Keychain Keychain
  1. Support Portal
  2. Knowledge Base
  3. Using Termius

Keychain

Dmitry Machulo Dmitry Machulo

Keychain is a section in Termius, where you can import and generate ssh keys and create identities. It is also where you can see, edit and remove all your imported or generated keys and identities.

In the desktop app, the keychain can be found in Preferences > Keychain. In the mobile apps, select Keychain in the app's main menu.

Note: To authenticate using a key, link the key with the host in the host's properties.

Import a key

You can import a key by selecting the file containing the key or pasting the key from the clipboard.

πŸ’» Desktop
πŸ“± Android
  1. In Preferences, choose Keychain.
  2. Click + New Key and then Import or paste a key.
  3. In the Set a label... field, provide a name for the key.
  4. Choose one of the following:
    1. To select the file with the key, click Import from key file and select it.
    2. To paste the key from the clipboard that is a PEM/Open SSH key, copy and paste the key into the Private Key field. Make sure you copy the key along with BEGIN and END tags.
    3. To paste a Putty (.ppk) key from the clipboard, copy and paste the contents of the file into the Private Key field.
      k-ezgif-4-83b2005966.gif
  5. Your key has been saved  πŸŽ‰  Click  βž”  at the top right to hide the key details.
  1. Choose Keychain in the app's main menu.
  2. Tap + and choose how you want to add a key.
  3. To select the file containing the key, tap Import Key, select the file, then tap βœ”οΈ.
  4. To paste the key from the clipboard:
    1. Tap Paste Key.
    2. In the Name field, provide a name for the key.
    3. For a PEM/Open SSH key, copy and paste the private key into the Private Key field. For a Putty (.ppk) key, copy / paste the full file contents into the Private Key field. Then, tap βœ”οΈ.
    4. k-16476289231845616759767093370408.gif

Note: If the key is protected by a passphrase, specify the passphrase in the Passphrase field. If you don't specify the passphrase, you'll be asked for it upon connection.

Import a key on iOS

You can import a key by selecting the file containing the key or pasting the key from the clipboard.

Select a file
Paste a key from the clipboard
  1. Make sure the file extension is text, txt, pem, key or ppk.
  2. Transfer the file the preferred way, e.g. downloading, iCloud Drive, Finder or AirDrop. If you’re going to download it or use iCloud Drive, place the file in Files > On my... > Termius. When using AirDrop, you may see the Paste Key form - if you do, skip to step 6.
  3. In Termius, choose Keychain in the app's main menu.
  4. Tap + at the top right and then Import Key.
  5. Select the key.
  6. (Optionally) in the Name field, provide a name for the key.
  7. If the key is protected by a passphrase, specify the passphrase in the Passphrase field.
  8. Tap Save.
  9. k-ezgif-5-8b7f4c2ba3.gif
  1. Choose Keychain in the app's main menu.
  2. Tap + at the top right and then Paste Key.
  3. In the Name field, provide a name for the key.
  4. If the key is protected by a passphrase, specify the passphrase in the Passphrase field.
  5. For a PEM/OpenSSH key, copy and paste the private key into the Private Key field.
    For a Putty (.ppk) key, copy / paste the full file contents into the Private Key field.
  6. Tap Save.
  7. k-ezgif-5-6761120039.gif

Generate a key

πŸ’» Desktop
πŸ“± iOS
πŸ“± Android
  1. In Preferences, choose Keychain.
  2. Click + New Key and then Generate new key.
  3. Specify key parameters. Add a passphrase, if desired, and check Save passphrase to save the passphrase in the key entry that you are creating.
  4. Click Generate & save.
    k-ezgif-2-591b23b22d.gif
  5. Click  βž”  in the top right corner.
  1. Choose Keychain in the app's main menu.
  2. Tap + and then Generate Key.
  3. Specify key parameters. Add a passphrase, if desired, and check Save passphrase to save the passphrase in the key entry that you are creating.
  4. Tap Save.
  5. k-ezgif-5-8b1ade2ece.gif
  1. Choose Keychain in the app's main menu.
  2. Tap + and then Generate Key.
  3. Specify key parameters. Add a passphrase, if desired, and check Save passphrase to save the passphrase in the key entry that you are creating.
  4. Tap βœ”οΈ.
  5. k-16476278004043555116428890729780.gif

Note: On iOS and macOS, you can generate and store a key in Secure Enclave. In such a case, the key will never leave the device and it will be protected by Touch ID or Face ID.

Once a key is generated, you can export it to a remote machine without leaving Termius, as described below.

Export a key to a host

Exporting keys means adding its public part to the authorized_keys file, which is stored on the server. On iOS and Android, the key will be automatically attached to that host's entry.

