Open the Connections screen from the sidebar. It shows your active sessions at the top and all saved connection profiles below.

Connections screen — active sessions and saved profiles

Tap + New Connection. Fill in the required fields marked with *.

New connection form — configure host, port, auth method

Four auth methods are supported:

• Password — standard SSH password authentication
• Private Key — paste key content or supply a file path; supports RSA, Ed25519, ECDSA
• SSH Agent — delegates auth to the system SSH agent socket; no credential stored in the app
• Password + Key (MFA) — private key authenticates first, password is required as a second factor

Add tags to connections to group them by environment, project, or any label you choose. Use the search bar and tag filter to quickly find connections in large lists.

• Tags are free-text — type any label during connection creation or edit
• Filter connections by tag from the Connections screen search bar
• Multiple tags per connection are supported

On first connection to a new server, the app records the server's host key fingerprint using Trust On First Use (TOFU). On subsequent connections, if the host key changes, you will see a warning before proceeding.

Long-press or use the context menu on any connection to access edit, duplicate, delete, and share actions. All changes are encrypted and saved immediately.

Connection entry — tap to connect, hold or use menu for actions

From the Connections screen, tap the play button next to any saved connection. A new tab opens in the terminal view. You can open multiple tabs to the same or different servers.

Terminal — full ANSI color and UTF-8 support

Up to 10 terminal tabs can be open simultaneously. Each tab is an independent SSH session.

• Click the + button in the tab bar to open another terminal to any connection
• Duplicate an existing tab with the duplicate icon — reconnects to the same host in a new tab
• Drag tabs left or right to reorder them
• Close a tab with the × button — the session disconnects cleanly

Enable broadcast mode to send the same input to all open terminal sessions simultaneously. Useful for running the same command across multiple servers at once.

• Toggle broadcast mode from the terminal toolbar
• Keystrokes are echoed to all tabs in real time
• Disable broadcast to return to single-session input

On mobile, a command bar appears below the terminal with essential control keys that are hard to type on a software keyboard:

• ^C — send Ctrl+C to interrupt the current process
• Tab — trigger shell autocomplete
• ↑ / ↓ — navigate command history
• Send — send the current input line
• Esc — send Escape key

Select a saved command snippet from the snippet library and inject it directly into the active terminal session. See the Command Snippets section for how to create and organize snippets.

Navigate to the Explorer section from the sidebar, or click the folder icon on a connection card when a session is active. You can also open the file browser directly from an active terminal session.

Explorer — select an active session to browse its filesystem

The file browser shows the current directory listing with icons for each file type. Tap a directory to enter it. Use the breadcrumb bar at the top to navigate back up the path.

File browser — directory listing with file type icons

• Tap a folder to navigate into it
• Tap the breadcrumb segments to jump up the path
• Use the search icon to filter files by name within the current directory
• Tap the home icon to jump to the session's home directory

Use the + button in the toolbar to create a new file or a new directory at the current path. Enter the name in the prompt that appears.

Long-press or use the context menu (⋯) on any file or folder and choose Rename. Enter the new name in the dialog that appears.

Rename dialog — type the new filename and confirm

From the context menu, choose Delete. A confirmation dialog is shown before any deletion. Recursive deletion of non-empty directories is supported.

Delete confirmation — destructive action requires explicit confirmation

In the file browser, navigate to the destination directory on the remote server, then click the Upload button in the toolbar.

Upload — select local files to transfer to the current remote directory

• Select one or multiple files from your local filesystem
• Entire folders can be selected — the full directory tree is transferred recursively
• Progress is shown per-file during transfer

After a successful upload the file browser refreshes automatically and shows the newly uploaded files alongside existing entries.

Post-upload — newly transferred files appear in the listing

Open the context menu (⋯) on any file and choose Download. On desktop you will be prompted to choose a local save location. On mobile the file is saved to the default Downloads folder.

In the remote file browser, tap any supported text file. The file editor opens with the file contents loaded and syntax highlighting applied based on the file extension.

File editor — syntax-highlighted editing of remote files

The editor recognizes 50+ file types for syntax highlighting, including but not limited to:

• Config files — nginx, Apache, SSH config, systemd units, TOML, YAML, JSON, INI
• Shell scripts — bash, zsh, fish, PowerShell
• Web — HTML, CSS, JavaScript, TypeScript, JSX, TSX
• Backend — Python, Go, Ruby, PHP, Java, Kotlin, Swift
• Database — SQL, PostgreSQL, MySQL dialects
• DevOps — Dockerfile, Makefile, GitHub Actions YAML, Terraform HCL

Tap Save (or use the keyboard shortcut Ctrl+S / Cmd+S) to write changes back to the remote server over SFTP. An indicator confirms a successful save.

