimeout 86400
ClientUseIPv4 1
ClientUseIPv6 1
UseBridges 0
- Turn both Tor and DNSCrypt of InviZible Pro on.
- Note: Some services may crash when routing traffic through
tor
(set in Using SOCKS5 proxy in TrackerControl), change the Exit nodes to the service's country or region of publication in InviZible Pro may help. Otherwise, you may try disabling monitoring that app or stopping Using SOCKS5 proxy in TrackerControl, which compromise your privacy to some degree.
If you want to use Tor but not DNSCrypr of InviZible Pro with TrackerControl, do below modification on configuration of both DNSCrypt and Tor above:
- Go to Port forwarding in TrackerControl
* Delete all forwardings to port5354
.
* AddUDP 53>/127.0.0.1:
the port you configure Resolve DNS to listen to in Tor Settings in InviZible Pro (5400
by default)nobody
.
* AddTCP 53>/127.0.0.1:
the port you configure Resolve DNS to listen to in Tor Settings in InviZible Pro (5400
by default)nobody
. - Delete (set to empty) both VPN DNS in TrackerControl.
- Turn on Tor but not DNSCrypt in InviZible Pro.
If you want to use DNSCrypr But not Tor of InviZible Pro with TrackerControl, do below modification on configuration of both DNSCrypt and Tor above:
- Turn off Use SOCKS5 proxy in TrackerControl.
- Turn off Outbound prxoy in DNSCrypt Settings in InviZible Pro.
- Turn on DNSCrypt but not Tor in InviZible Pro.
- Go to https://check.torproject.org/ to check if your Tor route succeeded. If yes, you will see "Congratulations. This browser is configured to use Tor." (assume the page's language is set to English).
- Go to https://whatismyipaddress.com (not open source), https://ipcheck.ing/, or other IP checking websites to see wether it's your device's IP. If not, your Tor route is successful.
- Go to https://www.dnsleaktest.com (not open source), https://ipcheck.ing/, or other DNS leak testing websites to check if there is a DNS leak. You will see the DNS servers you set in DNSCrypt Settings in InviZible Pro instead of your ISP's servers if there's no DNS leak.
- Change to VPN mode by tap the 3-point button in the upper right corner.
You can install Tor Browser from Google Play: https://play.google.com/store/apps/details?id=org.torproject.torbrowser.
Tor is a free overlay network for enabling anonymous communication. Built on free and open-source software and more than seven thousand volunteer-operated relays worldwide, users can have their Internet traffic routed via a random path through the network.
Using Tor makes it more difficult to trace a user's Internet activity by preventing any single point on the Internet (other than the user's device) from being able to view both where traffic originated from and where it is ultimately going to at the same time. This conceals a user's location and usage from anyone performing network surveillance or traffic analysis from any such point, protecting the user's freedom and ability to communicate confidentially.
Key Features of Tor:
- Anonymity: Tor allows users to browse the internet anonymously by routing their internet traffic through a network of volunteer-operated servers called nodes or relays. Each relay only knows the IP address of the previous and next node, making it difficult to trace the origin of the traffic.
- Onion Routing: The name "Onion Router" comes from the way data is encrypted in layers, similar to the layers of an onion. When data is sent through the Tor network, it is encrypted multiple times, and each node decrypts a layer before passing it on to the next, protecting user privacy.
- Access to .onion Sites: Tor allows users to access hidden services with .onion domain names, which are not reachable through standard web browsers. These sites often provide additional privacy and anonymity.
- Bypass Censorship: Tor can help users bypass censorship and access restricted content by routing traffic through nodes in different countries.
- Privacy Tools: The Tor Browser, based on Mozilla Firefox, comes preconfigured with privacy enhancements, making it easier for users to maintain anonymity while browsing.
The Tor Browser for Android is a mobile version of the Tor Browser that utilizes Mozilla Firefox for Android codebase.
NoScript (or NoScript Security Suite) is a free and open-source extension for Firefox- and Chromium-based web browsers, written and maintained by Giorgio Maone, a software developer and member of the Mozilla Security Group.
By default, NoScript blocks active (executable) web content, which can be wholly or partially unblocked by allowlisting a site or domain from the extension's toolbar menu or by clicking a placeholder icon.
It is recommended to enable NoScript for all Tor sites unless you fully trust it.
OpenSSL: Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Protocols and Cryptography Library Implementation
OpenSSL is an open-source library that provides a comprehensive suite of cryptographic tools for securing communications over computer networks. It implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols and includes a general-purpose cryptographic library that supports a variety of encryption algorithms, hashing functions, digital signatures, key generation, certificate management, and secure random number generation.
pkg install openssl openssl-tool
sudo apt install openssl libssl-dev
RSA is a widely used asymmetric encryption algorithm that underpins many security protocols. Its strength lies in the difficulty of factoring large prime numbers. The algorithm involves key generation, encryption, and decryption processes utilizing a pair of keys: a public key, shared openly, and a private key, kept secret.
