SSH protocol is protocol allowing secure access to remote server. The communication is encrypted using Private-key cryptography.
SSH server is preinstalled on many Linux computers/servers, and SSH server applications exist also for other operating systems such as Windows or Android. This means that X-plore can access these remote computers and work with them over secure SSH channels.
SSH protocol provides various functions for communication.
X-plore uses two ways to access remote server:
1) SSH File Transfer (SFTP)
SFTP part of SSH is used for working with files – list files and folders, rename, delete, copy, move, set permissions, etc. X-plore does this same like working with any other file system.
2) SSH Shell using Terminal emulation
X-plore allows to completely control remote computer connected over SSH protocol by using simple text console. User can type commands in X-plore (SSH client) which are send to SSH server, and the server sends the results back to client (X-plore) for displaying them in a terminal window.
This allows to work with remote computer in same way as if user directly worked with it, and enter commands that not accessible in SFTP protocol, for example to reboot the remote machine, and similar.
The command set used in working with remote machine is not covered here, since it depends on kind of shell installed on remote machine. On Linux machines this is typically some kind of Unix shell. If you access Windows computer over SSH, the shell may be the Windows Command Prompt, so you’d enter commands normally used in Windows, such as dir etc.
However, what is available as “shell” over SSH is often configurable on the SSH server.
Parameters for accessing SSH server
To access SSH server, you must enter:
- server name or IP address (optionally followed by :port, default is 22)
- username
Optional parameters are:
- path on server, if specified, X-plore will list only folders inside of this path
The SSH protocol supports multiple authorization methods, X-plore allows to use two most common:
Authorization by password
User enters login password, either permanently in server-edit dialog, or each time when accessing the server.
Authorization by private key file
User loads RSA, DSA or EC private key into X-plore. The private key itself may be protected by passphrase, which is kind of password used to decrypt the private key. If private key is encrypted, X-plore will ask for the passphrase each time when server is accessed (the passphrase is not saved permanently).
Private keys may be loaded in OpenSSH or PuTTY format.
ⓘ There is a tool named puttygen available for Windows as well as Linux, which allows you to convert keys from OpenSSH to Putty format.
X-plore saves its own copy of private key in its settings (in secured storage), so the private key doesn’t need to be present on device after it was loaded to X-plore.
Note: the SSH server must have copy of user’s public key, which is part of the loaded key.
Using Fingerprint sensor
On devices with fingerprint sensor, it is possible to save encrypted server password using your fingerprint. You can’t set password in the Edit server dialog, but leave it empty and let X-plore ask password each time when server is opened.
The first time when you’re asked to enter password, you’ll get possibility to save the password, which will be confirmed by fingerprint scan. Next time you can logon to your server by just using fingerprint sensor. The password is encrypted by device’s hardware, and can’t be decrypted without your finger scan.
For this to work, your device must have enrolled fingerprint and set up secure screen lock using fingerprint scanner.