Develop Bugs

Lollipop tethering (working)

Thanks to datawrhsdoc for translating the OP
datawrhsdoc said:
1. Root your phone
2. Either modify your existing APN to use IPv4 and adding 'dun' to the list of APN types, or create a duplicate APN with the same modifications
3. Set the modified/new APN as your default.
4. Download tether_counter_kill.txt from the OP's first post, and rename the file removing the txt extension (http://forum.xda-developers.com/showpost.php?p=59858654&postcount=1)
5. Install Smanager from Play Store
6. Navigate to tether_counter_kill from Smanager, and set both 'Su' and 'Boot' options. Run it (you won't need to do this again)
7. Start Mobile Hotspot on your phone, and connect to the hotspot from your devices
8. Immediately start a VPN client from your device(s) which will tether. VPN must redirect ALL traffic (e.g., TorGuard).
9. Enjoy unlimited WiFi tether
Click to expand...
Click to collapse
You can also try adding this to your build.prop (I don't know if this does anything):
net.tethering.noprovisioning=true
Click to expand...
Click to collapse
Idea for the script taken from:
http://forum.xda-developers.com/z3/general/lollipop-tethering-t3058923
This can be fixed permanently using the following procedure (UPDATE: no root required):
Enable developer mode (Go to Settings -> About phone, and click on the build number until the developer mode is enabled).
Enable USB debugging under Settings -> Developer options
Connect the device with a USB cable to a computer with the Android SDK platform tools installed
Start an adb shell: adb shell
In the adb shell, run this command: settings put global tether_dun_required 0
Click to expand...
Click to collapse

RussianBear said:
Looks like the settings.db is on a lock-down. I can't access it via sqlite any longer. It says: "the database is currently locked by another process"
Any ideas? @autoprime ?
Quick Edit: was able to copy settings.db to sd card and open it up with sqlite. couldn't change any parameters, as sqlite would fc. Downloaded this guy (http://sqlitebrowser.org/) and made changes, then overwrote the one in data/data directory. We'll see how/if it works.
Click to expand...
Click to collapse
Any luck so far?

Fhuron said:
Any luck so far?
Click to expand...
Click to collapse
Nope, something over-writes the tethering back to "1" after each reboot. I'm sure @autoprime can figure this one out, as he did for KK.

You are right I'm on LG G2 with official T-Mo lollipop and I was able to edit settings.db...not with sglite but with SQLite Debugger.
After reboot, the changes i made to the tethering reverted back to dafault 1.

For those that want to use wireless tether, try the app from this thread (it's $2.5):
http://forum.xda-developers.com/note-4-tmobile/general/unlimited-wifi-tethering-t2914057
I'm more interested in making the usb tethering work. I'll try using IPv4 + vpn tonight. Pretty sure it's going to fail because of the tether.dun set to 1...
P.S. additional links:
http://forum.xda-developers.com/note-3-tmobile/help/tethering-fix-t3068545
http://forum.xda-developers.com/tmobile-galaxy-s6-edge/help/unlimited-tethering-t3073884

Another quick update. The guide from here works for tether_dun settings: http://forum.xda-developers.com/z3/general/lollipop-tethering-t3058923
You can use this command in terminal emulator, pending you are rooted.
su
settings put global tether_dun_required 0
Click to expand...
Click to collapse
or those having issues with tethering. I tested it out today and had issues. It would connect but would not resolve dns. I have unlimited tethering on Three, it's always worked until now.
Doing this resolved my issues. I suspect this issue will be resolve by Three when an official uk build is released.
This can be fixed permanently using the following procedure (UPDATE: no root required):
Enable developer mode (Go to Settings -> About phone, and click on the build number until the developer mode is enabled).
Enable USB debugging under Settings -> Developer options
Connect the device with a USB cable to a computer with the Android SDK platform tools installed
Start an adb shell: adb shell
In the adb shell, run this command: settings put global tether_dun_required 0
Click to expand...
Click to collapse

RussianBear said:
Another quick update. The guide from here works for tether_dun settings: http://forum.xda-developers.com/z3/general/lollipop-tethering-t3058923
You can use this command in terminal emulator, pending you are rooted.
Click to expand...
Click to collapse
anyone tested does this work with no tether tracking?

Uploading a tether_dun_required=0 script (needs root) that you can use with Smanager to either trigger it via a desktop widget, app, or set it on boot. Remove ".txt" from the end and navigate to it via Smanager. I will test tethering later tonight.
Make sure you click/select the SuperUser icon in Smanager's options.
You can also try adding this to your build.prop:
net.tethering.noprovisioning=true
Click to expand...
Click to collapse

Looks like we're money, at least on usb tethering. I will update the op.

any specific settings on Wifi Tether Router? I'm unable to get an SSID to show up using the instructions from wifi tether router's website.
updated APN to ipv4
ran script posted above..

rihc55 said:
any specific settings on Wifi Tether Router? I'm unable to get an SSID to show up using the instructions from wifi tether router's website.
updated APN to ipv4
ran script posted above..
Click to expand...
Click to collapse
Try using stock wifi tether and see if it's counting. I haven't used the other app yet.

