SecureBox

Secure shell and auxiliary commands for terminal applications on Android OS

SecureBox Icon

Home </>

About </>

Secure Box is an application that offers additional commands for terminal applications (1)(2)(3). Package includes secure shell commands (client, key management, file transfer, agent, daemon) and commands for management of keys, X.509 certificates, digests and etc.

The Secure Shell (SSH) is a protocol for secure remote login and other secure network services over an insecure network. It is intended to provide secure encrypted communications between two untrusted hosts over an insecure network.


Main features </>

Secure shell commands are port of PKIX-SSH (feature richest ssh implementation in the world) to Android platform. PKIX-SSH offers widest and up to date range of supported key algorithms, chippers, macs for secure shell protocol.

For instance supported public key algorithms include X.509 certificate based keys:

  • EC : x509v3-ecdsa-sha2-nistp256, x509v3-ecdsa-sha2-nistp384, x509v3-ecdsa-sha2-nistp521
  • RSA : x509v3-rsa2048-sha256, x509v3-ssh-rsa, x509v3-sign-rsa
  • Ed25519 : x509v3-ssh-ed25519 (4)
  • DSA : x509v3-ssh-dss, x509v3-sign-dss

As well it support public key algorithms based on plan keys:

  • EC : ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
  • RSA : ssh-rsa, rsa-sha2-256, rsa-sha2-512
  • Ed25519 : ssh-ed25519
  • DSA : ssh-dss

Client and server support extension negotiation mechanism. This feature in used in adaptive public key algorithm selection.


Auxiliary commands for management of keys, X.509 certificates, digests and etc are provided by OpenSSL command line tool.

This list of commands includes, but not limited to, key management commands like genpkey and pkey, ec and ecparam, rsa, dsa and dsaparam, commands for management of X.509 certificates, revocation list and authorities - x509, crl and ca, commands for key data management - pkcs12, pkcs8 and pkcs7, commands for operation will keys - pkeyutl, time stamping authority tool - ts.


The complete list of commands including manual pages is available on application web-site.


Downloads </>

Android package is available on Google Play Store (QR code: [google play store] ) [google play store] .

Development of SecureBox is maintained in public git repository , hosted by GitLab.com.


Notes </>

(1) Application is best integrated with terminal "TermOne Plus" - it requires "TermOne Plus" permission "Override path" to be granted to it. Also "Override path" has to allowed in "TermOne Plus" preferences.
Obsoleted in upcomming 3.0.0 release.

(2) Starting with Android 9.0 (Pie) SELinux permission are hardened and do not allow any more one application to share its file system tree. This prevent SecureBox to "export" packaged binaries for use by other applications. As work-around TermOnePlus (3.1) and SecureBox (2.1) start to "share user id". This is incompatible modification that requires reinstall of application. Another side effect is that terminal application have full access to SecureBox binaries and configuration files!
Needless in upcomming 3.0.0 release. To be deprecated in future releases.

(3) Android 10.0 does not allow execution from "writable" directories. SecureBox 2.2 offers new packaging model suitable for Android 10.0. Also new packgind model requires respective support from terminal application - added in "TermOne Plus" 3.2.
Replaced in upcomming 3.0.0 release.

(3) Release 2.4.8 is packaged with PKIX-SSH 14.0.3 that implements x509v3-ssh-ed25519 public-key algorithm.


<external>

[round left]
Please report site issues to < webmaster AT termoneplus DOT com >
Copyright © 2017-2024 , Roumen Petrov
Авторско право 2017-2024 , Румен Петров
[round right]