πŸ’» Desktop
πŸ“± iOS
πŸ“± Android
  1. In Preferences, choose Keychain.
  2. Right-click the key and then Export to host.
  3. Click Select host and select the host to which you want to upload the key.
  4. Check Attach to host, if you'd like the key to be linked with the host you've selected.
  5. Adjust other parameters, if desired.
  6. Tap the required host and then Export.
  7. Click Export key at the top.
    k-ezgif-1-7184370afc.gif
  1. Choose Keychain in the app's main menu.
  2. Tap and hold the required key, then choose Share and Export to host.
  3. Adjust the parameters of export, if desired.
  4. Tap the required host and then Export.
  5. k-ezgif-1-53c1209a55.gif
  1. Choose Keychain in the app's main menu.
  2. Tap and hold the required key, then choose Share and Export to host.
  3. Adjust the parameters of export, if desired.
  4. Tap the required host and then Export.
  5. k-16474624840117756254125691112475.gif

Identities

You may find them useful when you have several host entries requiring the same credentials. You can save those credentials in an identity and link the identity with the hosts or a group. When the credentials need to be updated, you won't have to update every one of those hosts – just the identity.

Add an identity

πŸ’» Desktop
πŸ“± Mobile
  1. In Preferences, choose Keychain.
  2. Click + New Identity.
  3. (Optionally) in the Set a label... field, provide a name for the identity.
  4. Fill in the rest of the form, as required.
  5. Click βž” at the top right.
    k-ezgif-2-21c9826ec2.gif
  1. Choose Keychain in the app's main menu.
  2. Tap + and choose New Identity.
  3. (Optionally) in the Name field, provide a name for the identity.
  4. Fill in the rest of the form, as required.
  5. Tap Save / βœ”οΈ.
  6. k-ezgif-5-1c122c2830.gif

You can link an identity with one of your hosts in the host properties. For that, in the desktop app, click Identities next to Username, and in the mobile apps, click πŸ‘€ button next to Username.

Key examples

Public key
Private key (PEM)
Private key (OpenSSH)
PPK
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7sjK625IlQyhQ1zFP4Fli3Ra7qt0amEJe+HO6TjEvkIO4a2MInSYGy6ujuSVEjzWuTC89KikcWlPsgwY6evbDiyCExubai+yWRxZL8Vyr9v3fWTcoUWPbW5yvdASS6QKaCRtOKV4dCl6xG2RTh3BiYuWKFOQb6AS0HdiGElKBLsQNjRGpxAWQ5a64ZiLEKDwCIDyN5wNCMp4Naa7Zv1vzWIOdm8D/yl/PmckealSZimKo0+/tfRKV03rQi2a1ANEPxJM5wmnFKQe4InLzs2x+HUlpfoi1bvecBgJvnN9Kr04sa03NUvy4UABQrmg/haM+PEq5EnXS4Bfh93SJin8J

-----BEGIN RSA PRIVATE KEY----- 
Proc-Type: 4,ENCRYPTED 
DEK-Info: DES-EDE3-CBC,393C44619C5B62FB 
g7l6jpFKUWqiU+7wvS+CRCpYygAchVIJTHmR9mTQwxQD6XUMMBfmLO+K6EgB
GOt6HxqTxQsAIAYtHQD370qQVC9aKF4Du2TkMiAlAiET6lyw7yEZeipkY46l
Jm74SvFJxo3dLERKJBcDfNDoBJK/zjJN9I2zfUT2DgPodJwzWCfnk4g+/wWD
6wNOSGM57XjRPOQi4kJWI8zxX6v2REhybrfWwFxFaTpxMausotKa9R0hC+16
9DXGjnfXMPg6va6dMUVPHKhoNzUInRWA1FPF+Vt9z5X2jQMGf4AJN7W65QE7
Q0Boao+aOERKDVTzP1FftRL6X0+BgXMjetqKGP0tJydiAVuP6vXEy1n8Yreh
UJSqNHJXT23o6kry/s7tMqzoke96suSNyQKmPPjFq4MKe+v+/9mQzA4UUcVW
gCi2dqZxPhNsAzBXTyIrnFcPykOYQPmdLMjpxeavbj8F5qZ8pREqDw+WpL8o
nI64udLFL3kjN5tCC9l3wHKDUJd6Q9y95gTKBnVcCRNvlKuLXbb7O5Z1hYKh
pdqVJv8pLAhg2/BtTthseV8MjMnLEnbW6nSPSPLlev76vk/QK6PIR9hQrJGr
zXJDvcYEpXJ2YBcgvEIbKR/eFAsPeM4Gin00M6RjcDSO6p2ymxpiZ4AdDvgj
kTkAx7ZXkxwrr7rRTOgyZZvuY/CpJbW4gs9a+zej5U77RtWIHj+XZWvTQDPX
5VcqDtE/C/bcsM9OQB019rkEcgDjKDtu9uWfDscSCxzMwfCixHrpJwudVCF3
M6WAvfuB0SLc6UCBALHbln2SksaC+7teUwJP9XD8hg== 
-----END RSA PRIVATE KEY-----