Navigate to the Tunnels section from the sidebar. All configured tunnels are listed with their type, port configuration, and current status (running / stopped).

Tunnels screen — lists all saved tunnel configurations

Tap the + button to create a new tunnel. Configure the following fields:

Create tunnel — choose type and configure port mapping

Each tunnel entry has a toggle to start or stop forwarding. The status indicator shows green when active and gray when stopped.

Active local tunnel — status indicator shows running state

After creating a Dynamic SOCKS tunnel and starting it, configure your browser or OS to use a SOCKS5 proxy at 127.0.0.1:<local-port>.

• Firefox: Preferences → Network Settings → Manual Proxy → SOCKS5 Host: 127.0.0.1, Port: your local port
• macOS System Proxy: System Settings → Network → Advanced → Proxies → SOCKS Proxy

VNC connections are created from the Connections screen alongside SSH connections. Tap + New Connection and select VNC as the connection type.

Two connection modes are available:

• Direct — connects to the VNC server's TCP port directly. The VNC server must be reachable from your device. VNC traffic is not encrypted unless TLS is configured on the server.
• SSH-tunneled — routes VNC through an SSH tunnel. Select an existing SSH connection as the gateway. The VNC port never needs to be open on the firewall. All traffic is encrypted by SSH.

Adjust these settings to balance visual quality against bandwidth consumption:

If you are connecting to a macOS machine with Screen Sharing enabled, select ARD as the auth type and enter the macOS user credentials. ARD auth uses an Apple-specific challenge-response scheme over the VNC protocol.

Enable View Only in the connection settings to observe the remote desktop without sending any keyboard or mouse input. Useful for monitoring and demonstrations.

When connected to a VNC session:

• Mouse movements and clicks are forwarded to the remote desktop in real time
• Keyboard input is forwarded with full modifier key support (Ctrl, Alt, Cmd, Shift)
• Clipboard sync: text copied on your local device can be pasted on the remote, and vice versa (when supported by the VNC server)

Navigate to Settings → Snippets or access the snippet library from the terminal toolbar. Tap + New Snippet and fill in:

Use tags to group snippets by topic, tool, or project. The snippet library can be filtered by tag or searched by title or command text, making it fast to locate a specific snippet even in a large collection.

• Multiple tags per snippet are supported
• Tags are shared across connections and sessions
• Use consistent tagging conventions for best discoverability

The snippet search bar performs a full-text search across snippet titles, command bodies, and tags in real time as you type.

Open the snippet library from the terminal toolbar (the snippet icon). Tap a snippet to insert its command text at the terminal cursor. The command is injected into the active terminal — review it before pressing Enter to execute.

Go to Settings → General → P2P Settings and toggle Enable P2P Sharing. The vault must be unlocked before P2P can be enabled.

P2P Settings — enable sharing and view discovered peers

Once P2P is enabled, the app automatically discovers other Swavan SSH Studio instances on the same network. Discovered peers appear in the peer list in Settings. No manual IP entry is required.

• Discovery is automatic — no manual configuration needed
• Peers appear within a few seconds if both devices have P2P enabled
• If no peers appear, check the Windows Firewall section if you are on Windows

Select a peer from the discovered list, then choose which connection profiles to share. The selected profiles are encrypted using a one-time transfer key and sent to the peer device.

• Profiles are decrypted on the receiving device using the shared transfer key
• Credentials (passwords, private keys) are included in the encrypted transfer
• The transfer key is temporary and discarded after use

On mobile, the receiving device can scan a QR code displayed on the sending device to establish the P2P connection and receive profiles without needing to type a transfer key manually.

• On the sending device: tap Show QR Code in the peer sharing screen
• On the receiving device: tap Scan QR Code and point the camera at the sender's screen
• The QR code encodes the transfer key and peer address — valid for a single transfer session

The vault is protected by your master password. The password is run through Argon2id (a memory-hard KDF) to derive the encryption key — the password itself is never stored anywhere.

After unlocking the vault with your master password at least once, you can enable biometric unlock in Settings → General → Vault Security.

• macOS — Touch ID
• iOS — Face ID or Touch ID
• Windows — Windows Hello (fingerprint, face, or PIN)
• Android — fingerprint or device credentials

The vault key is stored in the platform's secure enclave (Keychain on Apple, Windows Credential Manager, Android Keystore). The master password is not stored.

Tap Lock Vault at the bottom of the Connections screen, or from Settings → Security → Lock Vault. This immediately clears the vault key from memory — the app locks and requires your master password (or biometric) to continue.

Go to Settings → General → Vault Security → Change Password. Enter your current password, then your new password (twice to confirm). All stored credentials are re-encrypted with the new key immediately.

