pubkey authentication about mercury HOT 22 CLOSED

Passphrase protected keys are an additional way to gain time between loss of key and server side invalidation of the key (as they are hard to brute-force when generated correctly).
Surely one could rely solely on android mechanisms to prevent unwanted access to the secret key, but the choice should be left to the user.
Also, manually generated keys should be importable (maybe another issue) to prevent relying on a monoculture ecosystem.

from mercury.

This feature is not implemented yet, but it will be added very soon!

from mercury.

@chumma12 sure it does. A public key can (and should) be encrypted.

from mercury.

@chumma12 Well, in case of your device getting stolen bulk-revoking RSA keys is way less of a hassle than setting and remembering new passwords, especially for sysadmins with multiple clients, who have Mercury-SSH on their phones to check up on the machines they're managing every now and then. These guys would have to dig up the old passwords from god knows where (since along with their phone they've lost the JSON), SSH into every single host, change the password, possibly tell every client how they've f-ed up, send them new passes and lose people's trust. And that's the least they'd have to do in the best-case scenario where the thief wouldn't know about/what to do with what was on the phone. So yeah, that might be a nice feature.

from mercury.

Is it possible to add support for ssh key passphrases?

from mercury.

I need it too

from mercury.

Hope to see key-based authentication available as soon as possible! 👍
Without that Mercury-SSH is useless to me.

from mercury.

maybe there is a way to use ConnectBot for that? That could save a lot of coding work if ConnectBot could handle the key management and open the connection for Mercury.

from mercury.

Is this being worked on? Same problem as @P4z, I can't use this app without key auth, which is a shame. I'd try to figure it out myself, but school is unfortunately a thing.

from mercury.

@LumenTeun opensource is great as you can build your feature too ^_^
so, before saying "this is a shame" you could implement it... if you are not able to do it yourself you can always donate something to accelerate the process.
otherwise be quiet and wait for the willing @Skarafaz 👍

from mercury.

Would be nice :-)

from mercury.

+1

from mercury.

+1

from mercury.

Please add that, storing passwords in JSON plaintext is just asking for trouble, really!

from mercury.

If someone steals your phone, does it matter if you have stored plaintext password or the private key?

from mercury.

@rigid then you provide your password everytime you use the Mercury-SSH program?

from mercury.

@chumma12 at least, once everytime you reboot your phone, yes.

from mercury.

Whoop whoop 👏 🎉 😄

from mercury.

Yep! but to late I'm on iPhone now

from mercury.

I don't think it would so useful

from mercury.

Can you explain why?

from mercury.

This app uses a self generated private key which is stored in the internal storage (secure), so... why adding a passphrase? Just to type it each time you send a command?

from mercury.