JuiceSSH – Give me my pro features back(nproject.io)

402 pointsby jandeboevrie12 days ago32 comments

cube0012 days ago
Support is unresponsive, this looks like an exit scam.
Finally this is getting traction after leaving many of us out of pocket.
Both developers [1] are working in management at Microsoft and AWS while ignoring emails, leaving JuiceSSH to rot because they couldn't be bothered to wrap up cleanly (refund, release a final update with pro features enabled, release the source code etc.)
Paul Maddox [2]: Director - Cloud & AI Solutions Engineering @ Microsoft - last reposted a month ago
Tom Maddox [3]: Head of AWS Solutions Architecture for Local Markets - last commented two months ago
Don't bother going back to Google either. A Play store "support specialist" just told me:
I tried to create a refund request but its not allowing to create one since the date of the transaction is out of our refund policy as we can only process refunds for up to 120 days only after the transaction was charged.
[1]: https://juicessh.com/about or https://sonelli.com/about
[2]: https://www.linkedin.com/in/paul-maddox
[3]: https://www.linkedin.com/in/tom-maddox-87236b27
- opello11 days ago
  The about link above gave a Cloudfront-looking failure, but the base domain here worked and is where the app help link takes me, albeit to /faq:
  https://sonelli.com/
  I reactivated my license a few months ago using the in-app functionality but I'm not quite sure when I'm afraid.
- Zenul_Abidin10 days ago
  Thinking I'll just create a clone of JuiceSSH myself and make all the stuff FOSS. I don't like developers who fleece me out of my purchases.
- saghm10 days ago
  > I tried to create a refund r request but its not allowing to create one since the date of the transaction is out of our refund p policy as we can only process refunds for up to 120 days only after the transaction was charged.
  In other words, any Google Play app is allowed to just pull the plug on features after four months and pocket the money. Wonderful...
  - cube009 days ago
    You'll own nothing and be happy.
tiagod12 days ago
I've been using this app for years. A couple months I needed to use forwarding, which is a Pro feature.
I thought I already bought it years ago, but the app asked me to pay so I bought it again. It instantly locked me out of the whole app. Later I checked and I had bought pro already in 2014 (for 5€, and I paid 30€ this time). Absolutely no answer to my emails.
Thanks for the instructions.
- smileybarry12 days ago
  If you haven't already, you can ask Google for a refund on that (the second, recent) in-app purchase:
  https://support.google.com/googleplay/answer/15574897?hl=en
  The policies are "up to 48 hrs after purchase" but I'm sure "purchase does not work at all" is an exception. (It is on iOS)
  - stavros12 days ago
    I've never succeeded on getting a refund with Google. There were a few apps that tricked me into buying a subscription (namely Musescore and Yazio), I immediately asked Google for a refund because I didn't actually get what I thought I was getting, and they denied me both times.
    Now I just don't buy anything on the Play store that I can't afford to just be outright scammed on.
    tomrod11 days ago
    Two that I lost on play store:
    1. World of Goo. Bought by Netflix, sunsetted, can't install old versions anymore
    2. Monopoly. Bought by EA. Sunsetted/renamed to zzzMonopoly. Can't install old versions anymore.
    FDroid has my attention since these happened.
    llbbdd11 days ago
    This is how I find out that I can't install World of Goo anymore. Man.
    ahmeni11 days ago
    The Musescore app is just a minefield of subscription farming, it was somehow miserable even with an existing subscription the number of times it tried to get me to also get their weird AI learning platform. Now I've left it entirely.
    stronglikedan11 days ago
    Strange and not normal. I've never not gotten a refund within the allotted terms.
    zx808011 days ago
    Was you able to eventually unsunbcribe from Musescore?
    stavros11 days ago
    Yes, I could unsubscribe from both easily, but I wanted a refund because I couldn't use the subscriptions.
