All Collections
Getting Started
Next Steps
Quick Connect
Quick Connect

Learn how to use the Quick Connect feature that enables you to connect without a VPN via an SSH Tunnel.

avhsupport avatar
Written by avhsupport
Updated over a week ago

Table of Contents

AVH's Quick Connect feature allows you to connect to your virtual devices and use features without requiring a VPN connection.

This “Quick Connect” feature uses standard SSH, which comes pre-installed on Mac, Windows, and Linux.

Quick Connect is available on the Raspberry Pi4, iMX8m Arm Cortex Complex, and Android at present.

No more downloading a VPN client and installing the .ovpn profile to gain root access!

Note About Your Network Firewall Configuration

Your network firewall must allow outbound connections on Port 22 to AVH's proxy server.

You can find the address for the proxy server in the SSH -J ... or SSH -M ... command under your device's "Connect -> Quick Connect" section (for example proxy.avh.com).

Step 1: Create a New Public-Private Key Pair

AVH supports the use of standard SSH keys, which make use of public-key cryptography for authentication when connecting your local computer with virtual devices.

We will utilize the ssh-keygen tool, which is installed by default on all three major operating systems, and the Ed25519 signature scheme.

Generate a Key Pair with Terminal

  1. Open Terminal and enter ssh-keygen -t ed25519.

  2. Use the default file location (/Users/<user>/.ssh/id_ed25519) by pressing the return key.

  3. Enter an optional passphrase for added security. In this example, we will leave the passphrase field blank.

  4. Confirm your optional passphrase.

  5. The terminal will show the location of your identification (private key) and public key files, the key fingerprint, and the randomart image.

    Image or attachment is not accessible.

  6. View the contents of the file using cat ~/.ssh/id_ed25519.pub.

    Image or attachment is not accessible.

  7. Copy the output to use later in Step 2. In our example, we will copy the following:

    ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINMptfhsX9BQ2gU8hl7I/Xoel88K25RGyW74ASgw2ABG user1@user1s-MacBook-Pro.local

Generate a Key Pair with PowerShell

  1. Open PowerShell and enter cd ~/.ssh.

  2. Start the key generation process using ssh-keygen -t ed25519.

  3. Use the default file location (C:\Users\<user>\.ssh\id_ed25519) by pressing the Enter key.

  4. Enter an optional passphrase for added security. In this example, we will leave the passphrase field blank.

  5. Confirm the passphrase.

  6. PowerShell will show the location of your identification (private key) and public key files, the key fingerprint, and the random art image.

  7. View the contents of the file using cat .\id_ed25519.pub.

Copy the output, which we will use in Step 2. In our example, we will copy:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIURGEJFM5/YvlWysZT4nSnT5bjovGK/Uj8d6fUBsBUp <user>@Lenovo-Laptop

Step 2: Add Your SSH Public Key to Your Project

Once added this SSH key will be included in each new device created.

The AVH REST API supports adding SSH keys to your project using the command line.

  1. Authenticate to the Rest API with your API Token. See "Quickstart for the API Docs" for guidance.

  2. Go to the Get Projects in the API and click "Try".

  3. Copy the ID of the project named "Default Project" in the response.

  4. Go to "Add Project Authorized Key"

  5. Add the Project ID you have just copied into the "project Id string" input and add the SSH key you created in Step 1 into the "key" value pair key in the JSON. Now click "TRY".


    The response will show the newly created key. Please note you can only have one SSH key per project.

    You can check the current SSH key with "Get Project Authorized Keys".

Step 3: Create Your Device

After adding you add the public key to your project, all devices you create under that project will automatically include the public key. Note: you cannot add SSH keys to an existing device.

  1. Create a new device and wait for it to boot. In this instance, we will create a Raspberry Pi.

Step 4: Use Quick Connect

  1. Once booted, copy the Quick Connect SSH command.

  2. Paste and run the copied command into Terminal or Powershell.

  3. The first time you connect, you will need to confirm the proxy host fingerprint. Type yes when asked about connecting to the proxy server (for example proxy.avh.com). This step only happens once. You should see a You are connecting as ... confirmation message.

  4. If there is a password required you can enter it now.

  5. Now you are connected without the need for a VPN.

Specifying the Private Key File for SSH Authentication (Optional)

Note: As an advanced option, if you normally use a “named” ssh file key using the -i argument, as opposed to using the default filename id_ed25519 detailed in this article, you have two options:

  • Include -i arguments in the ssh command. If you plan to use separate keys for the jump proxy host and for the target destination, you will need to include two -i arguments. You can read more about this method here.

  • Specify the IndentityFile in your ~/.ssh/config. (The private key file must exist in ~/.ssh, and the associated public key will also need to be added to your AVH project.)


Did this answer your question?