RussianBear said:
Try using stock wifi tether and see if it's counting. I haven't used the other app yet.
Click to expand...
Click to collapse
Ohh okay. even better.. ill try it and report back. thanks
EDIT:
Strange, i cant even get an SSID to show up on the native hotspot now. I know it worked before -- i used it last Sunday. The hotspot turns itself off after like 30 seconds.

Okay.. So I did a factory reset because i didnt know how to fix my problem from my previous post.
Then I:
1) added the same APN as IPV5
2) did this:
Enable developer mode (Go to Settings -> About phone, and click on the build number until the developer mode is enabled).
Enable USB debugging under Settings -> Developer options
Connect the device with a USB cable to a computer with the Android SDK platform tools installed
Start an adb shell: adb shell
In the adb shell, run this command: settings put global tether_dun_required 0
3) used the native tether app
I haven't tested it very extensively but from what i can tell, i am able to tether and it just shows up as normal data vs mobile hotspot. I transferred bout 600mb as a test. will test more later.
Thanks for your help RussianBear!
EDIT:
I lied. i think tmobile was delayed in reflecting my usage. it showed up today.

My hot-spot was broken by LP. Devices connect fine but have no Internet whatsoever. I'm able to USB tether without issues using PDANet and just selecting level 1 hide tether usage works fine. No needs for UA switching or anything like that. Just wish the WiFi tether worked, even if it's counting.

Could anyone help with step by step instructions. I am new at this and dont want to do anything wrong. Plus i dont see the script.

dreday3223 said:
Could anyone help with step by step instructions. I am new at this and dont want to do anything wrong. Plus i dont see the script.
Click to expand...
Click to collapse
Dre, are you rooted? Script is attached to the bottom of the first post.

RussianBear said:
Dre, are you rooted? Script is attached to the bottom of the first post.
Click to expand...
Click to collapse
I am. What exactly do i have to do? Where do i place that command? This is all very new to me and I'm not trying to mess up my phone so the simplest of instructions would be great.

dreday3223 said:
I am. What exactly do i have to do? Where do i place that command? This is all very new to me and I'm not trying to mess up my phone so the simplest of instructions would be great.
Click to expand...
Click to collapse
Download smanager from the playstore, download the script, then using smanager navigate to the script and run it. You will need to select the su icon from the smanager's script options. Let me know if/where you get stuck.

Script Works for WIFI Tether
It appears that this method is working for WIFI tethering as well. I watched an 11 minute Youtube and then emailed myself a 5.5MB Powerpoint. Here are my results:
Before After
Mobile Hotspot 92.2 92.4
Data 462.2 527.1
Not sure where that 0.2MB came from, but that's not much of my 5GB plan, so I don't much care.
Update 1: Figured out where the 0.2MB came from. My testing used all encrypted traffic over HTTPS, and TMO couldn't track it. I then ran a CNN.com video and the Mobile Hotspot counter spiked. Still not quite there yet.
Update 2: Enabled my VPN, and no traffic at all is being tracked by TMO. No user agent required. Yipee!!

datawrhsdoc said:
It appears that this method is working for WIFI tethering as well. I watched an 11 minute Youtube and then emailed myself a 5.5MB Powerpoint. Here are my results:
Before After
Mobile Hotspot 92.2 92.4
Data 462.2 527.1
Not sure where that 0.2MB came from, but that's not much of my 5GB plan, so I don't much care.
Update: Figured out where the 0.2MB came from. My testing used all encrypted traffic over HTTPS, and TMO couldn't track it. I then ran a CNN.com video and the Mobile Hotspot counter spiked. Still not quite there yet.
Click to expand...
Click to collapse
Are you using a vpn service or just agent switchers?

username in SSH access to WP10

What is the username to access via SSH in Windows Phone 10 , I discovered that there is an active port 22 ssh works. The password is displayed on the screen in the developer pairing options

danpio said:
What is the username to access via SSH in Windows Phone 10 , I discovered that there is an active port 22 ssh works. The password is displayed on the screen in the developer pairing options
Click to expand...
Click to collapse
The password is displayed on the screen in the developer pairing options

It's Sirepuser, but unfortunately they're using cert pinning for the SSH, so if you try accessing it you'll be treated with a pretty message.
Now what SSH is used for is for Windows 10 app deployment (When you enable Device Discovery for winappdeploycmd and for the wconnect app).