  - cube0012 days ago
    > I'm sure "purchase does not work at all" is an exception
    Nope, a Play store "support specialist" just told me: "I tried to create a refund request but its not allowing to create one since the date of the transaction is out of our refund policy as we can only process refunds for up to 120 days only after the transaction was charged."
    windexh8er11 days ago
    Your credit card company will reverse it for you. A non-working product with unanswered emails will allow you to easily get your money back while also giving the middle finger to Google.
    derefr11 days ago
    I believe that will result in Google locking you out of your Google account, including Gmail, YouTube, any Google Cloud projects, etc.
    denkmoon11 days ago
    This is exactly what will happen, you have no recourse. Technofeudalism is real.
    windexh8er11 days ago
    I've done it in the past (~2015). Honestly if Google locked me out of all of those other purchases it'd be great grounds to sue them. If everyone started doing this it would prevent them from doing this in the first place and may be additional fodder for (hopefully) continued anti-trust losses in court. If your life is tied to Google in that way then it's a risk no matter what you do and you should probably think about how to reduce that risk. I don't have anything other than purchases tied to my Google accounts anymore.
    trinix91211 days ago
    It's likely down in the ToS somewhere that they are free to close your account if you do a chargeback, otherwise they wouldn't be so eager to do it.
    vpShane11 days ago
    Peanuts to an elephant.
    11 days ago
    undefined
  - tiagod10 days ago
    I hadn't gotten around to it yet, but just requested it and it got instantly approved. At least that.
- TheRoque11 days ago
  Why would you pay for such feature ? Termux is basically a small Linux in your pocket and has anything you'd ever need regarding SSH
  - cyberrock11 days ago
    JuiceSSH was popular starting 2013-2014 and Termux was released in 2015. ConnectBot technically existed before but its keyboard has always left more to be desired.
  - BenjiWiebe11 days ago
    It's far quicker and easier to hit a toggle in JuiceSSH to turn on a port forward than to open up termux and type in the commands.
    idatum11 days ago
    > It's far quicker and easier to hit a toggle in JuiceSSH
    termux via F-droid is far better now than JuiceSSH Pro. Termux:Widget let's you launch an SSH tunnel script with one click. I stopped using JuiceSSH Pro more than a year ago once I realized this.
    TheRoque11 days ago
    I can believe that. But there are ways to reduce this overhead to almost nothing (aliasing, a script, a shell with nice autocomplete...)
  - wafflemaker11 days ago
    Keyboard in Juice is/was very good too. Just a bar over your Android keyboard with all the special characters that are normal when using bash. Like tilde or forward slash. Saved a lot of time and made me not switch to Termux. But haven't used it in a long time.
    306bobby10 days ago
    Termux has a similar bar now. Maybe it didn't used to in the past, but always has since I've used it
  - tiagod10 days ago
    Because I already had my servers loaded in the app, have been using it for 13 years, and I like it, so I paid to support development. Really backfired.
    I ended up setting it up through Termux as you suggested.
Grimblewald12 days ago
> juice is best ssh for android
I am not contending truth here, but also I have never even tried / considered anything outside of termux + unexpected keyboard, and I can't imagine anything improving my experience.
what makes juicessh so good? I guess I'm asking for a "Convince me to try it" style review of juice.
- petesoper11 days ago
  "I guess I'm asking for a "Convince me to try it" style review of juice" Notice this is about juicessh becoming unusable and no longer having any support. That should satisfy you.
- opan12 days ago
  I used JuiceSSH many years ago, had the Pro version when it was briefly free once. I've used Termux for years now and it seems better to me. You can set up ssh keys and aliases like usual, multihop works. I think I used to use Hacker's Keyboard but now I use AnySoftKeyboard since it had better alt layout support (e.g. Dvorak, Workman). I've got a row at the top with ctrl, tab, arrows, esc... It even works to do C-a, C-c, C-v in other apps. I'd recommend the combo. All available from F-Droid.
  - wolvoleo11 days ago
    Yes I use termux too. What I love is that everything works that works on a normal computer too. And the same way. Even ssh keys on yubikeys work great with open keychain and okcagent.
- venusenvy4711 days ago
  I bought Juice pro many years ago and use it daily on my phone and Tablet. I like how it gives my one click access to my handful of servers, and I liked the syncing between devices. I started using Termux last week and it seems like a decent alternative. The copy and paste is nicer on JuiceSSH, and I think it is more immune from getting disconnected if you switch to another app during a session.
  - Squeeeez11 days ago
    Have you looked into enabling ssh keep alive/server alive?
    bloak11 days ago
    From what I've read, TCPKeepAlive can be a good or a bad thing. On the one hand, sending a packet every now and then can dissuade a middle box from dropping the connection. On the other hand, if the connection is temporarily not working and would have started working again a few minutes later the attempt to send an unnecessary packet could cause the connection to break permanently when it wouldn't otherwise have broken. I suppose that next time I have a recurring problem I should try both.
