Releases: PIXELQUADRO07/CoreShell
Release list
release v2.2.2
New features:
Dual terminal session
Widgets for monitoring hardware specs of the machine connected
updated support for tailscale machines
release v2.2.1
Implemented Features
- Real Interactive Terminal
•
Switching to ChannelShell: The terminal now supports interactive TTY sessions.
•
ANSI Support: Color and control codes are processed for clean display.
•
Command Snippet: Added a quick access bar with commands like htop, ls -la, docker ps, etc. - Professional SFTP
•
Real Uploads/Downloads: Integrated Android File Picker to securely upload files from your device and download files from your server.
•
Stream-based Transfer: Files are transferred via real streams, no longer simulated. - Biometric Security (Lockdown Mode)
•
BiometricPrompt: Upon startup, the app requires fingerprint or facial recognition authentication (if available).
•
Integral Protection: The interface remains locked until the identity is verified. - User Experience "Cyberpunk"
•
Glitch Effect: Transitions between screens now include a slight "glitch" distortion consistent with the app's aesthetics.
•
Optimized Dashboard: Improved system monitor display.
Major Changes
•
MainActivity.kt: Biometric security management and glitch transitions.
•
SshClientHelper.kt: Logical core for interactive shell and SFTP stream.
•
SshViewModel.kt: Session orchestration and file URI management.
•
CyberComponents.kt: New GlitchTransition `component.```
release v2.2
new release, fixed some bugs and added real sfpt support
release v2.01
🔮 CoreShell v2.1 — Stability & Security Release
Production-Ready SSH Client with Enterprise-Grade Encryption
From Simulation to Production: The Netrunner's Arsenal Reaches Enterprise Grade
🎯 What's New in v2.1
🔴 Critical Upgrades
✅ Real SSH Connection
BEFORE: ❌ Simulated connections with hardcoded delays
AFTER: ✅ Live SSH sessions via JSch with real I/O
connectToServer()establishes genuine SSH channels- Streams live server output directly to terminal
- Commands execute on actual remote shell
- Real stdin/stdout/stderr bidirectional communication
🔐 End-to-End Encryption (AES-256-GCM)
BEFORE: ❌ Plaintext passwords & keys in database
AFTER: ✅ Military-grade encryption at rest
- All credentials encrypted with Android Keystore-backed AES-256-GCM
- IV prepended and stored with ciphertext in Base64
- Decryption happens only at connection time
- Zero cleartext exposure in database or logs
🎭 Terminal State Immutability Fixed
BEFORE: ❌ Mutable state → missed UI updates
AFTER: ✅ Immutable values → reliable recomposition
SshSessionStatetransitioned tovalfields- Copy-on-write updates via
copy()lambda - Compose recomposition triggers on every change
- Terminal UI now responds smoothly to all updates
🟡 Major Improvements
| Feature | Improvement | Impact |
|---|---|---|
| 📊 Live Telemetry | Real top & free commands (10s refresh) |
CPU/RAM gauges show actual server metrics |
| 🏠 Widget Data | Queries actual database instead of static list | Home screen shows your real servers |
| 🔑 SSH Crypto | JSch 0.2.20 with modern algorithms | ssh-ed25519, ecdsa-sha2-nistp256, curve25519-sha256 support |
| 🪟 Windows Fix | Disabled GSSAPI fallback | No more infinite hangs on Windows Kerberos |
| 🔓 Key Storage | RSA-2048 & Ed25519 encryption before DB | Private keys secured with AES-256-GCM |
| 📐 Key Extraction | Proper ASN.1 parsing | Robust Ed25519 public key handling |
| 📱 App Identity | com.tuonome.coreshell |
Professional package namespace |
| 🗄️ Database API | Sync query method added | Widget provider support |
| ✅ Test Coverage | SecurityUtils unit tests | Encryption/decryption validation |
🏗️ Technical Architecture
Cryptography Pipeline
┌──────────────────────────────────────┐
│ User Input (Password / Private Key) │
└────────────────────┬─────────────────┘
│
▼
┌────────────────────────┐
│ SecurityUtils.encrypt() │
│ • Generate random IV │
│ • AES-256-GCM cipher │
│ • Android Keystore │
└────────────┬────────────┘
│
▼
┌────────────────────────┐
│ [IV + Ciphertext] │
│ Base64 encode │
└────────────┬────────────┘
│
▼
┌────────────────────────┐
│ Room Database │
│ Encrypted Storage │
└────────────────────────┘
SSH Session Lifecycle
User Input → connectToServer()
│
├─→ Initialize JSch Session
├─→ Configure Algorithms (modern kex/cipher)
├─→ Disable GSSAPI (Windows compatibility)
├─→ Password/Key Authentication
├─→ Open Shell Channel
├─→ Stream I/O (stdin/stdout/stderr)
└─→ Update SessionState via StateFlow
📊 Performance & Reliability
Telemetry Updates
- Frequency: Every 10 seconds
- Commands:
top -bn1,free -m - Parsing: Regex extraction with fallback
- Resilience: Graceful degradation on incompatible systems
Database Queries