- Mathematical Foundation and Key Generation:
The algorithm begins by selecting two large prime numbers, \( p \) and \( q \). These are multiplied to produce \( n = p \times q \), the modulus for both keys. The totient function \( \phi(n) = (p-1)(q-1) \) is computed. A public exponent \( e \), typically 65537, is chosen, which is coprime to \( \phi(n) \). The public key is \( (n, e) \). The private exponent \( d \) is calculated such that \( d \cdot e \equiv 1 \mod \phi(n) \), making \( (n, d) \) the private key. RSA's security relies on the ease of multiplying primes and the difficulty of factoring their product. - Public Encryption and Private Decryption (Communication):
After generating the keys, RSA can be used for secure communication. To encrypt a message \( m \), the sender uses the recipient's public key \( (n, e) \) with the formula \( c \equiv m^e \mod n \), where \( c \) is the ciphertext. Only the intended recipient, with the private key \( (n, d) \), can decrypt it using \( m \equiv c^d \mod n \). - Private Encryption and Public Decryption (Signature):
RSA can also create digital signatures for authenticity and non-repudiation. The sender encrypts a hash \( h \) of the message with their private key \( (n, d) \): \( s \equiv h^d \mod n \). This signature \( s \) accompanies the original message \( m \). The recipient verifies the signature by decrypting it with the sender's public key \( (n, e) \): \( h' \equiv s^e \mod n \). If \( h' \) matches the hash of the received message \( m \), it confirms the message's authenticity. - Applications:
RSA is employed in various applications that require secure communication and data integrity:
- Secure Web Communications (HTTPS): RSA is commonly used in SSL/TLS protocols to establish secure connections between web browsers and servers.
- Email Encryption: Services like PGP (Pretty Good Privacy) use RSA for encrypting emails, ensuring only intended recipients can read them.
- Digital Signatures: RSA is used to sign software and documents, verifying the identity of the sender and ensuring the content hasn't been altered.
- Secure Key Exchange: RSA can facilitate the secure exchange of symmetric keys for faster encryption methods, allowing secure communication without the need for shared secrets.
openssl genrsa -out /path/privatekeyfilename.pem 2048
2048
means 2048 iterations, change the number as needed.
openssl rsa -pubout -in /path/privatekeyfilename.pem -out /path/publickeyfilename.pem
openssl pkeyutl -in /path/filename.txt -out /path/publickeyencryptedfilename.txt -inkey /path/publickeyfilename.pem -pubin -encrypt
openssl pkeyutl -in /path/publickeyencryptedfilename.txt -out /path/filename.txt -inkey /path/privatekeyfilename.pem -decrypt
openssl pkeyutl -in /path/filename.txt -out /path/privatekeyencryptedfilename.txt -inkey /path/privatekeyfilename.pem -encrypt
openssl pkeyutl -in /path/privatekeyencryptedfilename.txt -out /path/filename.txt -inkey /path/publickeyfilename.pem -pubin -decrypt
openssl pkeyutl -in filename.txt -rawin -out signed_filename.txt -inkey keyfile/privatekeyfile.pem -sign
openssl pkeyutl -in hexfilename.txt -out signed_filename.txt -inkey keyfile/privatekeyfile.pem -sign
openssl pkeyutl -in filename.txt -rawin -out verification.txt -sigfile signed_filename.txt -inkey keyfile/publickeyfile.pem -pubin -verify
openssl pkeyutl -in hexfilename.txt -rawin -out verification.txt -sigfile signed_filename.txt -inkey keyfile/publickeyfile.pem -pubin -verify
openssl pkeyutl [-help] [-in file] [-rawin] [-digest algorithm] [-out file] [-sigfile file] [-inkey filename|uri] [-keyform DER|PEM|P12|ENGINE] [-passin arg] [-peerkey file] [-peerform DER|PEM|P12|ENGINE] [-pubin] [-certin] [-rev] [-sign] [-verify] [-verifyrecover] [-encrypt] [-decrypt] [-derive] [-kdf algorithm] [-kdflen length] [-pkeyopt opt:value] [-pkeyopt_passin opt[:passarg]] [-hexdump] [-asn1parse] [-engine id] [-engine_impl] [-rand files] [-writerand file] [-provider name] [-provider-path path] [-propquery propq] [-config configfile]
DESCRIPTION: This command can be used to perform low-level public key operations using any supported algorithm.
OPTIONS:
- -help: Print out a usage message.
- -in filename: This specifies the input filename to read data from or standard input if this option is not specified.
- -rawin: This indicates that the input data is raw data, which is not hashed by any message digest algorithm. The user can specify a digest algorithm by using the -digest option. This option can only be used with -sign and -verify and must be used with the Ed25519 and Ed448 algorithms.
- -digest algorithm: This specifies the digest algorithm which is used to hash the input data before signing or verifying it with the input key. This option could be omitted if the signature algorithm does not require one (for instance, EdDSA). If this option is omitted but the signature algorithm requires one, a default value will be used. For signature algorithms like RSA, DSA and ECDSA, SHA-256 will be the default digest algorithm. For SM2, it will be SM3. If this option is present, then the -rawin option must be also specified.
- -out filename: Specifies the output filename to write to or standard output by default.
- -sigfile file: Signature file, required for -verify operations only
- -inkey filename|uri: The input key, by default it should be a private key.
- -keyform DER|PEM|P12|ENGINE: The key format; unspecified by default. See openssl-format-options(1) for details.
- -passin arg: The input key password source. For more information about the format of arg see openssl-passphrase-options(1).
- -peerkey file: The peer key file, used by key derivation (agreement) operations.
- -peerform DER|PEM|P12|ENGINE: The peer key format; unspecified by default. See openssl-format-options(1) for details.
