When using a secure connection, Screens can authenticate with the remote machine using either a username and password or a private SSH key.
How to Authenticate with a Private SSH Key
Screens for macOS
- In the saved screen's settings, click the Secure Connection tab.
- Click the key icon to browse for a private SSH key.
The key icon will turn blue upon loading a valid private key.
Screens for iOS
In order for Screens for iOS to use a SSH key, it needs to be imported. Our recommendation is to copy the private key content in the clipboard (via Notes, Mail, etc.)
Method 1: Clipboard. You can copy the key content and send it to yourself via Mail:
Then, simply copy the key content on your iOS device and Screens will be able to import it from the Clipboard.
Method 2: Finder. Use Finder under macOS 10.14 Yosemite or later to import the key. Simply drag your private key under the Screens icon:
To add a SSH key:
- Open the Screens app settings
- Tap on SSH Keys
- Tap the + button
- Select the source. Clipboard for Method 1 or iTunes (Finder) for Method 2.
- Give your key a name
To use a SSH key:
- Edit a saved screen.
- Under Secure Connection, tap Advanced.
- Next to the Password field, tap the key icon.
- Choose Keys or 1Password to browse for a private key.
- Due to technical considerations, Screens doesn't support the newer OpenSSH key format. We suggest using the PEM format until OpenSSH support is introduced in a future version of Screens.
- Screens supports RSA keys of 2048-bits or less; 4096-bits or greater are unsupported.
SSH keys are securely stored in the iOS/macOS Keychain.
Creating a Key Pair
You can use your Mac's ssh-keygen command-line tool in Terminal to create a private and a public key.
Type one of the following command at the prompt, depending if you want a passphrase or not:
ssh-keygen -N "" -m PEM -f MyKey && open .
ssh-keygen -N "mypassphrase" -m PEM -f MyKey && open .
You can replace MyKey with any name you like. This is used to identify the key in Screens.
Finder will open a new window. You will find the two files (MyKey is the private key and MyKey.pub public key) inside the folder.
Copy the public key to the remote computer.
Append the public key to the list of authorized keys. You can do this with the following command in Terminal:
cat MyKey.pub >> /Users/my_username*/.ssh/authorized_keys
* Replace my_username with your Mac username. If you don't know your username, here's how to find out.
You can now use the private key to authenticate.
If you already have a private key without a public key, you can create the public key with the following command in Terminal:
ssh-keygen -y -f MyKey > MyKey.pub