Glossary
A comprehensive guide to terms and concepts used in Xermius.
Core Concepts
Host
A Host represents a remote machine (server) you want to connect to via SSH. Each host contains:
- Connection details (IP, port, username)
- Authentication method (password or SSH key)
- Metadata (name, tags, group)
- Multiple protocol configurations (SSH, SFTP, etc.)
Example:
{
"name": "Production Web Server",
"host": "192.168.1.100",
"port": 22,
"username": "ubuntu",
"group": "Production"
}
Group
A Group is a collection of hosts that share something in common (customer, location, environment, etc.). Groups can be nested to create hierarchies.
Example Structure:
📁 Servers
├── 📁 Production
│ ├── 🖥️ Web Server 1
│ └── 🖥️ Database Server
└── 📁 Development
└── 🖥️ Dev Server
Connection
A Connection is an active SSH session to a host. In Xermius:
- Each terminal tab creates a new connection
- SFTP tabs use separate connections
- Multiple connections to the same host can exist simultaneously
Connection Types:
- Original Connection: The base host configuration stored in database
- Tab Connection: A temporary session for a specific tab (not stored in database)
Session
A Session refers to the active state of a connection, including:
- SSH client instance
- Terminal state
- Authentication status
- Keep-alive settings
SSH Terminology
SSH (Secure Shell)
A cryptographic network protocol for secure remote access to computers.
Key Components:
- SSH Client: Your computer (running Xermius)
- SSH Server: The remote machine you connect to
- SSH Port: Usually 22, but can be customized
SFTP (SSH File Transfer Protocol)
A secure file transfer protocol built on top of SSH, providing:
- File upload/download
- Directory navigation
- Permission management
- File operations (rename, delete, create)
SSH Key
An authentication credential for SSH protocol, consisting of:
- Private Key: Kept secret on your computer
- Public Key: Installed on the server
Common formats:
- RSA (older, still widely used)
- ED25519 (modern, recommended)
- ECDSA (Elliptic Curve)
Host Key
A cryptographic key that identifies an SSH server. Used to prevent man-in-the-middle attacks.
Host Key Fingerprint: A hash of the host key, easier to verify:
SHA256:abc123...xyz789
Known Hosts
A file (~/.ssh/known_hosts) containing fingerprints of servers you've connected to before. Xermius manages this automatically.
Authentication
Password Authentication
Traditional method using username and password to authenticate.
Pros: Simple, no setup required
Cons: Less secure, vulnerable to brute force
SSH Key Authentication
Uses public/private key pairs for authentication.
Pros: More secure, no password needed
Cons: Requires initial setup
Passphrase
An optional password that encrypts your private key file.
Example:
Private Key: /home/user/.ssh/id_rsa
Passphrase: MySecretPassphrase123
Two-Factor Authentication (2FA)
Additional security layer requiring:
- Something you know (password)
- Something you have (authenticator app code)
Port Forwarding
Tunnel
A secure encrypted connection that forwards network traffic through SSH.
Local Port Forwarding (-L)
Forwards a local port on your machine to a remote host.
Use Case: Access a service on the server from your local machine.
Example:
Local Port: 3306 → Remote: localhost:3306
Connect to: localhost:3306 (on your machine)
Result: Access MySQL on remote server
Remote Port Forwarding (-R)
Forwards a remote port on the server to your local machine.
Use Case: Expose a local service to the remote server.
Example:
Remote Port: 8080 → Local: localhost:3000
Result: Server can access your local app on port 8080
Dynamic Port Forwarding (-D)
Creates a SOCKS5 proxy server on your local machine.
Use Case: Route all traffic through SSH tunnel (like a VPN).
Example:
Local Port: 1080 (SOCKS5 proxy)
Configure browser to use: localhost:1080
Result: Browse web through SSH tunnel
SOCKS5
A proxy protocol that supports any type of internet traffic.
Synchronization
Sync
The process of keeping your hosts, settings, and configurations synchronized across multiple devices.
What's Synced:
- ✅ Hosts and groups
- ✅ Connection settings
- ✅ Port forwarding rules
- ✅ SSH keys (encrypted)
What's NOT Synced:
- ❌ Passwords (stored locally only)
- ❌ Active sessions
- ❌ Terminal history
Backend / Cloud
The Xermius server that stores your synced data securely.
