Comments (25)
This might be due to submenus changing in the newest SDK.
Original comment by [email protected]
on 27 Aug 2008 at 5:46
from connectbot.
generating sshkeys on the device is interesting, but i think we should push
this to a
later version.
people might be copying over existing keys on their /sdcard.
interestingly, we should consider an "automation" framework. it might run "cat
'[key]' >> ~/.ssh/authorized_keys" upon login. other usage might include users
saying run "screen -dr" on connect, etc.
Original comment by Jeffrey.Sharkey
on 25 Oct 2008 at 3:24
- Added labels: Priority-Low, Type-Enhancement
- Removed labels: Priority-Medium, Type-Defect
from connectbot.
I would like to suggest that this is a higher priority than "low" ... I can't
use ssh
for anything real without key based auth. I'm sure there are other people out
there
who are similarly paranoid about their ssh requirements.
Original comment by [email protected]
on 26 Oct 2008 at 12:46
from connectbot.
I think this was marked "low" because you can always generate the actual keys on
another machine and then migrate them to the phone. Judging from irc chatter,
this
was considered the best solution because they didn't want to have to vouch for
the
safety of the java sshkey generation and didn't want another debian/ubuntu-style
clusterfuck on their hands.
There was some debate on irc as to the best way to get an ssh keypair (or at
least
the private key) to the phone-- ota methods like web and email were ruled out
for
security reasons. The SDcard import looks to be the safest way.
As for the actual sshkey-auth method, I believe it is going in as we speak.
Just
generate your keys on another machine and move it to your phone when this thing
is
ready (which I hear may be Monday)
Kudos to Jeff Sharkey and the other developers!
W
Original comment by [email protected]
on 26 Oct 2008 at 5:45
from connectbot.
[deleted comment]
from connectbot.
Will it just find the private key on the SD card? or do I need to put it
somewhere
specific?
Original comment by [email protected]
on 27 Oct 2008 at 12:56
from connectbot.
I personally would not put my private key on the SD card. I believe any
Android app
can access the entire SD card with no permissions.
However, I also think the app should not generate the private key. I have
doubts
about the quality of the devices RNG.
If the app could implement SCP, that would be best. Or perhaps offer a menu
item to
"copy and paste" the private key from an active (password-authenticated)
session into
the private keystore?
Original comment by abliss
on 28 Oct 2008 at 9:43
from connectbot.
There have been a few discussions about how to import a key. if you do it off
the SDCard it will be imported
and then you could delete it-- it wouldn't need to be there long. Someone
could have a service constantly
scanning the card looking for keys, but you'd have to have run that program...
Alternatives discussed on IRC included mailing the key (insecure), IMing the
key (insecure), etc etc. SCP or
copy/paste from a secure session would be good, but you'd need a secure
connection (via password) in the
first place...
Personally I think the app generating the key is a good idea... cuz at least if
there are problems you can shut
down access to this one key... then again, people have their public key
already on 50 machines so maybe they
do want to import...
W
Original comment by [email protected]
on 29 Oct 2008 at 1:01
from connectbot.
I just added rudimentary publickey support in SVN r86.
Right now you can only generate public keys on the device itself. Randomness is
generated by the user, so people don't have to worry about weak entropy sources.
RSA and DSA keys can be copied to the clipboard and deleted only for right now.
Original comment by [email protected]
on 29 Oct 2008 at 5:05
- Changed state: Started
from connectbot.
While I realize keygen isn't expected to work fully in SVN r86, I thought you
should
be aware that while generating a key in landscape mode you can't see all of the
options and there is no ability to scroll.
Original comment by [email protected]
on 29 Oct 2008 at 2:28
from connectbot.
I made a change in SVN r87 to allow scrolling in landscape mode until we get
something better looking in there.
Original comment by [email protected]
on 29 Oct 2008 at 5:56
from connectbot.
I just downloaded the App from the Android market, and cannot find a way to
provide
my key even though there seems to be at least "some way" to do it (see comment
9).
Could it be that version on the Android Market is older and does not yet have
this
feature?
Thanks
Original comment by [email protected]
on 30 Oct 2008 at 5:52
from connectbot.
The version in the market is r85 (
http://code.google.com/p/connectbot/source/detail?r=85 ). Public key generation
started in r86. Note that it's public key *generation*; import doesn't work yet.
Also, while it can generate keys with a passphrase it can't yet use those to
login
(although eys without a passphrase work beautifully).
I imagine that the app won't be updated on the market again until public keys
are
more fully supported, but I'm not on the dev team so I don't know. In the
meantime
there are instructions on the project homepage about how to install the latest
development builds. Also, if you haven't seen it this page is an easy way to
keep up
with the dev. build process:
http://code.google.com/p/connectbot/updates/list
Original comment by [email protected]
on 30 Oct 2008 at 1:11
from connectbot.
I'm going to wait for this to be complete to release 1.2
Original comment by [email protected]
on 31 Oct 2008 at 9:42
- Changed title: Public key authentication
- Added labels: Milestone-Release1.2
from connectbot.
I added support for password-protected pubkeys in SVN r102
Original comment by [email protected]
on 1 Nov 2008 at 9:46
from connectbot.
latest svn now has support for importing existing keys from /sdcard, which
includes
any openssh-formatted keys (with or without passphrases). format similar to:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,0000000000000000
OhHaiImRand0mBase64T3xt...