    Squeeeez10 days ago
    Sharing in case this can help you in the future, this is what works for me with Termux in .ssh/config
    ServerAliveInterval 120 ServerAliveCountMax 30 TCPKeepAlive yes
- johannes123432111 days ago
  I have used neither juice nor termux.
  For my few emergencies ConnectBot worked quite well as an ssh client for me, including port forwarding (so i could use VNC sessions to unlock a boot issue in a VM using some VNC app)
- rclkrtrzckr11 days ago
  I wonder why nobody mentions serverbox
  https://f-droid.org/packages/tech.lolli.toolbox
- jojomodding12 days ago
  For me it's mostly that it just works and was very easy to set up when I first used it.
- ycombinatrix12 days ago
  It has an SSH focused GUI which can be more convenient
  - worthless-trash11 days ago
    What does that mean.
    ycombinatrix11 days ago
    Buttons
- Lord_Zero11 days ago
  Can I use that keyboard only with termux?
  - creshal11 days ago
    No, it's a generic android keyboard and works with all apps. But you need a keyboard like it (arrow keys, ctrl, etc.) for termux to not be a total PITA to use.
    (Android has full physical keyboard support, so with it you can use Ctrl+A/Ctrl+X/Ctrl+V in all input fields. Usually a lot faster than fumbling with the touch equivalents that keep randomly bugging out…)
    Grimblewald11 days ago
    To add to this you can define custom keyboards quite easily for just about any unicode character you can imagine and more. It is an extremely underrated keyboard. It doesn't come with autocorrect built in though, but i barely notice. The privacy it offers is a nice touch, and its functionality unmatched.
khanan12 days ago
Replaced JuiceSSH two years ago with ConnectBOT (https://play.google.com/store/apps/details?id=org.connectbot...) as a "free" alternative. Never looked back.
- genpfault12 days ago
  > ConnectBot
  https://f-droid.org/en/packages/org.connectbot/
  https://github.com/connectbot/connectbot
- degamad11 days ago
  Never used JuiceSSH or Termux, but I've been using Connectbot for years, and it's pretty good.
sowbug12 days ago
I haven't used my Pro purchase in years, but if I did want to ssh from my phone today, I'd use the newish Terminal app, available since Android 15. It's a full Debian virtual machine.
- wilsonnb312 days ago
  I don’t think it is that widely available due to Snapdragon chips not supporting some feature it requires.
  Good option for Pixel owners or phones with MediaTek chips though.
  - fulafel12 days ago
    Apparently it's about software, not hardware - Qualcomm recommends running Android under a virtual machine (which lacks nested virtualization support).
    mcbridematt11 days ago
    IIRC Qualcomm smartphone SoCs have always run some kind of hypervisor, I believe it's to allow partitioning of the CPU cores with the modem/DSP.
    They used to (mid-late 2000s) use an L4 derivative ("REX"?), with the more recent chips (including the 'X' series for PCs) using their homegrown "Gunyah" hypervisor (https://github.com/quic/gunyah-hypervisor)
    fulafel11 days ago
    Would be interesting if you know of any evidence about being an architectural hw limitation. Though of course the practical difference may be small if the DRM bootloader enforces loading the hypervisor through cryptographic checksums. But I guess if a customer asked they would allow it and the hardware could do it.
    11 days ago
    undefined
    superb_dev12 days ago
    Is this for real? Do you have any more info on this? It seems crazy to me given how popular their chips are and how many problems I’d imagine this creates
    fulafel11 days ago
    Some more info in this comment and good search terms for further research as well. https://news.ycombinator.com/item?id=38091082
    pierrec11 days ago
    It shouldn't be problematic if the processor supports it well. For example modern Windows is always running as a VM and people are barely aware of that.
    superb_dev11 days ago
    That’s a good point, I forgot windows typically runs on top of hyperV
    user_783211 days ago
    The other HN comment already has some info, but from what I remember from r/android threads, it's because qualcomm doesn't allow unsecure (sic? unencrypted?) VMs, which, ironically, are needed to run nested Linux.
    Disclaimer, my memory on the exact terminology is extremely fuzzy. But pixels with tensor can run it just fine. And it's purely a software thing too, btw.
    asutor12 days ago
    Using an S24 here and yeah, not available with Android 16
    wolvoleo11 days ago
    But the S24 wasn't Qualcomm but Exynos. Weird.
    jeroenhd11 days ago
    It should work fine for any Android phone with pKVM support. It runs Debian in a VM, with some kind of Wayland trick (using virgl for GPU acceleration) to get GUI support.
    pKVM requires a) a compatible CPU (most CPUs will do, probably), b) compatible firmware/bootloader software, and c) a compatible Android build
    The latter two parts are the most likely reason why not all phones have support for this.