snickler said:
It's Sirepuser, but unfortunately they're using cert pinning for the SSH, so if you try accessing it you'll be treated with a pretty message.
Now what SSH is used for is for Windows 10 app deployment (When you enable Device Discovery for winappdeploycmd and for the wconnect app).
Click to expand...
Click to collapse
WTF so close ... but thanks !!
ssh [email protected]
Permission denied ([email protected],publickey).
I try connect to adbd server from mac os in WP10

I got around this.
http://forum.xda-developers.com/win...de-filesystem-access-sftp-windows-10-t3185766
BTW, don't try connecting via SSH as they don't have an actual shell. If you're using a mac, you'll need to pass the private key along with your request.

The problem about VPN(IKEv2) with Win10 Mobile

L2TP work as well.
IKEv2 not route , and can not get the vaild IP address.
Can anyone solve this problem?

0oVicero0 said:
L2TP work as well.
IKEv2 not route , and can not get the vaild IP address.
Can anyone solve this problem?
Click to expand...
Click to collapse
are you on Redstone build ?
seems VPN broken on Redstone , not only IKEV2

It's working fine for me. IKEv2 IPsec, Strongswan server.
Requires editing the connections file on the phone, though. Windows 10 mobile (same for PC) will not use the default route provided by the VPN server and there is no toggle to send all the traffic through the VPN like there was on Windows Phone 8/8.1 in the VPN connection settings GUI.
So, 'IpPrioritizeRemote=1' has to be set manually for the connection in rasphone.pbk on the phone. This can be achieved and requires an NTFS formatted SD card with the modified rasphone.pbk and a symbolic link to 'C:\Data\USERS\DefApps\APPDATA\ROAMING\MICROSOFT\Network\Connections' (you can make this symbolic link on the PC).
First you have to create a VPN connection on the phone, then delete it. This will make 'C:\Data\USERS\DefApps\APPDATA\ROAMING\MICROSOFT\Network\Connections\Pbk\' user writable and you can put a modified rasphone.pbk file in that location by accessing it through the symbolic link on the SD card.
If you don't know how to make the rasphone.pbk file, first configure the connection as it should be on the phone, then copy rasphone.pbk from the phone, edit it on PC and add 'IpPrioritizeRemote=1'. Delete the VPN connection from the phone, and put the modified rasphone file in its place.
Reboot might be required after copying the file manually.
^ This is for phones that can't be interop unlocked like my Lumia 950XL. It's much easier for other phones which can be unlocked and full FS access is achievable.
Pretty stupid omission on Microsoft's part. I've been shouting about it on windows feedback since Windows 10 Mobile was released to insiders, but no one listens.

VPN is broken in Windows 10. Period! Microsoft it's not going to fix it.

w.bogdan said:
VPN is broken in Windows 10. Period! Microsoft it's not going to fix it.
Click to expand...
Click to collapse
No period. It's broken, but it can be made to work. Who put you in charge of dropping the period?

DLS123 said:
No period. It's broken, but it can be made to work. Who put you in charge of dropping the period?
Click to expand...
Click to collapse
Search for "Windows 10 DNS resolution" or other VPN related issues in Windows 10. It's not a bug, it's a feature ... for NSA, the government of China and so on.

w.bogdan said:
Search for "Windows 10 DNS resolution" or other VPN related issues in Windows 10. It's not a bug, it's a feature ... for NSA, the government of China and so on.
Click to expand...
Click to collapse
I know about it and took measures against it. They call it Smart multi-homed name resolution. It can be disabled on Desktop and also the order of DNS servers used can be set for each VPN connection. This isn't really caused by the broken built-in VPN client, but the way Windows 10 itself works out of the box.

DLS123 said:
I know about it and took measures against it. They call it Smart multi-homed name resolution. It can be disabled on Desktop and also the order of DNS servers used can be set for each VPN connection. This isn't really caused by the broken built-in VPN client, but the way Windows 10 itself works out of the box.
Click to expand...
Click to collapse
It's not just desktop. On W10M, DNS leaks, VPN connected icon is barely visible and you don't get notified if the VPN connection drops. Is hard to believe Satya Nadella is so dumb not to notice.

w.bogdan said:
It's not just desktop. On W10M, DNS leaks, VPN connected icon is barely visible and you don't get notified if the VPN connection drops. Is hard to believe Satya Nadella is so dumb not to notice.
Click to expand...
Click to collapse
I know there are DNS leaks on W10Mobile and multi-homing can't be disabled, but I don't have a problem with that. The purpose of VPN for me is to gain access to other private networks and encrypt the communication with them. DNS leaks aren't that critical. It's not like I don't want my employer to know what websites I access while connecting to VPNs from their network. I couldn't care less to be honest that they're logging my DNS querries. And I also don't live in China.
Even if they have my DNS records they still won't ever be able to break the encrypted IPsec tunnels and get any glimpse of what's passing through them.