Vault security settings — change password and manage biometric unlock

Export an encrypted backup of your vault from Settings → General → Storage. The backup file is encrypted with your master password and can be restored on any device running Swavan SSH Studio.

• Backup format: encrypted archive containing all connections, tunnels, and configuration
• The backup is useless without your master password — it is safe to store in cloud storage
• To restore: choose "Restore from backup" on first launch or from the profile screen

From the profile selection screen (shown before vault unlock), tap + New Profile. Each profile is a fully isolated vault with its own master password and connection database.

• Profiles are listed on the profile picker screen
• Each profile has its own master password — they are fully independent
• Data in one profile is never accessible from another

Lock the current vault. The profile picker appears, letting you select and unlock a different profile. No data crosses between profiles during the switch.

From the profile picker, long-press or use the menu on a profile and choose Delete. Confirm the deletion. This permanently removes the vault database for that profile — all connections stored in it are lost.

Transfer a complete profile from one device to another using P2P. On the sending device, go to Settings → General → P2P Settings → Share Profile. The receiving device must be on the same network with P2P enabled.

• The entire vault (all connections and credentials) is encrypted and sent
• The receiving device creates a new profile from the transferred data
• Both devices retain independent copies after the transfer

Navigate to Settings → General → Terminal. Changes are applied live — you can see them reflected in any open terminal sessions immediately.

Terminal preferences — font, size, and color settings

Eight monospace fonts are available, embedded directly in the app so they work consistently across all platforms:

• JetBrains Mono
• Fira Code
• Cascadia Code
• Source Code Pro
• IBM Plex Mono
• Inconsolata
• Hack
• Ubuntu Mono

Use the font size slider to adjust text size. The app has sensible platform defaults — 17px on desktop, 10px on mobile — with a minimum of 6px.

The terminal color scheme follows the app theme (light / dark / system). In the terminal customization panel you can also set a custom foreground color, background color, and cursor color independent of the app theme.

Navigate to Settings and tap the Logs button (scroll icon) in the settings navigation bar. The log viewer loads the current log file automatically.

• Logs are loaded from disk when the panel opens
• Tap the Refresh button to reload after new log entries are written
• Logs scroll from oldest at the top to newest at the bottom

Use the search input and the log level dropdown to narrow down entries:

Tap the trash icon in the log viewer toolbar. This erases the log file on disk and clears the viewer. Useful to start with a clean log before reproducing an issue.

Open Settings from the sidebar. Four navigation tabs are shown as icon-only buttons at the top: General, System, Logs, and About.

Settings — four tabs: General, System, Logs, About

The General tab contains all user-configurable preferences organized as an accordion:

• Theme — Light, Dark, or System. Switches the entire UI including the terminal.
• Terminal — Font family, font size, cursor style, custom colors.
• File Executors — Configure which applications open specific file types in the remote editor.
• Keyboard Shortcuts — View and customize keybindings for terminal operations, tab management, and navigation.
• Storage — View the on-disk location of the SQLite database, copy the path, or open the folder.
• Vault Security — Change master password, enable/disable biometric unlock.
• P2P Settings — Enable P2P sharing, view discovered peers.
• Receive Connections — Start receiving mode to accept profiles from another device.

The keyboard shortcuts panel lists all configurable keybindings grouped by category. Click a shortcut to reassign it. Shortcuts support modifier keys (Ctrl, Alt/Option, Cmd/Win, Shift).

Storage — view and copy the local database path

• Shows the full path to the SQLite database on your device
• Tap Copy Path to copy it to the clipboard
• On desktop, tap Open Folder to reveal the database directory in Finder/Explorer

Visit the GitHub Releases page and download the .AppImage file for your architecture.

• x86_64 — most desktop and server CPUs
• aarch64 — ARM64 (Raspberry Pi 4/5, ARM servers)

AppImages require FUSE to mount themselves. Most distributions include it. If you see an error like "FUSE library not found", install it:

Double-click the AppImage in your file manager, or launch from the terminal:

NixOS does not support AppImages directly due to its immutable filesystem layout. Two options:

P2P sharing uses mDNS (multicast DNS, UDP port 5353) for automatic peer discovery. Windows Firewall blocks mDNS multicast by default for applications that have not been granted an explicit exception.

• Symptom: P2P enabled but no peers discovered, or sharing times out
• Cause: Windows Firewall blocks UDP 5353 (mDNS) and QUIC protocol traffic
• Fix: Add inbound firewall rules via PowerShell (run as Administrator)

• Restart Swavan SSH Studio on all devices involved
• Go to Settings → General → P2P Settings and confirm P2P is enabled on both devices
• Ensure both devices are on the same local network (same Wi-Fi or LAN)
• Peers should appear in the peer list within a few seconds

When you first launch the app, you'll be prompted to create a master password. This password encrypts all your credentials.

