Authentication¶
Set up SSH keys or passwords to authenticate your tunnel connections.
Authentication Methods¶
| Method | Security | Best For |
|---|---|---|
| SSH Key | High | Production, regular use |
| Password | Medium | Quick setup, testing |
Recommendation: Use SSH keys when possible.
SSH Key Authentication¶
Select a Key¶
When creating or editing a tunnel:
- Choose SSH Key authentication
- Select your key from the dropdown
- Save the tunnel
StormTunnel automatically finds keys in ~/.ssh/.
Import Keys¶
If your keys are elsewhere:
- Go to Settings → Keys
- Click Import
- Select your private key file
- The key is now available for tunnels
Key Types¶
| Type | Recommendation |
|---|---|
| Ed25519 | Best - modern and secure |
| RSA (4096-bit) | Good - widely supported |
| ECDSA | OK - good security |
Password Authentication¶
Set Up Password¶
When creating or editing a tunnel:
- Choose Password authentication
- Enter your SSH password
- Enable Store in Keychain (recommended)
- Save the tunnel
Your password is encrypted and stored securely by macOS.
Update Password¶
- Edit the tunnel
- Enter the new password
- Save
Managing SSH Keys¶
View Your Keys¶
Go to Settings → Keys to:
- See all imported keys
- View key details
- Copy public keys
- Delete unused keys
Copy Public Key¶
To add your key to a server:
- Settings → Keys
- Select your key
- Click Copy Public Key
- Send to your server administrator
They'll add it to ~/.ssh/authorized_keys on the server.
Troubleshooting¶
"Permission denied (publickey)"¶
Your SSH key isn't authorized on the server.
Solutions:
- Verify you selected the correct key
- Ask admin to add your public key to the server
- Test manually:
ssh -i /path/to/key user@host
"Authentication failed"¶
Password is incorrect.
Solutions:
- Verify the password is correct
- Check Caps Lock
- Re-enter the password in tunnel settings
"Host key verification failed"¶
Server's identity can't be verified.
Solutions:
- Confirm you're connecting to the correct server
- StormTunnel will store the host key on first successful connection
- Ask admin for the server's fingerprint to verify
Best Practices¶
- Use SSH keys - More secure than passwords
- Use Ed25519 - Modern, fast, secure
- Never share private keys - Treat them like passwords
- Use Keychain - Let macOS store passwords securely
- Rotate keys yearly - For critical servers
Next Steps¶
- Key Management - Detailed key management
- Creating Tunnels - Configure tunnels
- Settings - Authentication settings