-----END RSA PRIVATE KEY-----
Original comment by Jeffrey.Sharkey
on 3 Nov 2008 at 3:23
from connectbot.
I'm considering pubkey authentication complete. Any defects should be opened up
as a
new issue. Thanks for the import function, Jeffrey.
Original comment by [email protected]
on 3 Nov 2008 at 4:06
- Changed state: Fixed
from connectbot.
This works, but the current language is slightly confusing. When there are no
keys,
it says "Tap Menu to create or import public keys." However, what you are
really
doing is creating key pairs or importing your _private_ keys.
Original comment by [email protected]
on 10 Nov 2008 at 3:47
from connectbot.
Oh, also... when the sd card is not available (not inserted or currently
mounted by
computer), you get the "pick from sdcard" dialog with nothing listed. Ideally
it
would tell you that the sdcard is not available (otherwise this dialog is kinda
confusing).
Original comment by [email protected]
on 10 Nov 2008 at 3:48
from connectbot.
And one more note, the file list from the sdcard is in no discernible order.
It'd be
great if it were alphabetical.
Original comment by [email protected]
on 10 Nov 2008 at 3:49
from connectbot.
Hi folks
I may be extremely dense, but could anyone point me to where and how one can
mount
/sdcard. It definitely is neither mounted nor available on my htc magic.
Also it would be extremely helpful if the accepted import format for rsa
private keys
could be defined somewhere.
Where is the pubic key exported to and how can it be copied to the target
machine.
Basically I would expect it to be stored somewherre on the sdcard and accessible
through all normal usb mass storage operation, but then...
Original comment by [email protected]
on 6 Nov 2009 at 8:48
from connectbot.
I made a video tutorial on how to use pubkey authentication. That and other
videos
can be reached at http://code.google.com/p/connectbot/wiki/UserInterface
There's not a way to export the pubkey to the SD card, but there is a ticket
open for
that. Right now it just copies it to the clipboard for pasting in another
application.
Original comment by [email protected]
on 6 Nov 2009 at 1:45
from connectbot.
I'd love to have it be able to read from any folder in the SD card. Only after I
found this ticket was I able to get my private key imported, and I use SSH
literally
hundreds of times a day, with multiple private keys, on multiple operating
systems.
Original comment by [email protected]
on 11 Nov 2009 at 4:36
from connectbot.
I am going to make a quick post explaining how to import your private key
because this was not obvious to me.
1 - Plug in your phone
2 - Go to the status menu pulldown on the home screen and click something like
"USB Connected" from the menu
3 - Click MOUNT
4 - Go to My Computer (if you are using Windows) and double click the new drive
letter which should be your SD Card. If you are using Linux then mount the
new drive (in KDE you click on the USB notification on the bottom right then
open it with Nautilus).
5 - Copy your private key to the root of the SD card (don't put it in a folder
or you cannot import it into ConnectBot).
6 - Unmount the folder on Linux. If you are using Windows then double click
the Safely Remove Device icon on the bottom right hand corner of your screen.
(If not sure how to navigate the complicated device removal wizard then convert
to Ubuntu because it is easier.)
7 - Go back to your phone, go back to the status drag-down menu, click Turn Off
USB Storage, click TurnOff
8 - Launch ConnectBot
9 - Click MENU -> Manage Public Keys -> Click the MENU key again -> Click IMPORT
10 - You should see your private key in the list. Click on it to import it.
11 - You should now see your private key in the list of available keys. You
have to unlock the key by clicking on the red lock once and you may have to
enter your key's passphrase/passcode. Once loaded your "lock" should turn
green and look like an open padlock. You can also automatically load the key
by pressing and holding your finger on the key until the menu appears. Check
"Load key on start".
I hope this helps someone.
Original comment by [email protected]
on 2 Sep 2010 at 2:50
from connectbot.
Regarding importing public/private keys -- I put my keys into the root of my
sdcard and connectbot didn't see them. After many different changes which I
won't bore you with, I found another post which said to connect via the local
command-line.
I ended up copying my .ssh folder from my desktop and placing it onto my sdcard
(as 'ssh' not '.ssh'). Then from connectbot's "local" shell:
cd /sdcard
cp ssh/id* .
At this point the permissions were automatically set to something connectbot
could see. Maybe because I don't have root on this device? After reading in
the keys with connectbot I deleted them from the sdcard.
Original comment by [email protected]
on 13 Apr 2011 at 7:37
from connectbot.
Related Issues (20)
- ConectBot breaks Lock screen HOT 1
- Google Glass crash on connect HOT 3
- Feature Request - ANSI emulation support for old BBS games HOT 2
- supoort for private key custom location
- responsiveness improvements for connectbot HOT 1
- Add mosh support
- [deleted issue]
- Wrong key mapping for bluetooth keyboard
- Yoga
- Virtual keyboard does not appear
- Menu button when creating port forwards not available on Samsung Tab S 8.4 HOT 1
- ConnectBot won't connect
- Color prompt is shown twice. First without colorls then with. HOT 2
- problem to autenticate in server HOT 1
- All functions in the menu are unusable in Lollipop when multiple keyboards are available HOT 1
- Interface language selection
- Invalid host key verification message displays when connecting to existing host with new algorithm HOT 3
- function keys on hackers keyboard stopped working in 1.8.2
- Can't connect to specific host
- problem when copy-paste a long command line in terminal while telnet-connected
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from connectbot.