// Widget provider - synchronous query
getAllProfilesSync(): List<ServerProfile>
// UI layer - Flow-based reactive
getAllProfiles(): Flow<List<ServerProfile>>⚠️ Migration Guide
Before Updating
- Export your server profiles (recommended)
- Note any saved SSH keys for re-entry
- Backup your CoreShell database:
adb backup -f coreshell_backup.ab com.tuonome.coreshell
After Updating
| Item | Action | Notes |
|---|---|---|
| Saved Servers | Plaintext → AES-256-GCM format change | |
| SSH Keys | ✅ Preserved (encrypted) | Existing keys migrated automatically |
| Database Schema | ✅ No changes | Backward compatible |
| Settings | ✅ Preserved | Preferences remain intact |
🔒 Security Enhancements Summary
v2.0 v2.1
─────────────────────────────────────────
Simulated SSH → Real Live Sessions
Plaintext Storage → AES-256-GCM Encrypted
Random Telemetry → Live Server Metrics
Basic Auth → Modern Cryptography
(ed25519, ecdsa, curve25519)
GSSAPI Hangs → Properly Disabled
Fragile Key Parsing → ASN.1 Standards
📥 Installation & Compatibility
Minimum Requirements
- Android: 7.0+ (API 24)
- Storage: 50 MB free space
- Network: Active connection for SSH
Tested Environments
✅ OpenSSH 7.x–9.x (Linux)
✅ OpenSSH for Windows (via Tailscale)
✅ MagicDNS (Tailscale)
✅ Modern key algorithms (ed25519, ecdsa-sha2-nistp256)
✅ Backward compatibility with older servers
✅ Windows environments without Kerberos
Quick Install
# Download app-release.apk and install
adb install app-release.apk
# Or build from source
git clone https://github.com/PIXELQUADRO07/CoreShell.git
cd CoreShell
./gradlew assembleRelease
adb install app/build/outputs/apk/release/app-release.apk🧪 Testing & Validation
✅ Unit Tests Added:
- AES-256-GCM encryption/decryption round-trips
- Empty string edge cases
- IV prepending and extraction
- Base64 encoding/decoding
✅ Integration Testing:
- Real SSH connections to multiple server types
- Credential encryption/decryption cycles
- Terminal state mutations and UI updates
- Widget provider database queries
🚀 What's Next (v2.2+)
- Multi-session concurrent connections
- SSH port forwarding & tunneling
- Custom terminal color themes
- Hardware security key support
- Cloud-based profile sync
- SSH certificate authentication
- Performance optimizations
📝 Known Limitations & Workarounds
| Issue | Workaround | Status |
|---|---|---|
Windows servers without top/free |
Telemetry falls back gracefully | ✅ Handled |
| First-time server setup required | Re-enter credentials once | |
| Keystore unavailable after restore | Re-add affected servers |
💬 Feedback & Support
Found an issue? Open an Issue
Have suggestions? Start a Discussion
Security concerns? Please report privately to the maintainer
📋 Detailed Changelog
🔴 Critical Fixes
- Real SSH connection via JSch (no more simulation)
- Passwords & private keys encrypted at rest (AES-256-GCM)
- Terminal state immutability fixed (reactive UI updates)
🟡 Improvements
- Real server telemetry (CPU/RAM gauges)
- Widget reads actual server profiles
- Updated JSch to 0.2.20 (modern algorithms)
- Disabled GSSAPI authentication (Windows fix)
- SSH key encryption before storage
- Improved Ed25519 public key extraction (ASN.1)
- Updated applicationId
- Added synchronous DAO methods
- Added SecurityUtils unit tests
📦 Dependencies Updated
com.github.mwiede:jsch → 0.2.20 (from unmaintained original)
⚡ CoreShell v2.1: Enterprise Security. Netrunner Aesthetics. Raw Performance.
📥 Download Latest • 📖 Full Documentation • 🐛 Report Issues
Built with ❤️ by @PIXELQUADRO07
"In the darkness of the network, CoreShell is your light."
release v2.0
CoreShell - Secure Cybernetic Terminal Deck
CoreShell is an SSH client and server node manager for Android, designed with a retro-futuristic Cyberpunk aesthetic. It offers an advanced interface for managing remote infrastructure, with integrated support for Tailscale and a real-time telemetry dashboard.
🚀 Main Features
- Server Profiles Manager: Configure and save your SSH nodes with custom parameters (Host, Port, Username).
- Tailscale Integration: Automatic detection and optimized support for Tailscale networks (MagicDNS and IP 100.xxx).
- Cyberpunk Aesthetics: Responsive UI interface with CRT scanline effects, neon animations, and monospaced fonts.
- Advanced Terminal: Interactive shell with quick shortcuts for common commands ('ls', 'htop', 'neofetch', etc.).
- SFTP File Explorer: Navigate, download, edit, and delete files on the remote server via a built-in graphical interface.
- Key Manager (RSA Keyring): Generate and manage RSA-2048 key pairs for secure passwordless authentication.
- Telemetry Monitoring: Real-time visualization of CPU, RAM, temperature, and network traffic using oscilloscope graphs.
