Keychain Keychain
  1. Termius Support
  2. Getting started
  3. Basics

Keychain

Dmitry Machulo Dmitry Machulo

Keychain is a section in Termius, where you can import and generate ssh keys, and create identities. It is also where you can see, edit and remove all your imported or generated keys and identities.

☝️ For key-based authentication, link a key with a host in the host properties.

In the desktop app, the keychain can be found in Preferences > Keychain. In the mobile apps, select Keychain from the main menu.

🔒 Key-based authentication keeps your data safe, because a key is much longer, harder to obtain via input logging, and generally more secure than a password.

 ⬇ Import a key

You can import a key by selecting a file containing the key or pasting the key from the clipboard. See the appropriate section below for more info.

💻 Desktop
📱 Android
  1. In Preferences choose Keychain.
  2. Click + New Key.
  3. In the Label field, provide a name for the key.
  4. In the Passphrase field, specify a passphrase, if the key is protected with it. If you don’t specify a passphrase, you’ll be asked for it upon connection.
  5. Choose one of the following:
    1. To import a file with a key, click File and select it.
    2. To paste a key from the clipboard that is a PEM/Open SSH key:
      1. Copy and paste the private key into the Private Key field. Make sure you copy the complete key, that is along with BEGIN and END tags.
      2. (Optionally) Copy and paste the public key into the Public Key field. Make sure you copy the key completely, i.e. beginning with ssh-rsa.
    3. To paste a Putty (.ppk) key from the clipboard, copy and paste the contents of the file into the Private Key field.
  6. Click Save.
  1. Navigate to the Keychain screen.
  2. Tap + and choose one of the following:
    1. To import a file containing the key:
      1. Tap Import Key and select the file.
      2. In the Name field, provide a name for the key (optionally).
      3. In the Passphrase field, specify a passphrase, if the key is protected by it. Otherwise, you’ll be asked for it upon connection.
      4. Tap .
    2. To paste a key from clipboard:
      1. Tap Paste Key.
      2. In the Name field, specify a name for the key.
      3. In the Passphrase field, specify a passphrase, if the key is protected by it. If you don’t specify it, you’ll be asked for it upon connection.
      4. For a PEM/Open SSH key, copy and paste the private key into the Private Key field. For a Putty (.ppk) key, copy / paste the full file contents into the Private Key field.
      5. Tap .

📲 Import a key on iOS

Import (select) a file
Paste a key from the clipboard
  1. Make sure the file extension is text, txt, pem, key or ppk.
  2. Transfer the file the preferred way, e.g. downloading, iCloud Drive, Finder or AirDrop. If you’re going to download it or use iCloud Drive, place the file in Files > On my... > Termius. When using AirDrop, you may see the Paste Key form - if you do, skip to step 6.
  3. In Termius, go to the Keychain.
  4. Tap + at the top left and then Import Key.
  5. Select the key.
  6. In the Name field, provide a name for the key (optionally).
  7. In the Passphrase field, specify a passphrase, if the key is protected by it. Otherwise, you’ll be asked for it upon connection.
  8. Tap Save.
  1. Navigate to the Keychain screen.
  2. Tap Paste Key.
    1. In the Name field, specify a name for the key.
    2. In the Passphrase field, specify a passphrase, if the key is protected by it. If you don’t specify it, you’ll be asked for it upon connection.
    3. For a PEM/OpenSSH key, copy and paste the private key into the Private Key field.
      For a Putty (.ppk) key, copy / paste the full file contents into the Private Key field.
    4. Tap Save.

🔢 Generate a key

ℹ️ Generating keys is currently possible only on a mobile.

Once a key is generated, you can export it to a remote machine via GUI. That is you can add its public part to the authorized_keys file, which is stored on the server, right from the app (provided it is an OpenSSH server).

On iOS, you can generate and store a key in 🔐 Secure Enclave.

📱 Mobile
  1. Navigate to the Keychain screen.
  2. Tap + and then Generate Key.
  3. Specify the parameters of the key. Add a passphrase, if desired, and enable Save passphrase so as not to be asked for it every time you connect.
  4. Tap Save / .

