diff options
Diffstat (limited to 'en/source/add-device.html')
| -rw-r--r-- | en/source/add-device.html | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/en/source/add-device.html b/en/source/add-device.html index 783fd6f3..d9f42f89 100644 --- a/en/source/add-device.html +++ b/en/source/add-device.html @@ -417,5 +417,48 @@ add_lunch_combo <product_name>-userdebug </tbody> </table> +<h3 id="ANDROID_VENDOR_KEYS">Set ANDROID_VENDOR_KEYS to connect over USB</h3> + +<p>The <code>ANDROID_VENDOR_KEYS</code> environment variable enables device +manufacturers to access production builds over <code>adb</code>. Generate a key +for each release that every device will accept, store those internally (such as at +<code>vendor/oem-name/security/adb/</code>), and then use +<code>ANDROID_VENDOR_KEYS</code> to tell <code>adb</code> to use these canonical +keys rather than random keys.</p> + +<p>Use the <code>ANDROID_VENDOR_KEYS</code> environment variable to +point to the directory containing the generated <code>adb</code> public and +private keys used for encryption. The private key is stored in file. The public +key is stored in file.pub. The <code>ANDROID_VENDOR_KEYS</code> environment +variable points to a file or directory where the generated key pairs are +stored.</p> + +<p>This variable is set to a file or directory that contains 2048-bit RSA +authentication key pairs generated with the <code>adb keygen</code> file command. +These key pairs are in addition to the RSA key pairs generated by the ADB +server. An RSA key pair is needed when you use <code>adb</code> to connect over +USB for the first time.</p> + +<p>You must accept the host computer's RSA key to explicitly grant +<code>adb</code> access to the device. By default key pairs generated by the +ADB server are stored in the following key store directories as +<code>adbkey</code> (private key) and <code>adbkey.pub</code> (public key):</p> + +<p>For file locations, on MacOS, this will likely be: +<code>$HOME/.android</code>. On Windows and Linux, this will be: +<code>%USERPOFILE%\.android</code>. On Windows, RSA authentication keys can +also be in <code>C:\Windows\System32\config\systemprofile\.android</code> in +some cases. When the ADB server needs a key, it first searches the ADB server +key store directory. If no keys are found, it then checks the +<code>ANDROID_VENDOR_KEYS</code> environment variable. If no keys are found, +the local ADB server generates and saves a new key pair in the ADB server key +store directory.</p> + +<p class="note"><strong>Note:</strong> You can override the default directory +where the ADB server stores RSA keys by setting the +<code>ANDROID_SDK_HOME</code> environment variable. On the device, keys are +stored in the <code>/data/misc/adb/adb_keys/</code> file, and new authorized +keys are appended to the same file as you accept them.</p> + </body> </html> |