  - chasil12 days ago
    I run LineageOS on both a Pixel 3a XL and a OnePlus 5. Yes, these both run Snapdragons.
    The option to install the subsystem is present on both, but I have not attempted it.
    I have loaded it onto a Pixel 6a running Graphene.
    TheRoque11 days ago
    The option is available, but it probably won't work (show some error that the chip should allow unsecure VMs)
- preisschild12 days ago
  Or termux, which doesnt use a VM
  - gruez12 days ago
    Yeah, another vote for Termux. The linux VM ends up being a bit laggy because it's actually a webview that renders a terminal, that's connected to the VM. More importantly though, the soft keyboard support is totally broken, so if you try to backspace more characters than you've typed, it won't let you. That sucks if do something like:
    1. type some command, hit enter
    2. hit up to edit it (because you typoed something)
    3. can't backspace because the soft keyboard thinks there's nothing to delete
    preisschild12 days ago
    Ive always considered termux the more elegant option for userspace programs than the android terminal debian vm. I just wished android had the permission api to create user namespaces (containers) in termux
    vrighter11 days ago
    and I've had that terminal glitch out quite frequently. termux is rock-solid for me.
- sunnyam12 days ago
  Do you mean Termux? I can't find any other Terminal app with a similar name
  - saidinesh512 days ago
    No Android started bundling a terminal app recently:
    https://itsfoss.com/news/google-android-linux-terminal-rollo...
    domh12 days ago
    Huh, I did not know this. This is also present on GrapheneOS too! (I'm installing it now)
    fmajid12 days ago
    It is extremely flaky on GrapheneOS, at least on my Pixel 8 Pro. Just typing Ctrl-D to exit will corrupt it, requiring a full reinstallation of the Debian VM
    Denatonium11 days ago
    The built-in terminal app seems to be similarly flaky on my Pixel 8. Also, the kernel it boots into is really stripped down, and it lacks a ton of essential features. I was not able to install VirtualHere client to pass through USB devices, and there's no built-in functionality. There's also no way to open it full-screen on the Pixel 8's DP-over-USB-C desktop mode. Hopefully it continues to improve, but it seems like Google is more into extracting value than they are improving their products at this point.
    domh11 days ago
    Oh wow. I did a very basic test this morning `ping google.com` and then ctrl+c and it seemed to work okay. Not done any more extensive testing than this though.
    Could it be that it's just very flaky on all pixel devices? Or maybe something graphene is doing to harden the OS doesn't play nicely with how it's been implemented?
    jeroenhd11 days ago
    On my stock firmware Pixel 9 Pro I also corrupted the install a few times.
    To be fair, the feature was still labeled as experimental in the dev settings when I enabled it.
    gruez12 days ago
    Control-D works fine for me. It just terminates the VM and you can restart.
    fmajid11 days ago
    It's not 100% reproducible, but at least 50% of the time for me:
    https://social-cdn.vivaldi.net/system/media_attachments/file...
  - simlevesque12 days ago
    Enable Developper Options. It should be in the Developer menu. It's a toggle that'll enable this apk.
    ndom9112 days ago
    Is this available outside of Pixels? I still can't find it on my OnePlus 13 running Android 16 with Jan security updates
    cmehdy12 days ago
    The option exists on Samsung phones but is greyed out and crashes if you force it via adb. It is also marked as experimental.
    mixel11 days ago
    I just tried it on my S25. I can enable the option an open the APK but can't download it because it fails to create the VM because the S25 does not support Non-protected VMs, so I may require a rooted device. I guess I will stick to Termux but interesting feature nonetheless
    yonatan807012 days ago
    I believe it relies on some virtualization extensions Google's CPUs have, which most phone SoCs don't support.
    prmoustache12 days ago
    It is buggy as hell anyway.
    seszett12 days ago
    Honestly I don't find it more useful than Termux, especially for being so much heavier.
    cogman1012 days ago
    Just because I was curious.
    Termux is doing a container. The android terminal is doing a virtual machine. That's the difference.
