MidpSSH | SSH and Telnet client for Mobile Devices

Public key authentication is now available instead of password authentication. It is only supported in SSH 2 and only for ssh-dss keys.

You can enable public key authentication on the SSH Settings screen, where there is an option to turn it On or Off. When you turn “Public Key” on for the first time you may need to wait briefly while your keys are generated (depending upon the speed of your device).

Once you have enabled public key authentication you can choose to use it instead of a password on any given session with “Use Public Key” on the session form.

Public key authentication uses a private and public key pair. The private key is generated on the phone and stored there. It never leaves the phone. The public key is safe to be disclosed to anyone. In particular you need to disclose it to your server in order to use it for authentication.

The public key is rather large, so you don’t want to have to type it in manually. Luckily MidpSSH can type it in for you. When you are ready to type the text into the terminal, press the menu button, then select the “Special” item, then “Output,” then select “Public Key” to have your key typed into the terminal.

Configuring your server to allow your public key for authentication will vary depending upon the server. If you don’t know how, or what server you have, you probably have OpenSSH. Mac OS X’s ssh server, called “Remote Login”, is OpenSSH; it is enabled in the System Preferences under Sharing.

In your home directory you need to have a .ssh directory. In the .ssh directory create (or edit) an authorized_keys file. (Some versions require you to use authorized_keys2 for SSH2 connections; with current versions both files should be parsed, but if you have problems this may be a place to start.) That file takes the format:

<key type> <key blob> <comment>

The key type will be ssh-dss. The key blob is a big base 64 encoded blob of your public key, and comment is an optional description/reminder of what the key is for.

So open or create the authorized_keys file and then position your cursor on a new line. Trigger the typing of the public key in the Special menu, and you’ll see the key type and blob appear; now you can type a space and then a comment if you like. Then save the file. It is very important that your whole key be on one line. From my experences pico likes to add line breaks; you may need to edit this file on your computer. (It’s a good idea at least to check)

You may need to ensure that the permissions on the .ssh directory and authorized_keys file permit only you to read or write to them (otherwise the server may refuse to read them!).

You should now be ready to activate public key authentication on that session and try to connect again.

If you have trouble try running your SSH server in debug mode on another port, eg.

sshd -d -p 1234

Some example commands to append your Public Key to your authorized_keys file:

• umask 077;mkdir ~/.ssh;echo (There should be space after echo Don’t “Enter”, use “Type”)
• output your Public Key (see above)
• “>> ~/.ssh/authorized_keys” (now you can use “Enter”.)

(using echo will put your key on one line). Happy Public Keying!

Two other ways are available:-

You can also start a telnet server on your machine, e.g.

netcat -l -p 9999

Then open a telnet session from MidpSSH, output your Public Key (see above) and copy and paste the key from the output of netcat to your .authorized_keys.

Alternatively you can SSH to a machine that is not restricted to pubkey authentication with MidpSSH, run ‘screen’ and output your Public Key (see above) into that session. Then from an actual computer join that screen’ed session with ‘screen -rd’ and you will be presented with the key ready for you to cut’n’paste apprioately around.

Passphrases are currently not supported. See SSH Settings for workarounds.