Click "New Connection" in the sidebar and fill in your server details:

Click on your saved connection to open a terminal session. You can open multiple sessions by clicking the connection again.

SSH tunneling (port forwarding) creates an encrypted connection between your local machine and a remote server, allowing you to securely access services that aren't directly exposed to the internet.

How it works: Your Computer (localhost:5433) → Encrypted SSH Tunnel → Remote Server (postgres:5432)

• Local Port Forwarding — Forward a port from your local machine to a service on the remote server. Use case: Access a database running on your server from your local machine. Example: Local Port 5433 → Remote Host:5432
• Remote Port Forwarding — Forward a port from the remote server back to a service on your local machine. Use case: Expose your local development server to the remote machine. Example: Remote Port 8080 → localhost:3000

Go to the Tunnels section in the sidebar, or click the tunnel icon on a connection card.

Click "Add Tunnel" and configure your tunnel:

Click the Start button to activate the tunnel. The status indicator will turn green when active.

Connect to your local port as if the remote service was running locally:

Say you have a PostgreSQL database running on your server at port 5432, but it's not exposed to the internet for security reasons.

• Create a tunnel: Local Port 5433 → Remote localhost:5432
• Start the tunnel
• Connect using: psql -h localhost -p 5433 -U postgres

Right-click on a connection and select "Share", or go to Settings → Transfer Setup.

Select whether to include credentials:

• With Credentials — Share complete connection including password/key
• Without Credentials — Share only host, port, and username

A unique transfer key will be generated. Share this key with the recipient.

Open Swavan SSH Studio and select "Receive from Device" during vault setup, or go to Settings → Receive Transfer.

Enter the transfer key and click "Receive". The connections will be securely transferred.

Go to Settings → Backup and click "Create Backup". Choose a location to save the encrypted backup file.

Copy the .backup file to your other device via USB, cloud storage, or any secure method.

On the new device, select "Restore from Backup" during vault setup. Select the backup file and enter your master password.

Click on any saved connection to open a new terminal session. The connection will be established automatically.

• Green — Connected, session is active
• Yellow — Connecting, establishing connection
• Red — Disconnected, session ended

Open multiple sessions by clicking the same or different connections. Each session opens in a new tab.

Personalize your terminal in Settings → Terminal Preferences:

• Font — JetBrains Mono, Fira Code, Monaco, and more
• Font Size — Adjustable from 10px to 64px
• Colors — Custom text, cursor, and selection colors
• Theme — Separate colors for light and dark mode

Click the X on the session tab or use the disconnect button. Running processes will be terminated.

Click the Explorer icon in the sidebar while connected to a server, or click the folder icon on a connection card.

Click folders to navigate, use the breadcrumb path, or click the home icon to go to your home directory.

• Home button — Go to user home directory
• Back button — Previous directory in history
• Forward button — Next directory in history
• Refresh button — Reload current directory

Upload and download files with real-time progress tracking:

• Upload — Click the upload button and select local files to transfer to the server
• Download — Right-click a file and select "Download" to save it locally

Double-click any text file (up to 5MB) to open it in the built-in editor. Changes save directly to the server.

Right-click on files or folders for additional options: Rename, Delete, New Folder, Copy Path.

• Use SSH keys instead of passwords when possible
• Lock your vault when stepping away
• Use strong, unique master password
• Regularly backup your vault
• Don't share credentials over insecure channels

• Set a landing path to start in a specific directory
• Use descriptive connection names for easy search
• Enable auto-start for frequently used tunnels
• Open multiple file browsers in tabs
• Use the home button for quick navigation

• Connection timeout? Check firewall and SSH service
• Authentication failed? Verify credentials and key permissions
• Tunnel not working? Ensure the target service is running
• P2P not discovering peers on Windows? Add firewall exceptions (see Windows Firewall panel)
• AppImage not running? Install libfuse2 and check permissions

• Double-click connection name to quick connect
• Drag tabs to reorder them
• Right-click for context menus everywhere
• Use search to filter connections instantly
• Theme automatically follows system preference

• Backup works across all platforms
• P2P sharing works on same network
• Settings sync via backup/restore
• Private keys work on all platforms
• Tunnels work identically everywhere

• Database Access — Create a tunnel to access PostgreSQL, MySQL, or Redis from local tools. Example: localhost:5433 → server:5432
• Web Service Access — Access internal web dashboards or APIs only available on the server's localhost. Example: localhost:8080 → server:3000
• Monitoring Access — Connect to Grafana, Prometheus, or other monitoring tools on internal ports. Example: localhost:3001 → server:3000
• Development Sync — Expose your local dev server to a remote machine for testing webhooks. Example: Remote server:8080 → localhost:3000