Biometric SSH Keys are securely stored on your device in a trusted execution environment and protected by biometric authentication. They never leave your device and are inaccessible to others, even with unauthorized access to your device.

Termius on macOS, iOS, and iPadOS allows you to generate Biometric SSH keys within the Secure Enclave (SE). SE is an isolated hardware subsystem that generates and stores private keys. No one, including Termius or OS, can directly export, copy, or access these keys.

To establish an SSH connection, Termius requests SE to sign data with the private key. Whenever this happens, OS prompts you to authorize access to a key stored in SEP with Touch ID/Face ID authentication.

Biometric keys don't synchronize with other devices as regular SSH Keys because they can't be copied by Termius.

Desktop

iOS

Generate Biometric Key

To generate a Biometric SSH Key, follow these steps:

Open Keychain screen.
Select Touch ID on the top toolbar.
Click Generate.

Export Key to Host

Click Export to host in the context menu.
Select host where you would like to copy a public key.
If your authorized keys are stored in a custom directory, update the folder path in the Location field and specify the authorized keys Filename.
Click Export and Attach at the bottom.

Connect with Biometric Key

Once your key is exported, it attaches to your host in Termius. To connect, go to the Hosts screen and double-click your host.

Desktop

iOS

Generate Biometric Key

To generate a Biometric SSH Key, follow these steps:

Open Keychain screen.
Select Touch ID on the top toolbar.
Click Generate.

Export Key to Host

Click Export to host in the context menu.
Select host where you would like to copy a public key.
If your authorized keys are stored in a custom directory, update the folder path in the Location field and specify the authorized keys Filename.
Click Export and Attach at the bottom.

Connect with Biometric Key

Once your key is exported, it attaches to your host in Termius. To connect, go to the Hosts screen and double-click your host.

Desktop

iOS

Generate Biometric Key

To generate a Biometric SSH Key, follow these steps:

Open Keychain screen.
Select Touch ID on the top toolbar.
Click Generate.

Export Key to Host

Click Export to host in the context menu.
Select host where you would like to copy a public key.
If your authorized keys are stored in a custom directory, update the folder path in the Location field and specify the authorized keys Filename.
Click Export and Attach at the bottom.

Connect with Biometric Key

Once your key is exported, it attaches to your host in Termius. To connect, go to the Hosts screen and double-click your host.

Desktop

iOS

Generate Biometric Key

To generate a Biometric SSH Key, follow these steps:

Open Keychain screen.
Select Touch ID on the top toolbar.
Click Generate.

Export Key to Host

Click Export to host in the context menu.
Select host where you would like to copy a public key.
If your authorized keys are stored in a custom directory, update the folder path in the Location field and specify the authorized keys Filename.
Click Export and Attach at the bottom.

Connect with Biometric Key

Once your key is exported, it attaches to your host in Termius. To connect, go to the Hosts screen and double-click your host.

To try Biometric Keys on other platforms, check out related articles for Android and Windows.

•

Responsible Disclosure

Find Us

•

Responsible Disclosure

Find Us

•

Responsible Disclosure

•

Responsible Disclosure

Find Us