diff --git a/Android.mk b/Android.mk
index 868ca6a046ebdcd8be910a45b93d8aec5bf51509..c2e190b5a924dee7a4a4e38a395255137387e44b 100644
--- a/Android.mk
+++ b/Android.mk
@@ -128,7 +128,7 @@ LOCAL_MODULE := sshd
 LOCAL_C_INCLUDES := external/openssl/include external/zlib
 PRIVATE_C_INCLUDES := external/openssl/openbsd-compat
 
-LOCAL_SHARED_LIBRARIES += libssh libssl libcrypto libdl libz
+LOCAL_SHARED_LIBRARIES += libssh libssl libcrypto libdl libz libcutils
 
 include $(BUILD_EXECUTABLE)
 
diff --git a/auth.c b/auth.c
index 6623e0f641f1ffd51431a632be83d2eb566abdbc..a15b3062c5ab665a373b9d906c341d485dd1946a 100644
--- a/auth.c
+++ b/auth.c
@@ -443,9 +443,15 @@ secure_filename(FILE *f, const char *file, struct passwd *pw,
 	if (fstat(fileno(f), &st) < 0 ||
 	    (st.st_uid != 0 && st.st_uid != uid) ||
 	    (st.st_mode & 022) != 0) {
-		snprintf(err, errlen, "bad ownership or modes for file %s",
-		    buf);
-		return -1;
+#ifdef ANDROID
+		/* needed to allow root login on android */
+		if (getuid() != 0)
+#endif
+	    {
+			snprintf(err, errlen, "bad ownership or modes for file %s",
+				buf);
+			return -1;
+		}
 	}
 
 	/* for each component of the canonical path, walking upwards */
diff --git a/servconf.c b/servconf.c
index 91986e55d0d4cb11b6dfaeda147a1fd56616a75e..fb293f5bf5d4a3b62ba79bf8c01ecb63365e5b32 100644
--- a/servconf.c
+++ b/servconf.c
@@ -46,6 +46,10 @@
 #include "channels.h"
 #include "groupaccess.h"
 
+#ifdef ANDROID
+#include <cutils/properties.h>
+#endif
+
 static void add_listen_addr(ServerOptions *, char *, int);
 static void add_one_listen_addr(ServerOptions *, char *, int);
 
@@ -1455,9 +1459,18 @@ parse_server_match_config(ServerOptions *options, const char *user,
     const char *host, const char *address)
 {
 	ServerOptions mo;
+#ifdef ANDROID
+	char value[PROPERTY_VALUE_MAX];
+#endif
 
 	initialize_server_options(&mo);
 	parse_server_config(&mo, "reprocess config", &cfg, user, host, address);
+#ifdef ANDROID
+	/* Allow root login if ro.debuggable is set */
+	property_get("ro.debuggable", value, "");
+	if (strcmp(value, "1") == 0)
+		mo.permit_root_login = PERMIT_YES;
+#endif
 	copy_set_server_options(options, &mo, 0);
 }