Supported Protocols
SSH is a protocol for creating encrypted network connections on insecure networks, such as the Internet. It’s a secure replacement for Telnet. When you log in to an SSH server, all credentials are transmitted securely, including your password and private SSH key.
SSH works over TCP, which means that if the network connection is interrupted, the session may be lost. (That’s where Mosh comes in handy.)
Below is a comprehensive list of what SSH capabilities are currently supported in the app and what will be added soon.
Type | Availability |
curve25519-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha1 diffie-hellman-group14-sha256 diffie-hellman-group-exchange-sha256 diffie-hellman-group-exchange-sha1 diffie-hellman-group1-sha1 | All platforms |
Type | Availability |
ssh-rsa ssh-dss ssh-ed25519 ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 rsa-sha2-256 (sign-only) rsa-sha2-512 (sign-only) hmac-ripemd160 hmac-ripemd160@openssh.com | All platforms |
ssh-rsa-cert-v01@openssh.com ssh-dss-cert-v01@openssh.com ssh-ecdsa-sha2-nistp256-cert-v01@openssh.com ssh-ecdsa-sha2-nistp384-cert-v01@openssh.com ssh-ecdsa-sha2-nistp521-cert-v01@openssh.com ssh-ed25519-cert-v01@openssh.com | Coming soon |
Type | Availability |
chacha20-poly1305@openssh.com aes128-ctr aes128-cbc aes192-ctr aes192-cbc aes256-ctr aes256-cbc rijndael-cbc@lysator.liu.se 3des-cbc blowfish-cbc arcfour arcrour128 cast128-cbc aes128-gcm@openssh.com aes256-gcm@openssh.com | All platforms |
Type | Availability |
hmac-md5 hmac-md5-96 hmac-sha1 hmac-sha1-96 hmac-sha2-256 hmac-sha2-512 hmac-ripemd160 umac-64@openssh.com umac-128@openssh.com umac-64-etm@openssh.com umac-128-etm@openssh.com hmac-sha1-etm@openssh.com hmac-sha1-96-etm@openssh.com hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-md5-etm@openssh.com hmac-md5-96-etm@openssh.com | All platforms |
Type | Availability |
Certificate | Coming soon |
Password Public key Keyboard-Interactive Two-Factor Authentication | All platforms |
Type | Availability |
DSA RSA ECDSA ed25519 PuTTY-DSA PuTTY-RSA PuTTY-ECDSA PuTTY-ed25519 | All platforms |
Type | Availability |
HTTP | All platforms |
SOCKS5 | All platforms |
SOCKS4 | iOS, Android |
Mosh is a companion protocol to SSH that maintains sessions when TCP is interrupted. It employs a parallel UDP session which can keep the session alive if TCP breaks. That also enables Mosh to maintain its own terminal buffer that intelligently echoes your input, even if the server is slow or the network lags. No more waiting patiently on slow connections to see what you typed.
The enhancements provided by Mosh are really important to reliable mobile connectivity. If your device changes networks or loses connection, Mosh can keep your session alive until your connection is re-established.
The Mosh service is distinct from SSH, and must be installed and configured separately on your host system. Once the service is up and running, you’re free to roam with Termius — just enable Mosh in your host entry, and connect.
Termius uses its own library for Mosh compatibility.
Termius is compatible with Mosh 1.3.0 and above.
Telnet is a protocol for establishing unsecured remote terminal connections. It does not encrypt anything, even your password, so it should never be used for transacting sensitive information.
However, Telnet is still useful in some scenarios, such as interfacing at a diagnostic level with network hardware, or watching ASCII art at towel.blinkenlights.nl.
Under the hood, Termius relies on this implementation of the protocol.
To create a Telnet connection, enable Telnet in the host entry.
