Distributing SSH keys with iPhone app

I have an iPhone app which needs to securely connect back to our hosted environment. It is doing this using SSH, and then uses port forwarding to connect to localhost:port which is really a service running on the host.

Currently the way I have the proof of concept working is by including the certificates (private and public) in the app, and then connecting by SSH to the host.

This means that passwords do not need to be distributed, however is this good practise? Should the private key be included with the app?

If not, how should I do this without distributing passwords, and what should I include?

Answers


Distributing the password or distributing the private key are exactly the same thing and both are generally no-nos.

You haven't given us enough info on what you're actually trying to do, but it sounds to me like you're take a very convoluted approach to what is most likely a solved problem. If your iPhone app needs to communicate with the server, then you should, at the very least, have each iPhone app generate its own private/public key combo and add their public key to your authorized users on the server out-of-band, as that way you can selectively revoke access for individual users.


Need Your Help

sprintf_s failed in release mode, and ok in debug

c++ visual-studio-2010 api visual-c++ printf

In C++, with VS2012, i would like to get the Mac adress and convert it in car formatting.

How to use inline comments to document members in .NET?

c# .net documentation documentation-generation xml-documentation

How can I document a member inline in .Net? Let me explain. Most tools that extract documentation from comments support some kind of inline documentation where you can add a brief after the member