Managing SSH Keys
With SSH, data transmissions between TinyTERM for Android and the server are encrypted. Even if someone manages to hack into the connection, the information won't be readable. This helps protect valuable information from unauthorized access.
SSH keys provide an additional layer of security for UNIX/Linux and similar connections. With password access disabled, brute-force attempts to login to the server will fail, as only an authorized key pair will allow a login.
To start, enter a Key Alias. This is simplay a name the key is referenced by.
As with general connection settings, key generation requires that you have certain information in advance: whether the server uses the RSA or DSA Key Type, and the preferred Key Size in bits. Select these from the drop-down lists.
For key generation, TinyTERM also requires that you enter a passphrase for the key, which must be entered in both the Password and Passphrase Again fields. This does not need to be an actual password for the server. It can include spaces, punctuation or any other characters desired.
Turning on Save Passphrase will store the passphrase with the key in TinyTERM. If this switch is off, TinyTERM will request the passphrase when the key is used.
After entering the required information, touch the Generate key button. The public/private key pair will be generated and available for use.
Once the key is generated, it will be available in the drop-down Public Key lists, both here and the ones available in UNIX connections. There are two ways to move the public key to another system:
- Email public key
This opens an email with the public key as both plain text and as an attachment.
- Copy public key to clipboard
This copies the public key as text to the Android clipboard. It can then be pasted into any other app.
Once the public key has been copied to the host, it needs to be added to the user's authorized keys file on the host. This command is common for an RSA key:
cat id_rsa.pub >> ~/.ssh/authorized_keys
The private key remains stored securely on the device, available only to TinyTERM.
The Delete Key button will delete the currently selected public/private key pair. To remove all SSH keys from TinyTERM, select Delete all keys instead. Any connection configured to use a key will switch to password authentication, falling back to challenge-response authentication if that fails.