Wasn't able to download rasphone.pbk from the phone but could upload one.
I used my Windows 10 PC and created the connections there. Then I disabled IpPrioritizeRemote and used the powershell cmdlet Add-VpnConnectionRoute to add a route to the pbk file pointing to my local subnet.
I am now able to connect to the internet and access corporate resources at the same time.
I however couldn't connect from one particular app which worked in 8.1. There may be issues with non universal apps.

DLS123 said:
It's working fine for me. IKEv2 IPsec, Strongswan server.
Requires editing the connections file on the phone, though. Windows 10 mobile (same for PC) will not use the default route provided by the VPN server and there is no toggle to send all the traffic through the VPN like there was on Windows Phone 8/8.1 in the VPN connection settings GUI.
So, 'IpPrioritizeRemote=1' has to be set manually for the connection in rasphone.pbk on the phone. This can be achieved and requires an NTFS formatted SD card with the modified rasphone.pbk and a symbolic link to 'C:\Data\USERS\DefApps\APPDATA\ROAMING\MICROSOFT\Network\Connections' (you can make this symbolic link on the PC).
First you have to create a VPN connection on the phone, then delete it. This will make 'C:\Data\USERS\DefApps\APPDATA\ROAMING\MICROSOFT\Network\Connections\Pbk\' user writable and you can put a modified rasphone.pbk file in that location by accessing it through the symbolic link on the SD card.
If you don't know how to make the rasphone.pbk file, first configure the connection as it should be on the phone, then copy rasphone.pbk from the phone, edit it on PC and add 'IpPrioritizeRemote=1'. Delete the VPN connection from the phone, and put the modified rasphone file in its place.
Reboot might be required after copying the file manually.
^ This is for phones that can't be interop unlocked like my Lumia 950XL. It's much easier for other phones which can be unlocked and full FS access is achievable.
Pretty stupid omission on Microsoft's part. I've been shouting about it on windows feedback since Windows 10 Mobile was released to insiders, but no one listens.
Click to expand...
Click to collapse
Thanks!!! It's working fine!
I think Microsoft do not want to fix it.

0oVicero0 said:
I think Microsoft do not want to fix it.
Click to expand...
Click to collapse
Yeah, looks like that's the case. There is very little feedback in insider hub about VPN problems. Very few care about these issues so probably MS has no incentive to fix and prefer to rely on MDM for VPN configuration on these devices. Now if only that were an option for mere mortals...

How to import self-signed key or export builtin cert for a strongswan server?
DLS123 said:
It's working fine for me. IKEv2 IPsec, Strongswan server.
Click to expand...
Click to collapse
How did you get the VPN connection set up properly (aside from the IpPrioritizeRemote setting)?
I've set up a strongswan server and generated my own self-signed keys using ipsec pki, but when I import the key to my Lumia 1520 (by tapping it using the Files app and tapping import at the prompt), the VPN connection will not send that cert. Instead it sends a certificate issued by CN=Microsoft Genuine Windows Phone CA15" with an OU that looks like a GUID.
So I tried punting and just exporting that certificate to place on my strongswan server ... but I can't figure out how to get the certificate off the phone either. So how do I do either one?

rlively said:
How did you get the VPN connection set up properly (aside from the IpPrioritizeRemote setting)?
I've set up a strongswan server and generated my own self-signed keys using ipsec pki, but when I import the key to my Lumia 1520 (by tapping it using the Files app and tapping import at the prompt), the VPN connection will not send that cert. Instead it sends a certificate issued by CN=Microsoft Genuine Windows Phone CA15" with an OU that looks like a GUID.
So I tried punting and just exporting that certificate to place on my strongswan server ... but I can't figure out how to get the certificate off the phone either. So how do I do either one?
Click to expand...
Click to collapse
I don't know what self generated certificate your phone sends, but you shouldn't use that.
You should generate a client certificate on the strongswan server then you should include both the root CA and the client certificate and pack them together in a PKCS 12 file (.p12) which you open on the phone and import. The phone will choose the proper certificate stores to import to. Did you do that?
https://www.zeitgeist.se/2013/11/22/strongswan-howto-create-your-own-vpn/
Just follow this tutorial., with the only mention that you should add "--flag clientAuth" to the command line for generating the client certificate.

