SSH / Mosh / Telnet

Last updated 2 days ago

SSH (Secure Shell)

SSH is a protocol for creating encrypted network connections on insecure networks, such as the Internet. It’s a secure replacement for Telnet. When you log in to an SSH server, all credentials are transmitted securely, including your password and your private SSH key.

SSH is a connection over TCP, which means that if the network connection is interrupted, the session may be lost. (That’s where Mosh comes in handy.)

Here is a comprehensive list of what SSH capabilities are currently supported in the app and what will be added soon.

Key Exchange Methods

  • curve25519-sha256@libssh.org

  • ecdh-sha2-nistp256

  • ecdh-sha2-nistp384

  • ecdh-sha2-nistp521

  • diffie-hellman-group14-sha1

  • diffie-hellman-group-exchange-sha256

  • diffie-hellman-group-exchange-sha1

  • diffie-hellman-group1-sha1

Hostkey Types

Type

Availability

ssh-rsa

ssh-dss

ssh-ed25519

ecdsa-sha2-nistp256

ecdsa-sha2-nistp384

ecdsa-sha2-nistp521

Available on all platforms

ssh-rsa-256 (sign-only)

ssh-rsa-512 (sign-only)

Not available on Android yet

ssh-rsa-cert-v01@openssh.com

ssh-dss-cert-v01@openssh.com

ssh-ecdsa-sha2-nistp256-cert-v01@openssh.com

ssh-ecdsa-sha2-nistp384-cert-v01@openssh.com

ssh-ecdsa-sha2-nistp521-cert-v01@openssh.com

ssh-ed25519-cert-v01@openssh.com

Coming soon for all platforms

Ciphers

Type

Availability

chacha20-poly1305@openssh.com

aes128-ctr

aes128-cbc

aes192-ctr

aes192-cbc

aes256-ctr

aes256-cbc

3des-cbc

blowfish-cbc

arcfour

Available on all platforms

arcrour128

cast128-cbc

aes128-gcm@openssh.com

aes256-gcm@openssh.com

Not available on Android yet

MAC Hashes

Type

Availability

hmac-md5

hmac-md5-96

hmac-sha1

hmac-sha1-96

hmac-sha2-256

Available on all platforms

hmac-sha2-512

hmac-ripemd160

umac-64@openssh.com

umac-128@openssh.com

umac-64-etm@openssh.com

umac-128-etm@openssh.com

hmac-sha1-etm@openssh.com

hmac-sha1-96-etm@openssh.com

hmac-sha2-256-etm@openssh.com

hmac-sha2-512-etm@openssh.com

hmac-md5-etm@openssh.com

hmac-md5-96-etm@openssh.com

Not available on Android yet

Authentication Methods

Type

Availability

Certificate

Coming soon for all platforms

Public Key

Password

Keyboard-Interactive

Two-Factor Authentication

Available on all platforms

Supported Keys

Type

iOS

Android

Desktop

DSA

Yes

Yes

Yes

RSA

Yes

Yes

Yes

ECDSA

Yes

Yes

Yes

ed25519

Yes

Yes

Yes

Putty-DSA

Yes (1)

Yes

Yes (1)

Putty-RSA

Yes (1)

Yes

Yes (1)

Putty-ECDSA

Yes (1)

No

Yes (1)

Putty-ed25519

Yes (1)

No

Yes (1)

  1. Converts to OpenSSH format at start of session

  2. Unless otherwise prefixed by Putty, all other keys listed are in OpenSSH format.

Proxy

Type

Availability

HTTP

Premium Only

SOCKS5

Premium Only

Port Forwarding

Type

Availability

Local

Yes

Remote

Yes

Dynamic

Premium Only

Mosh (Mobile Shell)

Mosh is a companion protocol to SSH that maintains sessions when TCP is interrupted. It employs a parallel UDP session which can keep the session alive if TCP breaks. That also enables Mosh to maintain its own terminal buffer that intelligently echoes your input, even if the server is slow or the network lags. No more waiting patiently on slow connections to see what you typed.

The enhancements provided by Mosh are really important to reliable mobile connectivity. If your device changes networks or powers down, Mosh can keep your session alive until your connection is re-established.

The Mosh service is distinct from SSH, and must be installed and configured separately on your host system. Once the service is up and running, you’re free to roam with Termius — just enable Mosh in your host entry, and connect.

Implementation

Termius is compatible with the original Mosh server though only with server version 1.3.0 and above.

Termius uses its our own client library for Mosh compatibility.

Telnet

Telnet is a protocol for establishing unsecured remote terminal connections. It does not encrypt anything, even your password, so it should never be used for transacting sensitive information.

However, Telnet is still useful in some scenarios, such as interfacing at a diagnostic level with network hardware, or watching ASCII art at towel.blinkenlights.nl. Under the hood, Termius relies on this implementation of the protocol.

To create a Telnet connection in Termius, edit the host entry, and enable Telnet.