    Termux would definitely be the light weight option, but you will be pinned to whatever version of the kernel your device is shipped with (may be a bit old.)
    yjftsjthsd-h12 days ago
    No, termux isn't a container, it's running directly in userspace on the host. The only weird thing is that because it's running directly on the host, it has to be built to use unusual paths, eg. /data/data/com.termux/files/usr/bin/bash instead of /usr/bin/bash. If it used containers (which IIRC it can't because Android doesn't really support it) that would actually be easier because then it could use a chroot to make the paths look normal.
    cogman1012 days ago
    Ah, well that stinks a little. I guess it makes sense, if android doesn't mandate a few kernel settings then working with containers might not be an option.
    skissane12 days ago
    Couldn’t it implement a “fake chroot” by e.g. creating its own libc which wraps the real one but with path remapping, and then linking all its executables against that?
    yjftsjthsd-h11 days ago
    That would only work for things that use libc (so eg. most Go programs are probably not going to work). The main way that you can do an unprivileged fake chroot is proot, which termux does offer - see https://wiki.termux.com/wiki/PRoot - but that has a significant performance hit.
    seszett12 days ago
    > you will be pinned to whatever version of the kernel your device is shipped with
    That doesn't matter much for using SSH though.
    For running more complex Linux programs or scripts Termux is indeed less comfortable (but it can still work).
cremp12 days ago
This might be a good plug for Morphie or Revanced patches to automate the patch process.
- nfriedly12 days ago
  I'm a big fan of Revanced, but I haven't heard of Morphie - do you have a link for it? (I tried searching, but all I'm coming up with are cosmetics, chargers, and an IRC app.)
  Edit: found it: https://morphe.software/ - looks like it's sort of an offshoot of ReVanced that only supports Youtube at the moment.
  And, for those who weren't aware of ReVanced, see https://revanced.app/ - it was originally just a tweaked version of the YouTube app called Vanced (an "advanced" YouTube app, but without the "ad"s ;) - but now it's a tool that can patch a bunch of different apps.
aposm12 days ago
Yikes. I also just noticed that all the plugins (part of the pro feature set) rely on separate apk downloads from the Play Store, which all appear to be dead/delisted. This is really a shame, I too have thought of this as "the best" Android SSH client in the past.
esseph12 days ago
Really great terminal app that I used in Android for a very long time with some interesting features.
Also, Mosh shell support for sshing in degraded connection environments!
ggm11 days ago
Thank you for reminding me about risks of cloud key storage. I think I better go wipe my .ssh/ states and re-work things to a modern keypair.
I think ed25519 would be both shorter sigs in authorised_keys and definitely NOT what I used "back then"
saidinesh512 days ago
Wow. Thanks for this. I haven't logged into Juice SSH in years, but i thought it had all my ssh keys backed up in the cloud.
- znpy12 days ago
  I’d start rotating those keys asap… you’re one breach away from a security nightmare
  - saidinesh512 days ago
    Yep, just did.. A lot of those devices don't even exist anymore but the keys exist lol.
  - graemep12 days ago
    You should encrypt your ssh keys anyway, and you should encrypt anything sensitive you are backing up to a cloud.
    trey-jones12 days ago
    Private keys should never leave the device where they are created.
    graemep12 days ago
    So no backups?
    Tuna-Fish12 days ago
    Correct. Private keys should never be backed up. Instead, should you need a backup, you should create a distinct key for that purpose.
    TurdF3rguson12 days ago
    That's a great plan until you're locked out of all your devices with no backup.
    derefr11 days ago
    I think the implication is that you should own multiple client devices capable of SSHing into things, each with their own SSH keypair; and every SSH host you interact with should have multiple of your devices’ keypairs registered to it.
    TurdF3rguson11 days ago
    Right, and to never backup the keys which means losing of all your devices means you can't possibly recover.
    KAMSPioneer11 days ago
    Tuna-Fish said that instead of backing up the keys from your devices, you should create a specific backup key that is only ever used in case you lose access to all your devices.
    This is indeed best practice because it allows you to alert based on key: if you receive a login on a machine with your backup key, but you haven't lost your devices, then you know your backup was compromised. If you take backups of your regular key then it would be much more difficult to notice a problem.
    derefr9 days ago
    My point was that one of the devices would be your (cold) backup — you'd e.g. get an (ideally passphrase-protectable) smart-card; read off its pubkey; register that pubkey with all your remote systems/services; and then put the smart-card itself into a fire safe / safe-deposit box at a bank / leave it in trust with your lawyer / etc.
    Note that you would never need to go get the smart-card just to perform incremental registration between it and a new remote host/service. You just need its pubkey, which can live in your password manager or wherever.
