Secure Box is an application that offers additional commands for terminal applications
Package includes secure shell commands (client, key management, file transfer, agent,
daemon) and commands for management of keys, X.509 certificates, digests and etc.
The Secure Shell (SSH) is a protocol for secure remote login and other secure network
services over an insecure network. It is intended to provide secure encrypted
communications between two untrusted hosts over an insecure network.
Main features </>
Secure shell commands are port of PKIX-SSH
(feature richest ssh implementation in the world) to Android platform.
PKIX-SSH offers widest and up to date range of supported key algorithms, chippers, macs for secure shell protocol.
For instance supported public key algorithms include X.509 certificate based keys:
- EC : x509v3-ecdsa-sha2-nistp256, x509v3-ecdsa-sha2-nistp384, x509v3-ecdsa-sha2-nistp521
- RSA : x509v3-sign-rsa, x509v3-ssh-rsa, x509v3-rsa2048-sha256
- DSA : x509v3-sign-dss, x509v3-ssh-dss
As well it support public key algorithms based on plan keys:
- EC : ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
- RSA : ssh-rsa, rsa-sha2-256, rsa-sha2-512
- Ed25519 : ssh-ed25519
- DSA : ssh-dss
Client and server support extension negotiation mechanism.
This feature in used in adaptive public key algorithm selection.
Auxiliary commands for management of keys, X.509 certificates, digests and etc are provided
by OpenSSL command line tool.
This list of commands includes, but not limited to,
key management commands like genpkey and pkey, ec and ecparam, rsa, dsa and dsaparam,
commands for management of X.509 certificates, revocation list and authorities - x509, crl and ca,
commands for key data management - pkcs12, pkcs8 and pkcs7,
commands for operation will keys - pkeyutl,
time stamping authority tool - ts.
The complete list of commands including manual pages is available on application web-site.
Android package is available on
Google Play Store
Development of SecureBox is maintained in public
, hosted by GitLab.com.
Application is best integrated with terminal "TermOne Plus" - it requires "TermOne Plus" permission "Override path" to be granted to it.
Also "Override path" has to allowed in "TermOne Plus" preferences.
Starting with Android 9.0 (Pie) SELinux permission are hardened and do not allow any more one application to share its file system tree.
This prevent SecureBox to "export" packaged binaries for use by other applications.
As work-around TermOnePlus (3.1) and SecureBox (2.1) start to "share user id".
This is incompatible modification that requires reinstall of application.
Another side effect is that terminal application have full access to SecureBox binaries and configuration files!