Reputation: 11418
Distributing SSH keys with iPhone app
I have an iPhone app which needs to securely connect back to our hosted environment. It is doing this using SSH, and then uses port forwarding to connect to localhost:port which is really a service running on the host.
Currently the way I have the proof of concept working is by including the certificates (private and public) in the app, and then connecting by SSH to the host.
This means that passwords do not need to be distributed, however is this good practise? Should the private key be included with the app?
If not, how should I do this without distributing passwords, and what should I include?
Upvotes: 0
Views: 619
Answers (1)
Reputation: 29559
Distributing the password or distributing the private key are exactly the same thing and both are generally no-nos.
You haven't given us enough info on what you're actually trying to do, but it sounds to me like you're take a very convoluted approach to what is most likely a solved problem. If your iPhone app needs to communicate with the server, then you should, at the very least, have each iPhone app generate its own private/public key combo and add their public key to your authorized users on the server out-of-band, as that way you can selectively revoke access for individual users.
Upvotes: 2
Related Questions
- How to create a certificate for my iOS App
- IPhone app with SSL client certs
- Preparing certificates for iOS push notifications?
- Access to (Development or Distribution) Certificate from iOS App
- Certificate and private key pair IOS
- Distributing certificate and private key to iOS devices
- Certificate for iOS apps
- Distribution certificates and private keys
- connecting to server through SSH using public key
- Handing out iPhone certificate private key?