⬆ Export a key to a host

📱 iOS
📱 Android
  1. Navigate to the Keychain screen.
  2. Tap and hold the required key.
  3. Choose Share and Export to Host.
  4. Tap the required host and then Export.
  1. Navigate to the Keychain screen.
  2. Tap the required key.
  3. Tap  at the top right and then Export to host.
  4. Tap the Host field and select the required host.
  5. Tap .

👤 Identities

Identities are useful when you have several hosts requiring the same credentials/key. Attach one to those hosts, and then, once a user name, password, or key for those hosts is changed, you’ll only have to edit the identity instead of every single host.

Add an identity

💻 Desktop
📱 Mobile
  1. In Preferences choose Keychain.
  2. Click + New Identity.
  3. (Optionally) in the Label field, provide a name for the identity.
  4. Fill in the rest of the form, as required.
  5. Click Save.
  1. Navigate to the Keychain screen.
  2. Tap + and choose New Identity.
  3. (Optionally) In the Name field, provide a name for the identity.
  4. Fill in the rest of the form, as required.
  5. Tap Save / .

Key examples

Public key
Private key (PEM)
Private key (OpenSSH)
PPK
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7sjK625IlQyhQ1zFP4Fli3Ra7qt0amEJe+HO6TjEvkIO4a2MInSYGy6ujuSVEjzWuTC89KikcWlPsgwY6evbDiyCExubai+yWRxZL8Vyr9v3fWTcoUWPbW5yvdASS6QKaCRtOKV4dCl6xG2RTh3BiYuWKFOQb6AS0HdiGElKBLsQNjRGpxAWQ5a64ZiLEKDwCIDyN5wNCMp4Naa7Zv1vzWIOdm8D/yl/PmckealSZimKo0+/tfRKV03rQi2a1ANEPxJM5wmnFKQe4InLzs2x+HUlpfoi1bvecBgJvnN9Kr04sa03NUvy4UABQrmg/haM+PEq5EnXS4Bfh93SJin8J

-----BEGIN RSA PRIVATE KEY----- 
Proc-Type: 4,ENCRYPTED 
DEK-Info: DES-EDE3-CBC,393C44619C5B62FB 
g7l6jpFKUWqiU+7wvS+CRCpYygAchVIJTHmR9mTQwxQD6XUMMBfmLO+K6EgB
GOt6HxqTxQsAIAYtHQD370qQVC9aKF4Du2TkMiAlAiET6lyw7yEZeipkY46l
Jm74SvFJxo3dLERKJBcDfNDoBJK/zjJN9I2zfUT2DgPodJwzWCfnk4g+/wWD
6wNOSGM57XjRPOQi4kJWI8zxX6v2REhybrfWwFxFaTpxMausotKa9R0hC+16
9DXGjnfXMPg6va6dMUVPHKhoNzUInRWA1FPF+Vt9z5X2jQMGf4AJN7W65QE7
Q0Boao+aOERKDVTzP1FftRL6X0+BgXMjetqKGP0tJydiAVuP6vXEy1n8Yreh
UJSqNHJXT23o6kry/s7tMqzoke96suSNyQKmPPjFq4MKe+v+/9mQzA4UUcVW
gCi2dqZxPhNsAzBXTyIrnFcPykOYQPmdLMjpxeavbj8F5qZ8pREqDw+WpL8o
nI64udLFL3kjN5tCC9l3wHKDUJd6Q9y95gTKBnVcCRNvlKuLXbb7O5Z1hYKh
pdqVJv8pLAhg2/BtTthseV8MjMnLEnbW6nSPSPLlev76vk/QK6PIR9hQrJGr
zXJDvcYEpXJ2YBcgvEIbKR/eFAsPeM4Gin00M6RjcDSO6p2ymxpiZ4AdDvgj
kTkAx7ZXkxwrr7rRTOgyZZvuY/CpJbW4gs9a+zej5U77RtWIHj+XZWvTQDPX
5VcqDtE/C/bcsM9OQB019rkEcgDjKDtu9uWfDscSCxzMwfCixHrpJwudVCF3
M6WAvfuB0SLc6UCBALHbln2SksaC+7teUwJP9XD8hg== 
-----END RSA PRIVATE KEY-----