-----BEGIN OPENSSH PRIVATE KEY----- 
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAA
BAxBix87dJvVrEotmWsbAZwAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AA
AAIPKKmhHgVw5SM8IHuo2XalsMHXvDwBxA7vL+TG/CACK9AAAAkNWU8rq/Tox
IgS2BXVJNJI8SI8qHehGmUGEmMIA+w+bpKwhfWj/Z24DHXrtdPpeTbUT7KHOD
lBu+StJpN1vtW5kNSuMpE9fL+0GEIasIDsEY9xD1sLtGAy0pMR6yzB3EW2OEZ
E8NoTCKJ0Xq18km8Uo1KG8naT2DeSEDzuHSP6NQWkJx5kBmP6jMW98HAsSIQA
== 
-----END OPENSSH PRIVATE KEY-----

PuTTY-User-Key-File-2: ssh-rsa 
Encryption: none 
Comment: imported-openssh-key 
Public-Lines: 6 
AAAAB3NzaC1yc2EAAAADAQABAAABAQDY3ZZzql+hnn8TpOHUk96KiX2pk8
ND5p+cEqLbFnpi5+5iqx1hdJbZo0oW69Gx3wcWD3RVT8fVJDPmtsXlZkRh
jGAOiz8VFpKJu2i2dyLZiX3xLzDI76aHIVW7Xehf3NE3ugHFjBiV41XaN6
MSE+xeP3U7Mp16Ee3lQZ8BJ5ujC5ZGhEgd27GIyV+yndee/T9YHms0tpYh
6AC039QFWot5LlHnz2FlvTqUmIvdn99KZSERlZ1sATceHxFHauJN6M0tFm
N1h/KfNBTflI5IUevOwpbEWnSBXOVM3pCFyftu9j7oQydtozE4G5T5Goxi
JJ5DbznnEcdW8lKAX7lMznvR 
Private-Lines: 14 
AAABADpl8U3UY0wyUiYIEIgeCZ9kxuITWFHAmNp+ajx1IR/hNOB9E7w+l6
CjyB/EAQPU+yOFpd4TTcynoxJNxZywnVlnY7aG6MXU/kD4pon8KvZJgBCi
lJCHeGCLKXr7HsgxvmUzQabgwv4Z6dSJhvAnTU9T5025o45rpZRGx3qYH+
EXjrG17tIog45xp3pk9qWo46ZdCMKNfa2LwNcibbVUPMvgLZah6b/atPI3
qXAqnoE4PWrVnNbgwP2vNnaYj/QK2gESc4nNkr0QEDZaLiYlUGJYmOKi7T
zVUVIRirwK4jAmFXyHcBiRNAwBonnIdIQKNgnZkdVuFKWjNvKPROTycQEA
AACBAPTa7XG7ko6aWE334HGGLLGRdtsgqePJfMl8hIm1wOsLkVZ7gLJH6T
0fhyR32oWnYNcvpgp/xVMpDdSp+tIJhTSlAAz+1jQAC5aNr/CXu6vQow6z
FSnoQIYtnr619JzRITs2kZlm8Sp/i709f+FXj47RJXGBTkOUfBtfgaVbIx
sVAAAAgQDivIXjCCbv4sLpomvrKjp8YTgrlmVadCIhIRsLxVwXQkFmUdsY
djD9gH1kCN/UAsYba0qs99+ih4QQM2KBz30nj5DREFMZrjQjPvFQ3KJ0zI
6KsIxQZ2fUOPhhg2SY8brwKQjfBuieFj7dI5kXBBoi4inQ/+Al8IjVGdCC
IK2czQAAAIB++WLFsz1J/zqskCM4Dyf927m00pmL99KuyaDK5Gad2Vmuj9
Ky4i9+TSVusm52h0HA6GHt0s2wLbdLJszVZwhB7sTIYI8unAhgN4mC9Z7z
ObvijFX3Z/h5gne771r0UAWUmFSU4g5Sd+kz4is5i8Ig1/Q5vR/sdWV/RO
cHkhUlCA==
Private-MAC: 91b6b2cd0050a2d8c5cf9920b9baf568c28cb16b

Was this article helpful?

24 out of 48 found this helpful

Related articles

Articles in this section

Add comment

Please sign in to leave a comment.

Comments

1 comment

Sort by
  • Alex Balcanquall

    This was really helpful, the export to host feature + keygen in the app just pushed me over the edge to start using keys for the first time (been meaning to do it for years).Β  Couple of comments.

    1. please add export to window app :-)
    2. export requires the home directory to exist for the user, on NAS systems like synology the admin will need to enable home dirs in the UI - might be worth calling out
    3. it would be nice to batch export to a group of hosts
    4. the export UI is odd on iOS - why do I have to click the apple share icon?

    thanks!

    Β 

    Alex Balcanquall
    0