- -pubin: By default a private key is read from the key input. With this option a public key is read instead. If the input contains no public key but a private key, its public part is used.
- -certin: The input is a certificate containing a public key.
- -rev: Reverse the order of the input buffer. This is useful for some libraries (such as CryptoAPI) which represent the buffer in little endian format.
- -sigfile file: Signature file, required for -verify operations only
- -inkey filename|uri: The input key, by default it should be a private key.
- -keyform DER|PEM|P12|ENGINE: The key format; unspecified by default. See openssl-format-options(1) for details.
- -passin arg: The input key password source. For more information about the format of arg see openssl-passphrase-options(1).
- -peerkey file: The peer key file, used by key derivation (agreement) operations.
- -peerform DER|PEM|P12|ENGINE: The peer key format; unspecified by default. See openssl-format-options(1) for details.
- -pubin: By default a private key is read from the key input. With this option a public key is read instead. If the input contains no public key but a private key, its public part is used.
- -certin: The input is a certificate containing a public key.
- -rev: Reverse the order of the input buffer. This is useful for some libraries (such as CryptoAPI) which represent the buffer in little endian format.
- -sign: Sign the input data (which must be a hash) and output the signed result. This requires a private key.
- -verify: Verify the input data (which must be a hash) against the signature file and indicate if the verification succeeded or failed.
- -verifyrecover: Verify the input data (which must be a hash) and output the recovered data.
- -encrypt: Encrypt the input data using a public key.
- -decrypt: Decrypt the input data using a private key.
- -derive: Derive a shared secret using the peer key.
- -kdf algorithm: Use key derivation function algorithm. The supported algorithms are at present TLS1-PRF and HKDF. Note: additional parameters and the KDF output length will normally have to be set for this to work. See EVP_PKEY_CTX_set_hkdf_md(3) and EVP_PKEY_CTX_set_tls1_prf_md(3) for the supported string parameters of each algorithm.
- -kdflen length: Set the output length for KDF.
- -pkeyopt opt:value: Public key options specified as opt:value. See NOTES below for more details.
- -pkeyopt_passin opt[:passarg]: Allows reading a public key option opt from stdin or a password source. If only opt is specified, the user will be prompted to enter a password on stdin. Alternatively, passarg can be specified which can be any value supported by openssl-passphrase-options(1).
- -hexdump: hex dump the output data.
- -asn1parse: Parse the ASN.1 output data, this is useful when combined with the -verifyrecover option when an ASN1 structure is signed.
- -engine id: See "Engine Options" in openssl(1). This option is deprecated.
- -engine_impl: When used with the -engine option, it specifies to also use engine id for crypto operations.
- -rand files, -writerand file: See "Random State Options" in openssl(1) for details.
- -provider name: -provider-path path: -propquery propq: See "Provider Options" in openssl(1), provider(7), and property(7).
- -config configfile: See "Configuration Option" in openssl(1).
Symmetric encryption uses the same key for both encryption and decryption, requiring both parties to possess and keep the key confidential.
- Single Key: Both parties use the same key, making key management critical. If the key is compromised, the encrypted data is at risk.
- Speed: Symmetric algorithms are faster than asymmetric ones, making them ideal for encrypting large amounts of data, particularly in real-time applications.
- Confidentiality: Only authorized parties with the correct key can decrypt the data, maintaining its confidentiality.
- Common Algorithms:
- AES: Secure and efficient, with key sizes of 128, 192, or 256 bits.
- DES: Uses a 56-bit key; now considered insecure.
- 3DES: Applies DES three times with different keys but slower than AES.
- Blowfish: A fast cipher with key lengths of 32 to 448 bits.
- Twofish: A more advanced version of Blowfish, supporting keys up to 256 bits.
- RC4: A stream cipher known for speed but now insecure in many uses.
- Applications:
- Data Encryption: Secures data in storage and transmission (e.g., SSL/TLS).
- VPNs: Encrypts data over public networks to protect privacy.
- Disk Encryption: Protects data on devices, ensuring confidentiality if lost or stolen.
- Secure Communications: Used in messaging apps and secure protocols.
- Cloud Storage Security: Encrypts data in the cloud, protecting it from unauthorized access.
openssl enc -aes-256-cbc -in file.rar -out encfile.rar -pass pass:1234567890123456789012345678901234567890123456789012345678901234 -base64 -iv 12345678901234567890123456789012 -S 1234567890123456 -md sha-256 -iter 2048 -pbkdf2 -p
openssl enc -aes-256-cbc -in encfile.rar -out file.rar -pass pass:1234567890123456789012345678901234567890123456789012345678901234 -d -base64 -iv 12345678901234567890123456789012 -S 1234567890123456 -md sha-256 -iter 2048 -pbkdf2
openssl enc|cipher [-cipher] [-help] [-list] [-ciphers] [-in filename] [-out filename] [-pass arg] [-e] [-d] [-a] [-base64] [-A] [-k password] [-kfile filename] [-K key] [-iv IV] [-S salt] [-salt] [-nosalt] [-z] [-md digest] [-iter count] [-pbkdf2] [-saltlen size] [-p] [-P] [-bufsize number] [-nopad] [-v] [-debug] [-none] [-engine id] [-rand files] [-writerand file] [-provider name] [-provider-path path] [-propquery propq]
DESCRIPTION: The symmetric cipher commands allow data to be encrypted or decrypted using various block and stream ciphers using keys based on passwords or explicitly provided. Base64 encoding or decoding can also be performed either by itself or in addition to the encryption or decryption.
