Section 15: SSH Key Manager

The Key Manager is accessed via the Settings screen. On this screen, you can create new SSH keys for your device, and also remove any keys you've previously created.

Note: Public key authentication is a somewhat advanced procedure that not all users will require. If you're unsure about what key-based authentication is, or why you'd want to use it, then we recommended reading one of the many tutorials available on the internet.

Tap "Create New Key" to create a new key, or tap on any of your previously created keys to view the key details.

When creating a new key, specify a descriptive name for your key, and choose the key type and bit length. TouchTerm supports RSA (SSH Protocol 1 and 2) and DSA (SSH Protocol 2) keys. Note that DSA keys must be 1024 bits, and RSA keys can be between 768 and 4096 bits. (Also note that generation of large RSA keys make take a long time -- please be patient!)

You may optionally specify a passphrase for your new key. If you do this, whenever the key is to be used to establish a connection, TouchTerm will first require this passphrase before sending the key to the server. When you associate a key with a connection on a Connection Profile page (see above), if the "save passwords" setting is on, you can also enter its passphrase there (into the "password" field) to be saved such that when you open that particular connection you aren't prompted for the passphrase for the key. Note that there is NO way to recover a passphrase that has been associated with a key if you lose or forget it.

From the Key Manager screen, you can tap on any of the keys you've created to bring up the key details. This screen will display information about the type and bit length of the key (but not the passphrase!), as well as an action button to e-mail the public key contents. Tap this button to distribute your public key via email, either to yourself or your system administrator for installation on the server(s) you wish to connect to.

After the public key is properly installed on the remote system, you can use the Connection Profile screen to associate your saved key with a particular server (and optionally remember the passphrase). After this, TouchTerm will use your saved key to authenticate to the remote server.

If you access the Key Manager from within an active terminal session, you can also use the Key Detail page to export the contents your public or private keys directly into the session:

Note that these will send the key contents directly to the remote host, so be sure you are in a text editor or some other appropriate environment for receiving the key contents!