    And yet, if your house burns down, you can go get that smart-card, and use it to get back into all your services.
    And yet also, unlike a backup of another of your keys, if you find out that someone broke into your house and stole your safe, or robbed your bank, etc, then you can separately revoke the access of the pubkey associated with the smart-card, without affecting / requiring the rolling of the keys associated with your other devices. (And the ideal additional layer of passphrase protection for the card, gives you a time window to realize your card has been taken, and perform this revocation step, before the card can be cracked and used.)
    Indeed, as the sibling comment mentions, this is vaguely similar to a (symmetrically passphrase-encrypted) backup of a unique extra KPI keypair onto a USB stick or somesuch.
    The major difference, though, is that because a backup of a key is truly "just data", an attacker can copy off the encrypted file (or image the raw bytes of the encrypted USB disk), and then spawn 10000 compute instances to attempt to crack that encrypted file / disk image.
    Whereas, even when in possession of the smart-card, the attacker can't make 10000 copies of the data held in the smart-card. All they can do is attack the single smart-card they have — where doing so may in turn cause the smart-card to delete said data, or to apply exponential-backoff to failed attempts to activate/use the key material. The workflow becomes less like traditional password cracking, and more like interrogating a human (who has been explicitly trained in Resistance-to-Interrogation techniques.)
    TurdF3rguson8 days ago
    To me that just sounds like creating obstacles for myself to get access to my system when I desperately need to. I keep a backup of my work pc keys on Google Drive and I have zero anxiety about that.
    leni53612 days ago
    You can have backup private keys, they don't have to be copies of some other private keys.
    9dev12 days ago
    Actually, you shouldn’t. You probably use an easy-to-remember password on SSH keys since you have to type them often, but that also means you’re storing one of your (let’s face it, the primary) password you have in a single file, readable to every executable your run under your account. And that means you’re one exfil away from not only getting your SSH keys compromised, but also allowing an attacker to run an offline decryption attack with unlimited attempts. This invariably leads to your main password getting compromised.
    Instead, set up SSH certificates, MFA, Yubikey, or TPM/Enclave storage for your private keys.
    yjftsjthsd-h12 days ago
    > You probably use an easy-to-remember password on SSH keys since you have to type them often
    No, use ssh-agent and decrypt once per boot.
    > Instead, set up SSH certificates, MFA, Yubikey, or TPM/Enclave storage for your private keys.
    Granted, I agree with this, too.
    bityard12 days ago
    > but also allowing an attacker to run an offline decryption attack with unlimited attempts. This invariably leads to your main password getting compromised.
    Do the OpenSSH authors not know about PKBDF2 or similar?
    degamad11 days ago
    How does PBKDF2 prevent an offline decryption attack with unlimited attempts?
    All it does is slow down the attempts, but for the average person's easy-to-remember password, it's probably increasing the effort from milliseconds to a few days.
    wafflemaker11 days ago
    I always aimed for 15+ letter passwords and set at least 100 rounds of the key function? (The -a flag) when generating password protected ssh keys.
thih911 days ago
I get it why an article like this is being posted, but I’m also worried that it’s jumping to conclusions.
Devs/support get overwhelmed, apps get buggy. A better course of action to me seems: reporting a broken app, requesting refund, waiting for the fix and switching to an alternative in the meantime.
I also dislike that this behavior could be a reason against sideloading, especially if made more popular.
- BenjiWiebe11 days ago
  It worked for years with no/few changes. Then the price increases and pro features stop working. I'm not too likely to give the devs the benefit of the doubt. Patch out the 'pro' check and release an update. Or reply to one of the many new 1 star reviews and say you lost access to the source code, if that's what happened.
  Complete silence + taking money...
  - alias_neo11 days ago
    They seem to have pulled it, I can't find it on my Pixel.
    I paid for it in 2014, and it hasn't been updated in about half of that time, they removed the cloud key backup at some point without notification so I lost all of the keys I had stored, and last time I used it, it didn't even recognise I had paid for it.
    I moved to a different app a while back.
  - thih911 days ago
    I still don’t get it. You say it yourself that it worked for years with no issues. Current behavior is bad but the community pirating the app does not seem right either.
    Popular apps get away with more user hostility and price gouging. To me this effort seems misplaced.
    TiredOfLife11 days ago
    > Current behavior is bad but the community pirating the app does not seem right either.