-----BEGIN OPENSSH PRIVATE KEY----- 
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAA
BAxBix87dJvVrEotmWsbAZwAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AA
AAIPKKmhHgVw5SM8IHuo2XalsMHXvDwBxA7vL+TG/CACK9AAAAkNWU8rq/Tox
IgS2BXVJNJI8SI8qHehGmUGEmMIA+w+bpKwhfWj/Z24DHXrtdPpeTbUT7KHOD
lBu+StJpN1vtW5kNSuMpE9fL+0GEIasIDsEY9xD1sLtGAy0pMR6yzB3EW2OEZ
E8NoTCKJ0Xq18km8Uo1KG8naT2DeSEDzuHSP6NQWkJx5kBmP6jMW98HAsSIQA
== 
-----END OPENSSH PRIVATE KEY-----

PuTTY-User-Key-File-2: ssh-rsa 
Encryption: none 
Comment: imported-openssh-key 
Public-Lines: 6 
AAAAB3NzaC1yc2EAAAADAQABAAABAQDY3ZZzql+hnn8TpOHUk96KiX2pk8
ND5p+cEqLbFnpi5+5iqx1hdJbZo0oW69Gx3wcWD3RVT8fVJDPmtsXlZkRh
jGAOiz8VFpKJu2i2dyLZiX3xLzDI76aHIVW7Xehf3NE3ugHFjBiV41XaN6
MSE+xeP3U7Mp16Ee3lQZ8BJ5ujC5ZGhEgd27GIyV+yndee/T9YHms0tpYh
6AC039QFWot5LlHnz2FlvTqUmIvdn99KZSERlZ1sATceHxFHauJN6M0tFm
N1h/KfNBTflI5IUevOwpbEWnSBXOVM3pCFyftu9j7oQydtozE4G5T5Goxi
JJ5DbznnEcdW8lKAX7lMznvR 
Private-Lines: 14 
AAABADpl8U3UY0wyUiYIEIgeCZ9kxuITWFHAmNp+ajx1IR/hNOB9E7w+l6
CjyB/EAQPU+yOFpd4TTcynoxJNxZywnVlnY7aG6MXU/kD4pon8KvZJgBCi
lJCHeGCLKXr7HsgxvmUzQabgwv4Z6dSJhvAnTU9T5025o45rpZRGx3qYH+
EXjrG17tIog45xp3pk9qWo46ZdCMKNfa2LwNcibbVUPMvgLZah6b/atPI3
qXAqnoE4PWrVnNbgwP2vNnaYj/QK2gESc4nNkr0QEDZaLiYlUGJYmOKi7T
zVUVIRirwK4jAmFXyHcBiRNAwBonnIdIQKNgnZkdVuFKWjNvKPROTycQEA
AACBAPTa7XG7ko6aWE334HGGLLGRdtsgqePJfMl8hIm1wOsLkVZ7gLJH6T
0fhyR32oWnYNcvpgp/xVMpDdSp+tIJhTSlAAz+1jQAC5aNr/CXu6vQow6z
FSnoQIYtnr619JzRITs2kZlm8Sp/i709f+FXj47RJXGBTkOUfBtfgaVbIx
sVAAAAgQDivIXjCCbv4sLpomvrKjp8YTgrlmVadCIhIRsLxVwXQkFmUdsY
djD9gH1kCN/UAsYba0qs99+ih4QQM2KBz30nj5DREFMZrjQjPvFQ3KJ0zI
6KsIxQZ2fUOPhhg2SY8brwKQjfBuieFj7dI5kXBBoi4inQ/+Al8IjVGdCC
IK2czQAAAIB++WLFsz1J/zqskCM4Dyf927m00pmL99KuyaDK5Gad2Vmuj9
Ky4i9+TSVusm52h0HA6GHt0s2wLbdLJszVZwhB7sTIYI8unAhgN4mC9Z7z
ObvijFX3Z/h5gne771r0UAWUmFSU4g5Sd+kz4is5i8Ig1/Q5vR/sdWV/RO
cHkhUlCA==
Private-MAC: 91b6b2cd0050a2d8c5cf9920b9baf568c28cb16b

Was this article helpful?

0 out of 0 found this helpful

Articles in this section

Add comment

Please sign in to leave a comment.