OPTIONS:
- -help: Print out a usage message.
- -list: List all supported ciphers.
- -ciphers: Alias of -list to display all supported ciphers.
- -in filename: The input filename, standard input by default.
- -out filename: The output filename, standard output by default.
- -pass arg: The password source. For more information about the format of arg see "Pass Phrase Options" in openssl(1).
- -e: Encrypt the input data: this is the default.
- -d: Decrypt the input data.
- -a: Base64 process the data. This means that if encryption is taking place the data is base64 encoded after encryption. If decryption is set then the input data is base64 decoded before being decrypted.
- -base64: Same as -a
- -A: If the -a option is set then base64 process the data on one line.
- -k password: The password to derive the key from. This is for compatibility with previous versions of OpenSSL. Superseded by the -pass argument.
- -kfile filename: Read the password to derive the key from the first line of filename. This is for compatibility with previous versions of OpenSSL. Superseded by the -pass argument.
- -md digest: Use the specified digest to create the key from the passphrase. The default algorithm is sha-256.
- -iter count: Use a given number of iterations on the password in deriving the encryption key. High values increase the time required to brute-force the resulting file. This option enables the use of PBKDF2 algorithm to derive the key.
- -pbkdf2: Use PBKDF2 algorithm with a default iteration count of 10000 unless otherwise specified by the -iter command line option.
- -saltlen: Set the salt length to use when using the -pbkdf2 option. For compatibility reasons, the default is 8 bytes. The maximum value is currently 16 bytes. If the -pbkdf2 option is not used, then this option is ignored and a fixed salt length of 8 is used. The salt length used when encrypting must also be used when decrypting.
- -nosalt: Don't use a salt in the key derivation routines. This option SHOULD NOT be used except for test purposes or compatibility with ancient versions of OpenSSL.
- -z: Compress or decompress encrypted data using zlib after encryption or before decryption. This option exists only if OpenSSL was compiled with the zlib or zlib-dynamic option.
- -none: Use NULL cipher (no encryption or decryption of input).
- -rand files, -writerand file: See "Random State Options" in openssl(1) for details.
- -provider name: -provider-path path: -propquery propq: See "Provider Options" in openssl(1), provider(7), and property(7).
- -engine id: See "Engine Options" in openssl(1). This option is deprecated.
- Supported ciphers:
- aes-128-cbc
- aes-128-cfb
- aes-128-cfb1
- aes-128-cfb8
- aes-128-ctr
- aes-128-ecb
- aes-128-ofb
- aes-192-cbc
- aes-192-cfb
- aes-192-cfb1
- aes-192-cfb8
- aes-192-ctr
- aes-192-ecb
- aes-192-ofb
- aes-256-cbc
- aes-256-cfb
- aes-256-cfb1
- aes-256-cfb8
- aes-256-ctr
- aes-256-ecb
- aes-256-ofb
- aes128
- aes128-wrap
- aes128-wrap-pad
- aes192
- aes192-wrap
- aes192-wrap-pad
- aes256
- aes256-wrap
- aes256-wrap-pad
- aria-128-cbc
- aria-128-cfb
- aria-128-cfb1
- aria-128-cfb8
- aria-128-ctr
- aria-128-ecb
- aria-128-ofb
- aria-192-cbc
- aria-192-cfb
- aria-192-cfb1
- aria-192-cfb8
- aria-192-ctr
- aria-192-ecb
- aria-192-ofb
- aria-256-cbc
- aria-256-cfb
- aria-256-cfb1
- aria-256-cfb8
- aria-256-ctr
- aria-256-ecb
- aria-256-ofb
- aria128
- aria192
- aria256
- bf
- bf-cbc
- bf-cfb
- bf-ecb
- bf-ofb
- blowfish
- camellia-128-cbc
- camellia-128-cfb
- camellia-128-cfb1
- camellia-128-cfb8
- camellia-128-ctr
- camellia-128-ecb
- camellia-128-ofb
- camellia-192-cbc
- camellia-192-cfb
- camellia-192-cfb1
- camellia-192-cfb8
- camellia-192-ctr
- camellia-192-ecb
- camellia-192-ofb
- camellia-256-cbc
- camellia-256-cfb
- camellia-256-cfb1
- camellia-256-cfb8
- camellia-256-ctr
- camellia-256-ecb
- camellia-256-ofb
- camellia128
- camellia192
- camellia256
- cast
- cast-cbc
- cast5-cbc
- cast5-cfb
- cast5-ecb
- cast5-ofb
- chacha20
- des
- des-cbc
- des-cfb
- des-cfb1
- des-cfb8
- des-ecb
- des-ede
- des-ede-cbc
- des-ede-cfb
- des-ede-ecb
- des-ede-ofb
- des-ede3
- des-ede3-cbc
- des-ede3-cfb
- des-ede3-cfb1
- des-ede3-cfb8
- des-ede3-ecb
- des-ede3-ofb
- des-ofb
- des3
- des3-wrap
- desx
- desx-cbc
- id-aes128-wrap
- id-aes128-wrap-pad
- id-aes192-wrap
- id-aes192-wrap-pad
- id-aes256-wrap
- id-aes256-wrap-pad
- id-smime-alg-CMS3DESwrap
- idea
- idea-cbc
- idea-cfb
- idea-ecb
- idea-ofb
- rc2
- rc2-128
- rc2-40
- rc2-40-cbc
- rc2-64
- rc2-64-cbc
- rc2-cbc
- rc2-cfb
- rc2-ecb
- rc2-ofb
- rc4
- rc4-40
- seed
- seed-cbc
- seed-cfb
- seed-ecb
- seed-ofb
- sm4
- sm4-cbc
- sm4-cfb
- sm4-ctr
- sm4-ecb
- sm4-ofb
- Examples:
cp -r dir1/ dir2/
: Recursively copydir1
todir2
.cp -i file1.txt file2.txt
: Prompt before overwritingfile2.txt
.