DLS123 said:
I don't know what self generated certificate your phone sends, but you shouldn't use that.
You should generate a client certificate on the strongswan server then you should include both the root CA and the client certificate and pack them together in a PKCS 12 file (.p12) which you open on the phone and import. The phone will choose the proper certificate stores to import to. Did you do that?
Just follow this tutorial., with the only mention that you should add "--flag clientAuth" to the command line for generating the client certificate.
Click to expand...
Click to collapse
Thanks, that is a good tutorial - I definitely did not use the clientAuth flag (the ipsec tutorial for openWRT didn't include it: openwrt doc/howto/vpn.ipsec.roadwarrior), so I tried generating new certs with clientAuth. Unfortunately I got the same results. My Win10 phone sent the same "Microsoft Genuine Windows Phone CA15" cert.
Did you import the PKCS 12 file just by tapping it in the Microsoft "Files" app on the phone or did you use another method? I'm verifying the certs with the Microsoft "Certificates" app, which does show that the original cert I generated has no "Enhanced usages" but the second has "Client Authentication." Still the builtin VPN client won't pick it to send to my strongSwan server.
I did away completely with my configuration and started over with the win7 configuration here: strongswan wiki: Win7CertReq but none of it will help if I can't get my phone to actually send the correct certificate ... this configuration did something a little different though:
My phone sent the correct certificate in the "received TLS peer certificate" line followed by these error messages:
no trusted certificate found for 'my-CN-here' to verify TLS peer
sending fatal TLS alert 'certificate unknown'
Despite the fact that I have the certificate pem in /etc/ipsec.d/certs ...
in any case it continues on and sends the Microsoft cert afterwards and then the server throws "no peer config found" (since I don't have the public cert loaded for that MS cert).
Followed up on the error here: strongswan wiki /issues/785
I also tried it with "eap_identity=%identity" instead of "eap_identity=%any".
Frustrating that it works great for Win7 but I just can't get a Win10 phone working. Any guides out there specifically for Windows phone + Strongswan?

rlively said:
Thanks, that is a good tutorial - I definitely did not use the clientAuth flag (the ipsec tutorial for openWRT didn't include it: openwrt doc/howto/vpn.ipsec.roadwarrior), so I tried generating new certs with clientAuth. Unfortunately I got the same results. My Win10 phone sent the same "Microsoft Genuine Windows Phone CA15" cert.
Did you import the PKCS 12 file just by tapping it in the Microsoft "Files" app on the phone or did you use another method? I'm verifying the certs with the Microsoft "Certificates" app, which does show that the original cert I generated has no "Enhanced usages" but the second has "Client Authentication." Still the builtin VPN client won't pick it to send to my strongSwan server.
I did away completely with my configuration and started over with the win7 configuration here: strongswan wiki: Win7CertReq but none of it will help if I can't get my phone to actually send the correct certificate ... this configuration did something a little different though:
My phone sent the correct certificate in the "received TLS peer certificate" line followed by these error messages:
no trusted certificate found for 'my-CN-here' to verify TLS peer
sending fatal TLS alert 'certificate unknown'
Despite the fact that I have the certificate pem in /etc/ipsec.d/certs ...
in any case it continues on and sends the Microsoft cert afterwards and then the server throws "no peer config found" (since I don't have the public cert loaded for that MS cert).
Followed up on the error here: strongswan wiki /issues/785
I also tried it with "eap_identity=%identity" instead of "eap_identity=%any".
Frustrating that it works great for Win7 but I just can't get a Win10 phone working. Any guides out there specifically for Windows phone + Strongswan?
Click to expand...
Click to collapse
I import the certificates from file explorer on phone or from the OneDrive app, doesn't matter.
Have you actually set the EAP identity correctly in the client certificate? CN has to be exactly the same as --san
That's the eap_identity which has to be known if you use EAP-TLS.
I don't know what else to say, maybe post your ipsec.conf with censored IPs

DLS123 said:
I import the certificates from file explorer on phone or from the OneDrive app, doesn't matter.
Have you actually set the EAP identity correctly in the client certificate? CN has to be exactly the same as --san
That's the eap_identity which has to be known if you use EAP-TLS.
I don't know what else to say, maybe post your ipsec.conf with censored IPs
Click to expand...
Click to collapse
For the moment I just have mschap authentication with no certificate and it works. The certificate is just giving me fits.
On my client certificate my CN is not the same as the san. My san is set to the FQDN of my VPN server ... the CN of my client certificate is an identifier for my client.
What does the VPN server use for eap_identity - the CN from the client certificate when set to eap_identity=%identity ?
---------- Post added at 10:01 PM ---------- Previous post was at 09:35 PM ----------
rlively said:
For the moment I just have mschap authentication with no certificate and it works. The certificate is just giving me fits.
On my client certificate my CN is not the same as the san. My san is set to the FQDN of my VPN server ... the CN of my client certificate is an identifier for my client.
What does the VPN server use for eap_identity - the CN from the client certificate when set to eap_identity=%identity ?
Click to expand...
Click to collapse
My server certificate does have a CN and san that match. I thought I read somewhere that having that same value in the client san would help the client match up the cert to send to the server, at least for Windows Phone. Of course I can't find that guide now, so maybe I misread. I do see that in the example on https://www.zeitgeist.se/2013/11/22/strongswan-howto-create-your-own-vpn/ that the server CN and san match and the client CN and san match each other.

