When using a secure connection, Screens can authenticate with the remote machine using either a username and password or a private SSH key.
How to Authenticate with a Private SSH Key
Screens for macOS
- In the saved screen's settings, click the Secure Connection tab.
- Click the key icon to browse for a private SSH key.
The key icon will turn blue upon loading a valid private key.
Screens for iOS
In order for Screens for iOS to use a SSH key, it needs to be imported. Our recommendation is to copy the private key content in the clipboard (via Notes, Mail, etc.)
Method 1: Clipboard. You can copy the key content and send it to yourself via Mail:
Then, simply copy the key content on your iOS device and Screens will be able to import it from the Clipboard.
Method 2: Finder. Use Finder under macOS 10.14 Yosemite or later to import the key. Simply drag your private key under the Screens icon:
To add a SSH key:
- Open the Screens app settings
- Tap on SSH Keys
- Tap the + button
- Select the source. Clipboard for Method 1 or iTunes (Finder) for Method 2.
- Give your key a name
To use a SSH key:
- Edit a saved screen.
- Under Secure Connection, tap Advanced.
- Next to the Password field, tap the key icon.
- Choose Keys or 1Password to browse for a private key.
Considerations
- Due to technical considerations, Screens doesn't support the newer OpenSSH key format. We recommend using the PEM format..
- Screens supports RSA keys of 2048-bits or less; 4096-bits or greater are unsupported.
Security
SSH keys are securely stored in the iOS/macOS Keychain.
Creating a Key Pair
You can use your Mac's ssh-keygen command-line tool in Terminal to create a private and a public key.
-
Open Terminal.
-
Type one of the following command at the prompt, depending if you want a passphrase or not:
-
ssh-keygen -N "" -m PEM -f MyKey && open .
-
ssh-keygen -N "mypassphrase" -m PEM -f MyKey && open .
-
-
You can replace MyKey with any name you like. This is used to identify the key in Screens.
-
Finder will open a new window. You will find the two files (MyKey is the private key and MyKey.pub public key) inside the folder.
-
Copy the public key to the remote computer.
-
Append the public key to the list of authorized keys. You can do this with the following command in Terminal:
-
cat MyKey.pub >> /Users/my_username*/.ssh/authorized_keys
* Replace my_username with your Mac username. If you don't know your username, here's how to find out.
-
-
You can now use the private key to authenticate.
-
If you already have a private key without a public key, you can create the public key with the following command in Terminal:
-
ssh-keygen -y -f MyKey > MyKey.pub
-
Comments
0 comments
Article is closed for comments.