- Examples:
mv file1.txt /home/user/
: Movefile1.txt
to/home/user/
.mv oldname.txt newname.txt
: Renameoldname.txt
tonewname.txt
.
- Examples:
rm file1.txt
: Removefile1.txt
.rm -r dir1/
: Recursively removedir1
and its contents.rm -rf dir1/
: Forcefully removedir1
and its contents without prompts.
- Examples:
mkdir newdir
: Create a directory namednewdir
.mkdir -p parentdir/childdir
: Createparentdir
andchilddir
if they don't exist.
- Examples:
ls -l
: List with detailed information (permissions, ownership, size).ls -a
: List all files, including hidden ones (starting with.
).ls -lh
: List with human-readable file sizes.
- Syntax:
rmdir [options] directory
- Examples:
rmdir emptydir
: Removeemptydir
if it's empty.rmdir -p parentdir/childdir
: Removechilddir
andparentdir
if they are empty.
- Syntax:
find [path] [options] [expression]
- Examples:
find /home/user/ -name '*.txt'
: Find all.txt
files under/home/user/
.find . -type d -name 'dir*'
: Find directories starting withdir
.
- Syntax:
touch [options] file
- Examples:
touch newfile.txt
: Create an emptynewfile.txt
or update its timestamp.touch -c non_existent_file.txt
: Don’t createnon_existent_file.txt
if it doesn’t exist.
chmod
can use both numeric (octal) and symbolic modes to set file permissions.
- Syntax:
chmod [permissions] file
- Examples:
chmod 755 file.txt
:
*7
(rwx) for owner
*5
(r-x) for group
*5
(r-x) for otherschmod 644 file.txt
:
*6
(rw-) for owner
*4
(r--) for group
*4
(r--) for othersNumeric Permission Values:4
= Read (r)2
= Write (w)1
= Execute (x)- Permissions are additive. For example,
7
=4
(r) +2
(w) +1
(x).
- Syntax:
chmod [who][+/-][permissions] file
- Examples:
chmod u+x file.txt
: Add execute permission for the user (owner).chmod g-w file.txt
: Remove write permission for the group.chmod o=r file.txt
: Set others' permissions to read-only.Symbolic Permission Characters:u
= User (owner)g
= Groupo
= Othersa
= All (user, group, and others)+
= Add permission-
= Remove permission=
= Set exact permission
-R
or--recursive
: Apply changes recursively to directories and their contents.
- Syntax:
chown [options] user[:group] file
- Examples:
chown user file.txt
: Change the owner touser
.chown user:group file.txt
: Change the owner touser
and the group togroup
.chown :group file.txt
: Change the group togroup
without changing the owner.- Options
-R
or--recursive
: Apply changes recursively to directories and their contents.
- Syntax:
df [options] [file]
- Examples:
df -h
: Display disk space in a human-readable format (e.g., MB, GB).df -T
: Show the filesystem type along with space usage.df --total
: Show a grand total of all file systems.
- Syntax:
du [options] [file]
- Examples:
du -h
: Show disk usage in human-readable format.du -sh /path/to/dir
: Show the total size of/path/to/dir
.du -a
: Show the size of all files and directories.du --max-depth=1
: Limit the depth of directory traversal to 1 level.
- Syntax:
pwd
SSH provides a secure way for accessing remote hosts and replaces tools such as telnet, rlogin, rsh, ftp.
OpenSSH (also known as OpenBSD Secure Shell) is a suite of secure networking utilities based on the Secure Shell (SSH) protocol, which provides a secure channel over an unsecured network in a client–server architecture.
Default SSH port in Termux is 8022
.
Default SSH port in Linux is usually 22
.
sudo apt install openssh-server
sudo systemctl enable --now ssh
sudo nano /etc/ssh/sshd_config
Edit as your need.
If you're setting OpenSSH server for QEMU VM with same setup as this tutorial, namely, hostfwd=tcp::2222-:22
, and you hope to connect it from outside of the VM (e.g. Termux), then you can edit the configuration as the following:
sudo rm /etc/ssh/sshd_config
sudo nano /etc/ssh/sshd_config
Copy below and paste to it:
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
Port 22
#AddressFamily any
ListenAddress 0.0.0.0
#ListenAddress ::
# The default requires explicit activation of protocol 1
#Protocol 2
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#RSAAuthentication yes
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
PrintMotd no # pam does that
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
UsePrivilegeSeparation sandbox # Default for new installations.