In the client certificate you should have [email protected]_FQDN --san server_FQDN --flag clientAuth
the eap_identity used by strongswan is the part before @ from CN.
It won't match anything when using eap_idenity=%identity if you don't do it like this.

Are there any relevant registry files we can access with interop tools?

DLS123 said:
It's working fine for me. IKEv2 IPsec, Strongswan server.
Requires editing the connections file on the phone, though. Windows 10 mobile (same for PC) will not use the default route provided by the VPN server and there is no toggle to send all the traffic through the VPN like there was on Windows Phone 8/8.1 in the VPN connection settings GUI.
So, 'IpPrioritizeRemote=1' has to be set manually for the connection in rasphone.pbk on the phone. This can be achieved and requires an NTFS formatted SD card with the modified rasphone.pbk and a symbolic link to 'C:\Data\USERS\DefApps\APPDATA\ROAMING\MICROSOFT\Network\Connections' (you can make this symbolic link on the PC).
First you have to create a VPN connection on the phone, then delete it. This will make 'C:\Data\USERS\DefApps\APPDATA\ROAMING\MICROSOFT\Network\Connections\Pbk\' user writable and you can put a modified rasphone.pbk file in that location by accessing it through the symbolic link on the SD card.
If you don't know how to make the rasphone.pbk file, first configure the connection as it should be on the phone, then copy rasphone.pbk from the phone, edit it on PC and add 'IpPrioritizeRemote=1'. Delete the VPN connection from the phone, and put the modified rasphone file in its place.
Reboot might be required after copying the file manually.
^ This is for phones that can't be interop unlocked like my Lumia 950XL. It's much easier for other phones which can be unlocked and full FS access is achievable.
Pretty stupid omission on Microsoft's part. I've been shouting about it on windows feedback since Windows 10 Mobile was released to insiders, but no one listens.
Click to expand...
Click to collapse
Hi I tried your manual, unfortunately without any success
If I Read it correctly you do the following steps:
1) Format sd card on NTFS
2) On the sd card create symbolic link to: C:\Data\USERS\DefApps\APPDATA\ROAMING\MICROSOFT\Network\Connections
3) Insert sd in phone
4) Create a vpn connection on the phone
5) Delete al the vpn connections on the phone
6) Use the phone to put a new (modified) rasphone.pbk file on the sd card (though onedrive??). I cant access my sd om my pc when usb is connected
7) Reboot the phone
8) Make a new vpn connection (can it have a different name?)
Can someone verify if i miss something?
I'll be very happy if this works

Android TV SSH Server (permission denied)

I'm trying to SFTP into Nvidia Shield TV but keep getting denied.
I have rooted the device and installed SSH Server. I do get prompted to accept the RSA Key, but then denied access.
The SSH Server app that I'm using was added to the Super User app and granted root access.
What am I doing wrong. I'm so close.....
FYI, I can use FTP but denied when using SFTP.

1) Are you rooted? Did you give SSH/SFTP root privileges?
2) Did you remember to change the default Password to something other than whatever the default was?
3) Did you remember to run the SSH/SFTP Server before trying to run it? It's NOT automatic. You have to run it Server side first!
4) Assuming you using something like Putty or WinSCP you need to login using the local IP Address of the Shield TV ex. 192.178.xxx.xxx
If you can follow most of that it shouldn't be a bother getting it to run.

Ichijoe said:
1) Are you rooted? Did you give SSH/SFTP root privileges?
2) Did you remember to change the default Password to something other than whatever the default was?
3) Did you remember to run the SSH/SFTP Server before trying to run it? It's NOT automatic. You have to run it Server side first!
4) Assuming you using something like Putty or WinSCP you need to login using the local IP Address of the Shield TV ex. 192.178.xxx.xxx
If you can follow most of that it shouldn't be a bother getting it to run.
Click to expand...
Click to collapse
1. Yes I'm rooted.
2. Yes I have a password
3. Yes, I ran SSH Server first
4. Yes I am trying to login with IP address
Give me something other then the basics here!