    Feature people PAID!!!! for suddenly stopped working.
    thih911 days ago
    I know, my point is this doesn’t give you the right to pirate the app. You have legal ways to fight it: request a refund, report it to the store, write a review, advocate for an open source alternative, etc.
    elAhmo11 days ago
    People have shared that many of those things didn't work, developers don't care about reviews of an abandoned app, refund process probably costs you more in time than you would get, and Google is not really known for their good support.
    You shouldn't go through that much effort for something you already paid and obviously malicious/unethical approach caused you problems. If there are things in favour of piracy, it is in cases like this.
    thih911 days ago
    I agree with a lot of what you’re saying. At the same time piracy in this case feels short sighted to me.
    If the community supported the dev, then both might get what they want, i.e. a maintained app and some income. With negative reviews a cheaper competitor might appear due to demand. But with piracy the app is even more likely to get abandoned and no alternative will show up either.
    Then again if the ecosystem is indeed that bad, perhaps this is the way to torch it even more. Still, google plans to block sideloading and then I guess we’re at their mercy.
    BenjiWiebe6 days ago
    Do you consider it piracy when the user paid for a lifetime license, which then quits working, so the user modifies the app to keep the feature working?
    I don't, since it was a lifetime license.
    hansvm11 days ago
    > legality
    Does patching out the license check not, in this case, fall under the "interoperability" or "abandonware" clauses of the DMCA?
    thih911 days ago
    If it did then yes it would be fine. But if anything, a recent app update is proof against abandonware.
    BenjiWiebe6 days ago
    The last app update was January 2021, 5 years ago. The IAP price for Pro was changed (apparently, I didn't see it myself) but it wasn't an app update.
DeathArrow11 days ago
It's nice to see some good old fashioned cracking. It transports me 25 years back in IDA Pro days.
PortableCode12 days ago
smali code is funny to read, basically an object-oriented assembly language (feels so wrong)
- arendtio12 days ago
  Don't let Alan Kay[1] read that...
  [1]: https://news.ycombinator.com/user?id=alankay
bakugo12 days ago
I just tried to purchase pro from within the app just to see what the price is, and the Google Play purchase popup tells me it's not available. Interesting.
nisegami11 days ago
After using it for many years, I recently switched from JuiceSSH to Termius (com.server.auditor.ssh.client for disambiguation) after having some issues and seeing the writing on the wall regarding JuiceSSH. It took some customization but I was able to get it set up pretty nice and I'm happy with it.
gorkish12 days ago
Just a cynical observation here, but its funny how the author still hangs onto the notion that it is "the best" despite that it de facto cannot be "the best."
Also, maybe dont rely on a poorly maintained app for making secure connections to your systems? Just me?
- papr8ka11 days ago
  [dead]
InMice11 days ago
I like Termius a lot better than JuiceSSH. Move on, you won't miss it.
pelagicAustral12 days ago
> JuiceSSH used to be the best SSH client available on Android until December 2025.
Really? I always gave that award to Termius, which is kind of my second best behind Servercat which I miss very dearly from the iOS environment.
- Arrowmaster12 days ago
  One was a one time purchase, the other requires a subscription.... The answer should be clear.
  - anonova12 days ago
    Local-only usage of Termius is free and doesn't even require logging in to the service. I've been using it like this for years.
- papr8ka11 days ago
  [dead]
TheRoque11 days ago
I quickly dropped JuiceSSH when I discovered Termux. And I also find it way easier to use the way I want to, and flexible.
stonecharioteer11 days ago
Oh boy. I wanted to get a license for this. I waited for the price to drop, and now I'm glad I never did it.
anta4011 days ago
I used the Pro version a few years ago. Now it's delisted from Play Store? Couldn't find it.
12 days ago
undefined
JorgeGT12 days ago
Damn. I especially liked the cloud backup & sync. Any good alternatives?
- simlevesque12 days ago
  I'm using Termux with aliases. I'll write "c1" and it logs in the machine. I use git to sync and backup from my laptop.
  I bought JuiceSSH too but I didn't use it that much. It's a shame they did what they did.
  - mystifyingpoi12 days ago
    Termux is one of the best apps ever made for Android power users. It literally replaces so much stuff, if you don't care about GUI. No need for SSH app - it has ssh. No need for file sync app - there is rsync. No need for notetaking app, there is your $EDITOR you like. All 100% free. It's amazing.
    epiccoleman12 days ago
    +1. Termux absolutely rules and makes the dream of a cyberdeck actually viable. I use it at least once a week for various homelab stuff.
    wolvoleo11 days ago
    And with DeX it's like a +2 :)
    Citizen_Lame11 days ago
    If you don't need GUI absolutely, but you cannot even save SSH connection. So, no thanks.