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
# no default banner path
#Banner none
# override default of no subsystems
Subsystem sftp /usr/lib/ssh/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server
Run:
sudo nano /etc/hosts .deny
and delete all lines in it.
sudo service ssh start
sudo service ssh restart
sudo service ssh stop
sudo systemctl disable ssh
sudo systemctl enable ssh
sudo service ssh status
apt install openssh
sshd
pkill sshd
sudo apt install openssh-client
apt install openssh
If you plan to use key authentication, you have to generate key by:
mkdir -p ~/.ssh
ssh-keygen -t rsa -b 4096
If you're setting OpenSSH server for QEMU VM with same setup as this tutorial, namely, use password authentication (with password set by running passwd
), you won't need to generate key.
ssh root@localhost
Change the root@localhost
to the actual user name and address. Port will be set as default.
Run with port specified:
ssh root@localhost -p 2222
Change 2222
to the port of the server.
If you're setting OpenSSH server for QEMU VM with same setup as this tutorial, namely, hostfwd=tcp::2222-:22
and Port 22
, then you can run:
ssh root@localhost -p 2222
on client side.
exit
To solve this error, try:
- Run
ssh-keygen -R [localhost]:2222
on the client side. Change[localhost]:2222
to the actual address and port of the server. - Use
ssh -v root@localhost -p port
,ssh -vv root@localhost -p port
,ssh -vvv root@localhost -p port
to debug. - Ensure that no firewall or VPN service is blocking the connections.
- Ensure the configuration in
/etc/ssh/sshd_config
is correct. - Ensure the authentication is correct.
- Restart SSH server.
- Check SSH log file.
- Reboot.
You can use scp
on the client side to transfer files between the server side and the client side.
The syntax of scp
is the same as that of cp
, but with the username@host:
added before the path to copy to or from the server. For example:
scp -r root@localhost:/root/Desktop /data/data/com.termux/files/home/
Use SFTP server mount if you encounter errors in this method.
You can install Material Files from Google Play: https://play.google.com/store/apps/details?id=me.zhanghai.android.files or F-Droid: https://f-droid.org/packages/me.zhanghai.android.files/.
SFTP, or Secure File Transfer Protocol, is a secure network protocol used for transferring files over a secure connection. It is an extension of the SSH (Secure Shell) protocol, which means it provides the same level of security and encryption that SSH offers. Here are some key points about SFTP:
- Security: SFTP encrypts both commands and data. This makes it more secure than traditional FTP (File Transfer Protocol).
- Authentication: SFTP supports various password-based and key-based authentication.
- File Management: SFTP allows for various file management operations, such as listing files, changing directories, and deleting files.
- Port: SFTP typically operates over the same port used by SSH.
- Cross-Platform: SFTP is supported on various platforms, making it a versatile option for file transfers across different systems.
- Connect to the SSH server with Termux or other clients on your Android device.
- Open the left menu.
- Tap Add storage ….
- Tap SFTP server.
- Input necessary information. Hostname, Port, etc. means those of the SSH server. Leave path empty to mount the whole file system of the server side.
- You can manage the file system of the SSH server like managing local storage now.
- https://www.openssh.com/
- https://ivonblog.com/posts/termux-qemu-system-linux/
- https://wiki.termux.com/wiki/Remote%5FAccess.
- https://ivonblog.com/posts/termux-openssh/.
You can install droidVNC-NG on:
- F-droid: https://f-droid.org/packages/net.christianbeier.droidvnc%5Fng/.
- Google Play: [https://play.google.com/store/apps/details?id=net.christianbeier.droidvnc_ng\](https://play.google.com/store/apps/details?id=net.christianbeier.droidvnc_ng ).
Remote Control & Interaction
- Screen Sharing: Share your device's screen over the network, with optional scaling on the server side for better performance.
- Remote Control: Use your VNC client to control your device, including mouse and basic keyboard input. To enable this, you must activate the Accessibility API Service on your device.
- Special Key Functions: Remotely trigger key functions like 'Recent Apps,' Home button, and Back button.
- Text Copy & Paste: Support for copying and pasting text from your device to the VNC client. Note: Copying text from the client to the device isn't supported due to Android security restrictions.
- Multiple Mouse Pointers: Display different mouse pointers for each connected client on your device.
Comfort Features
- Web Browser Access: Control your device’s shared screen directly from a web browser, without needing a separate VNC client.
- Auto-Discovery: Advertise the VNC server using Zeroconf/Bonjour for easy discovery by native clients.
Security & Configuration
- Password Protection: Protect your VNC connection with a password.
- Custom Port Settings: Choose which port the VNC server uses for connections.
- Startup on Boot: Automatically start the VNC service when your device boots up.
- Default Configuration: Load a default configuration from a JSON file.
Advanced VNC Features
- Reverse VNC: Allow your device to initiate the VNC connection to a client.
- Repeater Support: Connect to a repeater that supports UltraVNC-style Mode-2 for more flexible networking.
You can install SD Maid SE on:
- F-Droid: https://f-droid.org/packages/eu.darken.sdmse.
- Google Play: https://play.google.com/store/apps/details?id=eu.darken.sdmse.
SD Maid SE (also known as SD Maid 2 or SD Maid 2/SE) is a file management tool and system cleaner for Android that specializes in maintenance, freeing up space, and removing unwanted data.