- Monitor Widget: Widget for the Home Screen that shows the status of your favorite servers at a glance.
🛠️ Technologies Used
- Kotlin & Jetpack Compose: Modern, declarative UI.
- Room Database: Secure local persistence for profiles and keys.
- Coroutines & Flow: Asynchronous session and telemetry management.
- Material 3: UI components with "Cyber-Theme" customizations.
- Retrofit & Moshi: Ready for external API integrations.
📱 Installation and Build
Requirements
- Android 7.0 (API 24) or higher.
- Android Studio Ladybug (or newer versions).
- Gradle 9.3.1.
Build from Terminal
To generate the release APK:
"'bash
./gradlew assemblyRelease
"'
The APK will be generated in: 'app/build/outputs/apk/release/app-release.apk'
🔒 Security
CoreShell supports password and RSA key authentication. Private keys are stored locally in the app's encrypted database. It is recommended to use Tailscale for an additional layer of network security.
📝 Notes on the Current Version
- The current version uses a simulation engine for SSH/SFTP sessions and telemetry.
- Integration with real SSH libraries (such as JSch) is expected in future iterations.
Developed for the underground netrunner community.
v1.1.1
CoreShell v1.1 — Bug Fix Release
What's fixed
🔴 Critical — SSH connection
Fixed infinite loading on connect
The app would hang indefinitely with no error message when connecting to modern SSH servers (including Windows OpenSSH via Tailscale). Three separate issues caused this:
GSSAPIAuthenticationwas not disabled. On Windows without Kerberos configured, JSch silently attempted GSSAPI auth and stalled waiting for a response that never came.Session.connect()was called without an explicit timeout argument. The session-level timeout only applies to read operations, not to the TCP handshake and key exchange — the connection could block for minutes.- The supported algorithm lists (
server_host_key,kex) did not include modern algorithms used by current OpenSSH builds (ssh-ed25519,curve25519-sha256,ecdh-sha2-nistp256), causing negotiation to fail silently on some servers.
Fixed terminal freezing on command output
executeCommand() used a simple while (!channel.isClosed) delay(50) loop. When a command produced more output than the internal buffer could hold, the channel never closed — the terminal froze indefinitely. Output is now read continuously from both stdout and stderr streams while the channel is open.
🟡 Important — File manager & data
Fixed back navigation skipping two levels
navigateBack() called removeLast() twice on the path stack — once to remove the current path, then again to get the previous one, which discarded it. Navigation now uses last() (peek) after removing the current entry, so each back press correctly goes up exactly one directory level.
Fixed file manager loading before SSH is ready
FileManagerViewModel called loadDirectory("~") in its init block. Since the ViewModel is created when the user navigates to the tab, SFTP was opened before the SSH session was established, causing an immediate error. Directory loading now starts only after connectedServer becomes non-null.
Fixed crash when keystore is unavailable
decryptServer() propagated a raw SecurityException if the Android Keystore was inaccessible (e.g. after app reinstall or backup restore). The app would crash silently when loading the saved servers list. The exception is now caught and the encrypted record is returned as-is, so the app stays functional — the user just needs to re-enter the password for that server.
🟢 Minor — Reliability & diagnostics
Fixed SFTP channel race condition
getSftpChannel() accessed and assigned sftpChannel outside the mutex, making it possible for two coroutines to open duplicate channels concurrently. The check and assignment are now inside mutex.withLock.
Added full JSch debug logging
JSch internal logging is now routed to Android Logcat under the JSch tag. Filter by JSch or SSH_LOG in Logcat to see the full key exchange, authentication, and channel lifecycle — makes diagnosing connection issues significantly easier.
Added modern kex and cipher algorithm lists
Explicitly configured kex, cipher.s2c, cipher.c2s, mac.s2c, mac.c2s to prefer modern algorithms and maintain compatibility with both current and older OpenSSH servers.
Upgrade notes
No database migration required. Saved servers are preserved.
If a saved server fails to decrypt after updating, delete and re-add it — this is a one-time issue for installations affected by bug #8.
CoreShell v1.1.0
New release with updated UI, improved build stability, and better SSH/SFTP management.
v1.0.0
CoreShell v1.0.0
CoreShell is a lightweight Android SSH manager that allows secure remote server access, file transfer via SFTP, and command execution directly from your mobile device.
This is the first stable release (v1.0.0) of the project.
🚀 Features (v1.0.0)
- 🔐 SSH connection support (password & private key authentication)
- 📡 Remote command execution
- 🖥️ Interactive shell session support
- 📁 SFTP file manager:
- Upload files
- Download files
- Rename files
- Delete files
- Create directories
- 📊 Basic server information retrieval
- ⚡ Fully asynchronous operations using Kotlin Coroutines
🧱 Tech Stack
- Kotlin
- Android SDK
- JSch (SSH / SFTP)
- Kotlin Coroutines
- Gradle Kotlin DSL
📦 Installation
Option 1 — Build from source
git clone https://github.com/PIXELQUADRO07/CoreShell.git
cd CoreShell
./gradlew assembleDebug