Encryption Key
A key used to encrypt sensitive data (passwords, SSH keys) before storage.
Security:
- Generated locally on your device
- Never sent to the server
- Required to decrypt data
User Interface
Dashboard
The main screen showing all your hosts, groups, and quick actions.
Tab
A container for terminal or SFTP sessions. Multiple tabs can be open simultaneously.
Tab Types:
- Terminal Tab: SSH terminal session
- SFTP Tab: File manager interface
- Web Tool Tab: SSL checker, cert reader, etc.
Sidebar
The left panel containing navigation and groups.
Status Bar
The bottom bar showing connection status, network stats, etc.
Import/Export
Import
The process of bringing host configurations from other SSH clients into Xermius.
Supported Sources:
- SSH Config files
- CSV files
- PuTTY sessions
- MobaXterm bookmarks
- SecureCRT sessions
Export
The process of saving Xermius hosts to external formats.
Supported Formats:
- SSH Config
- CSV
- JSON
Migration
Moving all your data from another SSH client to Xermius.
Web Platform
Account
Your Xermius user account for accessing the web platform and sync features.
Subscription
Xermius offers two plans:
Plans:
- Freemium (Free): Essential features for personal use
- Pro: Advanced features with cloud sync and priority support
Device
A computer or device logged into your Xermius account.
Device Management:
- View all devices
- Rename devices
- Revoke access
Activity Log
A record of all actions performed on your account:
- Logins
- Settings changes
- Host modifications
- Sync events
Support Ticket
A request for help sent to the Xermius support team.
Ticket Properties:
- Subject
- Category (Technical, Billing, etc.)
- Priority (Low, Medium, High, Urgent)
- Status (Open, In Progress, Closed)
Technical Terms
API (Application Programming Interface)
Secure communication interface that handles authentication, sync, and account management.
WebSocket
Real-time communication protocol used for:
- Support ticket updates
- Sync notifications
- Activity logging
Encryption
The process of converting data into a secure format.
Methods used:
- AES-256: Symmetric encryption for data at rest
- RSA-2048: Asymmetric encryption for key exchange
- TLS/SSL: Transport encryption for network traffic
File Formats
PEM (Privacy Enhanced Mail)
A format for storing cryptographic keys and certificates.
Extensions:
.pem: Generic PEM file.key: Private key.pub: Public key.crt: Certificate
OpenSSH Format
The default format for SSH keys used by OpenSSH.
Example:
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQA...
-----END OPENSSH PRIVATE KEY-----
PuTTY Private Key (PPK)
PuTTY's proprietary format for private keys.
Conversion: Xermius can import PPK files and convert them to OpenSSH format.
Protocols
SSH Protocol Versions
- SSH-1: Obsolete, insecure
- SSH-2: Current standard (Xermius uses this)
Port Numbers
- 22: Default SSH port
- 2222: Common alternate SSH port
- 1080: Common SOCKS5 proxy port
IP Addressing
- IPv4:
192.168.1.100(standard) - IPv6:
2001:db8::1(supported) - Hostname:
server.example.com(DNS name)
Error Messages
Connection Timeout
Server didn't respond within the timeout period.
Common Causes:
- Firewall blocking connection
- Server is down
- Wrong IP address
- Network issues
Connection Refused
Server rejected the connection.
Common Causes:
- SSH service not running
- Wrong port number
- Firewall blocking port
Authentication Failed
Credentials were rejected by the server.
Common Causes:
- Wrong username or password
- Key file not authorized
- Key file permissions too open (should be 600)
Host Key Verification Failed
The server's host key doesn't match the known key.
Possible Reasons:
- Server was reinstalled
- Server IP changed
- Man-in-the-middle attack
Abbreviations
- CLI: Command Line Interface
- GUI: Graphical User Interface
- PTY: Pseudo Terminal
- TTY: Teletypewriter (terminal)
- VPS: Virtual Private Server
- VM: Virtual Machine
- EC2: Amazon Elastic Compute Cloud
- GCP: Google Cloud Platform
- AWS: Amazon Web Services
- DO: DigitalOcean