Features include:
- CorpseFinder - Removing data that belongs to apps that are no longer installed
- SystemCleaner: User configurable filters for random files
- AppControl - Controling/disabling apps
- StorageAnalyzer - Storage overview
- Root and Shizuku support
- Setup Shizuku. You can follow the guide in Shizuku, SystemUI Tuner, and aShell: Use Local ADB of Android Device on Terminals Such as Termux without Another Device with Shizuku, Leave Developer Options off When Doing So with SystemUI Tuner, and Use ADB with Features like Autocomplete Suggestion with aShell. The part about using SystemUI Tuner to enable ADB persistently in order to keep Shizuku running when Developer Options is turned off isn't necessary here but recommended if you want to keep SD Maid SE using Shizuku.
- Give consent for SD Maid SE to use Shizuku inside SD Maid SE, you can use it to enable/disable SD Maid SE's use of Shizuku.
- After giving consent, a Grant access dialog from Shizuku should show.
- Confirm the dialog.
- SD Maid SE should display a new status indicator that show whether SD Maid SE can connect to the Shizuku service.
The app has 6056 manual pages, 22+ basic categories and a bunch of general terminal tips about Linux (retrieved Sep. 27, 2024). It works 100% offline, doesn't need an internet connection and has no tracking software. Some of the commands available in Linux are available in Termux too, such as cp
, mv
, ls
, mkdir
, apt
, and apt-get
.
You can install Linux Command Library in Google Play: https://play.google.com/store/apps/details?id=com.inspiredandroid.linuxcommandbibliotheca or F-Droid: https://f-droid.org/packages/com.inspiredandroid.linuxcommandbibliotheca/, or browse it on its official website: https://linuxcommandlibrary.com/.
apt is a commandline package manager and provides commands for searching and managing as well as querying information about packages. It provides the same functionality as the specialized APT tools, like apt-get and apt-cache, but enables options more suitable for interactive use by default.\
- Usage:
apt [options] command
- Synopsys:
apt [-h] [-o=config_string] [-c=config_file] [-t=target_release] [-a=architecture] {list | search | show | update | install pkg [{=pkg_version_number | /target_release}]... | remove pkg... | upgrade | full-upgrade | edit-sources | {-v | --version} | {-h | --help}}
- Most used commands:
list
- list packages based on package namessearch
- search in package descriptionsshow
- show package detailsinstall
- install packagesreinstall
- reinstall packagesremove
- remove packagesautoremove
- automatically remove all unused packagesupdate
- update list of available packagesupgrade
- upgrade the system by installing/upgrading packagesfull-upgrade
- upgrade the system by removing/installing/upgrading packagesedit-sources
- edit the source information filesatisfy
- satisfy dependency strings- See apt(8) for more information about the available commands: https://manpages.debian.org/unstable/apt/apt.8.en.html.
- Configuration options and syntax is detailed in apt.conf(5): https://manpages.debian.org/unstable/apt/apt.conf.5.en.html.
- Information about how to configure sources can be found in sources.list(5): https://manpages.debian.org/unstable/apt/sources.list.5.en.html.
- Package and version choices can be expressed via apt_preferences(5): https://manpages.debian.org/unstable/apt/aptpreferences.5.en.html.
- Security details are available in apt-secure(8): https://manpages.debian.org/unstable/apt/apt-secure.8.en.html.
sudo apt update && sudo apt upgrade
sudo apt install xfce4 xfce4-goodies python3-all-dev python3-venv build-essential cmake curl wget git gh openjdk-17-jdk nano vim iproute2 procps grep libboost-all-dev gdb tmux openssl libssl-dev openssh-server
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
python3 -m venv myenv
source myenv/bin/activate
python3 get-pip.py
pip3 install numpy sympy matplotlib setuptools selenium jupyter pandas
apt update && apt upgrade && apt --fix-broken install && apt autoremove --purge && apt clean && pkg update && pkg upgrade && pkg clean
apt update && apt upgrade && apt --fix-broken install && apt autoremove --purge && apt clean
pkg update && pkg upgrade && pkg clean
apt update && apt upgrade && pkg update && pkg upgrade
apt update && apt upgrade
pkg update && pkg upgrade
apt update && pkg update
apt update
pkg update
sudo apt update && sudo apt upgrade && sudo apt --fix-broken install && sudo apt autoremove --purge && sudo apt clean
sudo apt update && sudo apt upgrade
sudo apt update
- F-Droid: https://f-droid.org/packages/com.termux/.
- GitHub of termux-app: https://github.com/termux/termux-app.
- GitHub of x11-packages: https://github.com/termux/x11-packages.
- Official wiki: https://wiki.termux.com/.
- Official Reddit community: https://termux.com/community.
- Google Play: https://play.google.com/store/apps/details?id=com.termux.
- Google Play: https://play.google.com/store/apps/details?id=studio.com.techriz.andronix.
- GitHub: https://github.com/AndronixApp/AndronixOrigin.
- Official website: https://docs.andronix.app/.
- Official website: https://shizuku.rikka.app/guide/setup/?night=1.
- Google Play: https://play.google.com/store/apps/details?id=moe.shizuku.privileged.api.
- GitHub: https://github.com/RikkaApps/Shizuku.
- Google Play: https://play.google.com/store/apps/details?id=com.zacharee1.systemuituner.
- GitHub: https://github.com/zacharee/Tweaker.
- Official website: https://invizible.net/en/.
- F-Droid: https://f-droid.org/packages/pan.alexander.tordnscrypt.stable/.
- Google Play: https://play.google.com/store/apps/details?id=pan.alexander.tordnscrypt.gp.