  - Zenul_Abidin12 days ago
    I too bought JuiceSSH. I can still download and run it on other phones I get in the future, right?
    muppetman12 days ago
    Cloud sync seems busted, so not really.
- rclkrtrzckr11 days ago
  Serverbox on fdroid
twosdai12 days ago
Wow nice work. Thanks for doing this and writing it up.
Banditoz11 days ago
Could this be considered grounds for a lawsuit?
- kjs311 days ago
  In the US, pretty much anything can construed as a grounds for a lawsuit. It's the 'affording the lawsuit' that's the problem.
imcritic11 days ago
Isn't such patching illegal??
nottorp12 days ago
I believe Google will cut off that avenue soon...
- ilvez11 days ago
  I could not find JuiceSSH in Play store at this point anymore..
  - nottorp11 days ago
    I'm talking about sideloading. They announced they'll require something like Apple's notarization, it was posted on here a couple days ago.
muppetman12 days ago
Not trying to defend the developer here but they went really silent once before like this. Then came out of the gate with a bunch of updates and new features. I'm hoping they've just got really busy with life, I know when I emailed them before they have been responsive and helpful. I mean hell they might have died? Does the Store have a process for this? This app has been around a long time so I don't understand the rugpull comments. Also the syned keys are (supposedly, I guess we don't have the source) encrypted so even if the dev is no longer active that aspect should be secure I hope.
My Pro features still seem to be working for me. EDIT: No, I see now that Cloud Sync isn't a thing anymore. Looks like it's really lost its backend servers.
- josephcsible12 days ago
  > I don't understand the rugpull comments.
  The article says "the purchase made in 2019 is not recognized anymore". The seller unilaterally taking back something you previously bought, especially without a refund, is a rug pull.
  - bspammer12 days ago
    It still doesn't sound intentional to me. How many scammers are going around creating useful apps, supporting them, pushing out new features, and then finally doing the rugpull 14 years after release? It feels a lot more likely that the backend servers have fallen down on their own and for whatever reason there's no one around to fix them.
  - muppetman11 days ago
    A rugpull to me is something specifically setup to try and make money by scamming/rugpulling. JuiceSSH has been around for so long, even if it doesn't work anymore I don't feel rugpulled? If it was a year old I'd agree.
    josephcsible11 days ago
    > If it was a year old I'd agree.
    If it were advertised at the time as a 1-year rental/subscription then it wouldn't be a rug pull. But the fact that it was advertised as a permanent purchase means that it is, no matter how long you got to use it before it was involuntarily taken back from you.
    muppetman11 days ago
    Right but I still consider a rugpull to be a malicious/conscience activity to extract money from you. That doesn't seem the case here.
    fenykep11 days ago
    I mean it seems like they have increased the price, locked previous lifetime purchases (which prompted some of the commenters here to purchase it again at the higher price) and many features (cloudsync, plugins) were killed. All without any communication or a platform for complaints.
    To me this fulfills your criteria. [edit] typo
- 12 days ago
  undefined
FAFOAlex11 days ago
[flagged]
dstnn12 days ago
Same thing happened to me so I coded my own with claude instead of paying them again
- netsharc11 days ago
  Next project: Claude-coded SSH server?
1f60c12 days ago
This is pretty interesting but why not just pay the 20 bucks?
- blibble12 days ago
  I would not use an SSH client written by someone that feels it's OK to break the terms of the contract this way
  who knows what's coming next?
  - user393938212 days ago
    The SSH deal has been altered. Pray I don’t alter it any further. csshck hoh.
- __float12 days ago
  The second paragraph explains this: they already have paid, and some people have paid [again], but their purchase is not accepted.
- dcdc12312 days ago
  The issue is people that already paid lost their pro features unless they pay _again_.
- 12 days ago
  undefined
awill12 days ago
There are just fewer highly polished Android apps vs iOS apps, and that's why I switched to iOS.
I bought JuiceSSH years ago on Android and it worked great, but I agree it's degraded, and I couldn't find an equivalent I liked.
iOS has multiple apps that beat JuiceSSH. I use Termix and it's really, really good.
- tssva11 days ago
  I have been unable to find a SSH app for iOS that I like since I switched from Android. Just one of many reasons I will be switching back to Android for my next phone.