Requirements
Support for ed25519-sk or ecdsa-sk SSH key available only on Termius Desktop app 7.36.0 or newer and in the following plans:
- Trial
- Team
- Premium
If the app version is Termius Desktop with version 7.36.0 or higher, but the connection is not yet established, please contact support about the issue. Please attach the video or a screenshot that illustrates the issue.
The usual workflow with ed25519-sk or ecdsa-sk SSH key is the following:
- adding a new SSH key on the Keychain screen
- attaching this SSH key to a host and set up a username for the host
- connecting with SSH or mosh to the host,
- if the SSH private key is encrypted and the passphrase was not provided, the app will request the ssh key passphrase.
- If the SK SSH key was created with the option
verify-required
, the app would request the FIDO2 PIN for the hardware key - if the SK SSH key wasn't created with the option
no-touch-required
, the app would request a user presence.
OS-specific requirements
Termius app requires access to Hardware keys to complete authentication ed25519-sk or ecdsa-sk SSH key. So please make sure you granted permission to the app to use USB devices.
Authenticating with ed25519-sk or ecdsa-sk SSH keys requires a hardware key plugged into your device and recognized respectively by the OS.
Windows. Using FIDO2 keys may require installing drivers for your hardware keys. Please search for drivers of your hardware key vendor's website. E.g., Yubikey smart card driver.
Linux. You will need to add a udev rule to be able to access the FIDO device. For example, the udev rule may contain the following:
#udev rule for allowing HID access to Yubico devices for FIDO support. KERNEL=="hidraw*", SUBSYSTEM=="hidraw", \ MODE="0664", GROUP="plugdev", ATTRS{idVendor}=="1050"
Hardware Key Device Support
Termius support the FIDO U2F (CTAP 1) and FIDO 2.0 (CTAP 2) protocols. We tested it only on a limited number of devices. If you face connection issues with ed25519-sk or ecdsa-sk SSH keys, please contact support about the issue and describe the model of the hardware key you use.
Was this article helpful?
Articles in this section
- When trying to make a serial connection, I get a 'Permission denied' error
- I signed up with Apple on one device and but can't do it on another one. How to resolve it?
- I can't connect using an ed25519-sk or ecdsa-sk key
- I can't use the iOS app in the background
- I did not receive the email for approving login from a new IP address
- I can't enter characters (pipe, backslash, etc.) using the Option key
- I don't see the local terminal option in the desktop app
- I can't use Termius for Android in the background
- Terminal sharing: Known issues and limitations
- Termius keeps asking me to provide the passphrase for my PuTTY key
Add comment
Please sign in to leave a comment.