- GitHub: https://github.com/Gedsh/InviZible.
- F-Droid: https://f-droid.org/packages/net.kollnig.missioncontrol.fdroid/.
- GitHub: https://github.com/TrackerControl/tracker-control-android.
- Official website: https://trackercontrol.org/.
- Google Play: https://play.google.com/store/apps/details?id=net.kollnig.missioncontrol.play.
- Google Play: https://play.google.com/store/apps/details?id=eu.faircode.netguard.
- F-Droid: https://f-droid.org/packages/eu.faircode.netguard/.
- GitHub: https://github.com/M66B/NetGuard.
- Official website of NetGuard: https://netguard.me/.
- Official website of FairCode: https://www.faircode.eu/.
DontKillMyApp / DontKillMyApp: Make apps work by Urbandroid Team / urbandroid-team / Petr Nálevka (Urbandroid)
- Official website: https://dontkillmyapp.com/.
- Google Play: https://play.google.com/store/apps/details?id=com.urbandroid.dontkillmyapp.
- F-Droid: https://f-droid.org/packages/com.urbandroid.dontkillmyapp/.
- GitHub: https://github.com/urbandroid-team/dontkillmy-app.
- F-droid: https://f-droid.org/packages/in.sunilpaulmathew.ashell/.
- GitLab: https://gitlab.com/sunilpaulmathew/ashell.
- GitLab: https://gitlab.com/qemu-project/qemu.
- Official website: https://www.qemu.org/.
- Google Play of Tor Browser: https://play.google.com/store/apps/details?id=org.torproject.torbrowser.
- GitLab of Tor Browser: https://gitlab.torproject.org/tpo/applications/tor-browser.
- GitLab of The Tor Project: https://gitlab.torproject.org/tpo.
- GitLab of the Debian package tor:https://gitlab.torproject.org/tpo/core/debian/tor.
- Official website: https://www.torproject.org/.
- Check Tor Project: https://check.torproject.org/.
- Official website: https://ipcheck.ing/.
- GitHub: https://github.com/jason5ng32/MyIP.
- Official website: https://www.debian.org/.
- GitLab: https://salsa.debian.org/public.
- GitHub: https://github.com/SimonSchubert/LinuxCommandLibrary.
- Google Play: https://play.google.com/store/apps/details?id=com.inspiredandroid.linuxcommandbibliotheca.
- F-Droid: https://f-droid.org/packages/com.inspiredandroid.linuxcommandbibliotheca/.
- Official website: https://linuxcommandlibrary.com/.
- Official website: https://www.openssl.org/.
- GitHub: https://github.com/openssl/openssl.
- F-Droid: https://f-droid.org/packages/com.gaurav.avnc/.
- GitHub: https://github.com/gujjwal00/avnc.
- Google Play: https://play.google.com/store/apps/details?id=me.zhanghai.android.files.
- F-Droid: https://f-droid.org/packages/me.zhanghai.android.files/.
- GitHub: https://github.com/zhanghai/MaterialFiles.
SD Maid SE / SD Maid 2/SE - System Cleaner / sdmaid-se by d4rken / d4rken-org / darken / darken development
- F-Droid: https://f-droid.org/packages/eu.darken.sdmse.
- Google Play: https://play.google.com/store/apps/details?id=eu.darken.sdmse.
- GitHub: https://github.com/d4rken-org/sdmaid-se.
- F-droid: https://f-droid.org/packages/net.christianbeier.droidvnc%5Fng/.
- Google Play: [https://play.google.com/store/apps/details?id=net.christianbeier.droidvnc_ng\](https://play.google.com/store/apps/details?id=net.christianbeier.droidvnc_ng ).
- GitHub: https://github.com/bk138/droidVNC-NG.
- ChatGPT by OpenAI: https://openai.com/chatgpt/.
- awesome-shizuku by Tim Schneeberger / timschneeb: https://github.com/timschneeb/awesome-shizuku.
- shizuku-apps by Souvik Bagchi (Mr HyperIon) / MrHyperlon101: https://github.com/MrHyperIon101/shizuku-apps.
- Wikipedia: https://en.m.wikipedia.org/.
- DNS leak test: https://www.dnsleaktest.com.
- What Is My IP Address: https://whatismyipaddress.com.
- freshtermux by Miranda / cyb0rgdoll: https://github.com/cyb0rgdoll/freshtermux.
We welcome contributions to this project! Please fork the repository and submit a pull request for your contributions. For clarity and convenience, we recommend making one pull request per revised section or added feature.
Copyright (C) 2024 Willie169.
This project is licensed under the terms of either:
- GNU Free Documentation License, Version 1.3 (GFDL 1.3)
- Creative Commons Attribution-ShareAlike 4.0 International License (CC BY-SA 4.0)
Permission is granted to copy, distribute, and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
You should have received a copy of the GNU Free Documentation License along with this document. If not, see https://www.gnu.org/licenses/fdl-1.3.html.
You are free to:
- Share — copy and redistribute the material in any medium or format
- Adapt — remix, transform, and build upon the material for any purpose, even commercially.
The licensor cannot revoke these freedoms as long as you follow the license terms.
Under the following terms:
- Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
- ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.
No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
You should have received a copy of the Creative Commons Attribution-ShareAlike 4.0 International License along with this program. If not, see https://creativecommons.org/licenses/by-sa/4.0/.