What about: Settings > Storage & reset > Over local network?

finsfree said:
I'm trying to SFTP into Nvidia Shield TV but keep getting denied.
I have rooted the device and installed SSH Server. I do get prompted to accept the RSA Key, but then denied access.
The SSH Server app that I'm using was added to the Super User app and granted root access.
What am I doing wrong. I'm so close.....
FYI, I can use FTP but denied when using SFTP.
Click to expand...
Click to collapse
What SSH server are you using?

Having Sideload 'Rooted SSH/SFTP Daemon. Which is listed as non Android TV compatible. I was greeted instantly with a "wtf not rooted" message. Which may be kinda the case since I never really enabled such RW permissions for SU though TWRP. Since having done so in the past kinda made OTA Updates malfunction. It's kinda the same case with Adaway as well.
But, on the Shield TV the only real tangible use of root that I have is, in being able to install Plex Channels. Which with a symlinked Folder. Works well enough.

I got it to work!

finsfree said:
I got it to work!
Click to expand...
Click to collapse
So what was the issue?
Please use the QUOTE feature when replying to me to get my attention. Thanks!

My guess would be he enabled root via TWRP. Hopefully it won't comeback to bite him in the arse. While this does make things incredibly easier, it also completely forks up any hopes of successfully installing any OTA Updates. Which may not be as much of a problem, as it was when I first got into the Shield TV last January. With the transition from Marshmallow, to Nougat.

[help] can't add registry

Hello all..as i was saying that i can't add registry in my phone using interop tool. I am using interop tool L. i am getting this error
something went worng could not add specific key,no changes to phone registry were made.so i used registry editor but nothing changed there is no new registry created.here are screenshots....thank u

[email protected] said:
Hello all..as i was saying that i can't add registry in my phone using interop tool. I am using interop tool L. i am getting this error
something went worng could not add specific key,no changes to phone registry were made.so i used registry editor but nothing changed there is no new registry created.here are screenshots....thank u
Click to expand...
Click to collapse
I happen to have the same problem lately... If you try to read the key/value, it's gonna return the value/key value but, no registry is created.

xxJMarian said:
I happen to have the same problem lately... If you try to read the key/value, it's gonna return the value/key value but, no registry is created.
Click to expand...
Click to collapse
See if i read the value the operation says read but if i try to add registry it says no specific key added, no change to phone registry were made and i am not understanding why this is happening..

I have had imports fail but the Edit Registry option works. And vice versa. Depends on the device too. On the Nokia models I can edit almost anywhere just by installing and enabling interop unlock. If I use my 950 XL or a 650 which have some added security features it becomes hit or miss. Even if I push the generic ndtk cab to the device. Other times I have to do a hard reset before I can edit the registry where I need. Usually after a recent update or build version release.
EDIT: I just looked at your pics. You are trying to add Sirepuser to the system control key but why are you adding it that way? I am assuming the template is not working? Also why did you need to toggle Restore NDTKsvc? Was editing working before that and then stopped? Lastly which device model are you using Interop Tools on?
I get what you mean. Must be interop tools can add keys/values there using the template but can't read them.

nate0 said:
On the Nokia models I can edit almost anywhere
Click to expand...
Click to collapse
Can you edit or create keys/values inside HKCU? Registry editor shows that you "created" the key/value you want but, once you look at it with the browser, the value or key created is not there...

It seems the key or values under certain areas of the registry are either not supported or not accessible for read from InteropTools.
Edit: If I enable root access after unlocking the boot loader on my 1520 I can see the key values under HKLM\BCD00000001. Must be related to a plolicy interop tools cannot run past, and unlocking the security policies allows it to be unrestricted.

nate0 said:
It seems the key or values under certain areas of the registry are either not supported or not accessible for read from InteropTools.
Edit: If I enable root access after unlocking the boot loader on my 1520 I can see the key values under HKLM\BCD00000001. Must be related to a plolicy interop tools cannot run past, and unlocking the security policies allows it to be unrestricted.
Click to expand...
Click to collapse
Ok agree what you say this means interop tool can't read and write these keys but they are present then why i cant get cmd access.

I have no idea. That's a whole other topic...have you read thoroughly how to do it from the forums? What steps have you done?

nate0 said:
I have no idea. That's a whole other topic...have you read thoroughly how to do it from the forums? What steps have you done?
Click to expand...
Click to collapse
Yes i have read all the steps carefully and do as it says but nothing happened i am getting the same error i thinked there is no key under ssh that's why i am getting this error but after knowing that interop tool can't read these keys i don't know what to do ?. Were you able to get cmd access???

