Get Moshi
reference

Connections and authentication

Connection types, password and key auth, jump hosts, mosh port ranges, custom mosh paths, and credential storage.

updated 1 week ago5 min readpage 4 / 23

Saved connections are the entry point for terminals. Each connection stores routing details and non-secret metadata in app storage. Credentials are stored separately in iOS secure storage.

Basic fields

  • Name: optional label shown in the app. If empty, Moshi can use user@host.
  • Host: IP address, DNS name, Tailscale name, or other reachable host.
  • Port: SSH port, commonly 22.
  • Username: remote login user.
  • Authentication: password or key file.
  • Connection type: Auto, SSH, or Mosh.

VPN

Moshi has no built-in VPN integration and does not need one. Any OS-level VPN — Tailscale, WireGuard, corporate VPN — works transparently: connect the iOS device to the VPN, then enter the host's VPN-side address in the Host field as a normal SSH or mosh target. For Tailscale specifically, see Tailscale.

Connection type

Auto is the default and the best starting point. Moshi can use SSH or mosh depending on the host and connection.

SSH forces a plain SSH terminal. Use this for hosts where UDP is blocked, where mosh is not installed, or when you need SSH-only routing such as a jump host.

Mosh forces mosh transport and exposes mosh-specific fields such as UDP port range and custom mosh-server path.

Password auth

Password auth stores the password for that connection. Use it for simple hosts, temporary machines, or systems where SSH keys are not available.

If you later switch the connection to key auth, Moshi clears the opposite saved credential for that connection.

Key auth

Key auth supports generated, imported, or pasted private keys. Moshi validates that you are adding a private key, not a public key, and shows the fingerprint after a key is selected.

When a key is present, tapping the key row lets you copy the public key if Moshi can extract it. Copying the private key requires biometric confirmation.

keys

Add the public key to the host. Do not put the private key in authorized_keys; Moshi will reject common public-key formats in the private-key field.

Jump hosts

Jump host settings are available when the connection type is SSH. Use the form:

jump host format

Use SSH mode when you need a bastion. Mosh requires UDP reachability to the final session and is usually not compatible with a simple SSH jump-host path.

Mosh options

When connection type is Mosh, you can set:

  • UDP port range: for hosts where only a specific range is open.
  • Mosh path: custom path to mosh-server, for example /opt/homebrew/bin/mosh-server.

Leave these blank unless your host needs them.

Reordering and editing

Saved connections can be edited, deleted, and reordered from the home list. Deleting a connection also clears its saved password, private key, passphrase, and fingerprint entries.