nate0 said:
I have had imports fail but the Edit Registry option works. And vice versa. Depends on the device too. On the Nokia models I can edit almost anywhere just by installing and enabling interop unlock. If I use my 950 XL or a 650 which have some added security features it becomes hit or miss. Even if I push the generic ndtk cab to the device. Other times I have to do a hard reset before I can edit the registry where I need. Usually after a recent update or build version release.
EDIT: I just looked at your pics. You are trying to add Sirepuser to the system control key but why are you adding it that way? I am assuming the template is not working? Also why did you need to toggle Restore NDTKsvc? Was editing working before that and then stopped? Lastly which device model are you using Interop Tools on?
I get what you mean. Must be interop tools can add keys/values there using the template but can't read them.
Click to expand...
Click to collapse
Its was in the tutorial it said on ndtksvc and reboot and i am using Microsoft Lumia 540 os build 10.0.15063.540 interop tool L version 2.0.79

[email protected] said:
Yes i have read all the steps carefully and do as it says but nothing happened i am getting the same error i thinked there is no key under ssh that's why i am getting this error but after knowing that interop tool can't read these keys i don't know what to do . Were you able to get cmd access???
Click to expand...
Click to collapse
Yes, but via ssh. CMD access from the IT app requires elevated privileges and some other tweaks. I can open that part of InteropTools with root enabled without error but was unable to type. You would need to check with gus33000 about that. I just use cmd over ssh for now.
---------- Post added at 03:56 PM ---------- Previous post was at 03:54 PM ----------
[email protected] said:
Its was in the tutorial it said on ndtksvc and reboot and i am using Microsoft Lumia 540 os build 10.0.15063.540 interop tool L version 2.0.79
Click to expand...
Click to collapse
You should only need to toggle the Restore NDTKsvc if you suddenly lose the ability to edit the registry after successfully getting access the first time. I have had this happen after an update or if system settings updated...

The registry browser has limited access to the registry, it can't enumerate every key, but that totally doesn't mean they aren't here, that's why you have a registry editor section in the page to actually add values where you can't see anything, in your screenshots you wrote fine to those values, so it worked.

gus33000 said:
The registry browser has limited access to the registry, it can't enumerate every key, but that totally doesn't mean they aren't here, that's why you have a registry editor section in the page to actually add values where you can't see anything, in your screenshots you wrote fine to those values, so it worked.
Click to expand...
Click to collapse
Then why i can't get cmd access i have tried everything....every step as it was in interop tool but nothing happened. I tried to connect to ssh server via ssh client on windows store but i can't get success. I just want to know where i am missing..

[email protected] said:
Then why i can't get cmd access i have tried everything....every step as it was in interop tool but nothing happened. I tried to connect to ssh server via ssh client on windows store but i can't get success. I just want to know where i am missing..
Click to expand...
Click to collapse
Did you set a custom password in interop tools and did you get cmd.exe and cmd.exe.mui via ssh on the device?
You also can't use a client on the device itself.

gus33000 said:
Did you set a custom password in interop tools and did you get cmd.exe and cmd.exe.mui via ssh on the device?
You also can't use a client on the device itself.
Click to expand...
Click to collapse
Yes i set custom password but didn't get cmd access via ssh

nate0 said:
Yes, but via ssh. CMD access from the IT app requires elevated privileges and some other tweaks. I can open that part of InteropTools with root enabled without error but was unable to type. You would need to check with gus33000 about that. I just use cmd over ssh for now.
---------- Post added at 03:56 PM ---------- Previous post was at 03:54 PM ----------
You should only need to toggle the Restore NDTKsvc if you suddenly lose the ability to edit the registry after successfully getting access the first time. I have had this happen after an update or if system settings updated...
Click to expand...
Click to collapse
Okk can you help to get cmd access via ssh please

nate0 said:
Yes, but via ssh. CMD access from the IT app requires elevated privileges and some other tweaks. I can open that part of InteropTools with root enabled without error but was unable to type. You would need to check with gus33000 about that. I just use cmd over ssh for now.
---------- Post added at 03:56 PM ---------- Previous post was at 03:54 PM ----------
You should only need to toggle the Restore NDTKsvc if you suddenly lose the ability to edit the registry after successfully getting access the first time. I have had this happen after an update or if system settings updated...
Click to expand...
Click to collapse
Okk can you help to get cmd access via ssh please

got success
finally got success access cmd via ssh.thanks everyone for helping me..so the conclusion i got:-
first some keys are protected so can't be access by interop tool but can be edit by registry editor.
Second you have to set custom password through ssh account manager but i don't know why system console in interop tool is not working but you can access cmd via ssh if you have done all the steps correctly and i finally i know where i was missing all the time it was not registry as i was thinking it is not present the thing i was missing was i tried to connect to ssh client on my device it didn'tworked but when i tried to connect to cmd with another device via ssh it worked and all credit goes to @gus33000 and @nate0 who helped me...Thank you:good: