Exporting and Importing Remote Connections

Textastic can export and import remote connections to make it easy to move your connection setup between devices, create backups, or import a set of connections from a file that you can edit by hand.

You can export and import (S)FTP (FTP, FTPS, SFTP/SSH) and WebDAV connections.

Note

Dropbox connections cannot be exported or imported and must be added and linked manually. Dropbox uses OAuth 2.0 authentication with device-specific access tokens and refresh tokens that should not be shared across different devices.

Added in version 10.9.

Overview

You can export one or more selected connections to a JSON file and later import that file on the same or another device.

Two export modes are available:

  1. With passwords: usernames and passwords are encrypted using a passphrase you choose.

  2. Without passwords: usernames are included as plain text, passwords are not exported.

Importing is a two-step process:

  • Preflight: Textastic reads the file and shows a preview list, including whether each entry will update an existing connection or create a new one.

  • Import: you select connections to import and optionally enter a passphrase if encrypted credentials are present.

Exporting Connections

To export remote connections:

  1. Open the remote connections list in the Remote File Transfer Screen.

  2. Tap the button and choose Export… from the menu.

  3. Select the connections to export.

  4. Tap Next.

  5. Decide whether to include passwords.

  6. If you include passwords, enter a passphrase (at least 8 characters).

  7. Tap Export.

  8. Use the share sheet to share the JSON file or save it to a location of your choice.

Note

  • You can export any subset of connections, not necessarily all connections.

  • The export is a snapshot. All supported fields are written to the file, including fields that are set to default values or empty strings. This ensures repeated export/import stays consistent if you later reset a field back to its default.

Importing Connections

To import remote connections:

  1. Open the remote connections list in the Remote File Transfer Screen.

  2. Tap the button and choose Import… from the menu.

  3. Select a JSON file that you exported previously or created manually.

  4. Review the preview list and select the connections to import.

  5. Tap Next.

  6. If the file contains encrypted usernames/passwords, enter the passphrase used when exporting.

  7. Tap Import.

Update vs. Create

When importing, Textastic can either update an existing connection or create a new one.

  • Update existing: if the imported entry contains an id that matches an existing connection of the same type, that connection is updated.

  • Create new: if there is no matching connection, a new connection is created.

If a file contains an id that is a valid UUID string but no matching connection exists on the device, Textastic uses that id for the newly created connection. This makes repeated imports across devices stable and avoids duplicates.

Passphrases and Encryption

When you export with passwords enabled, Textastic encrypts usernames and passwords.

Important points:

  • The passphrase is not stored anywhere.

  • You must enter the same passphrase to import encrypted credentials.

  • If the passphrase is incorrect, Textastic does not modify or create any connections.

  • If you forget the passphrase, the encrypted credentials cannot be recovered.

  • Choose a strong passphrase. A long phrase with several words is recommended.

Encryption details (high level)

Textastic uses modern authenticated encryption and key derivation:

  • A random per-export salt is generated and stored in the file.

  • A master key is derived from your passphrase using Argon2id.

  • HKDF is used to derive separate keys for different fields (username vs. password).

  • Usernames and passwords are encrypted with ChaCha20-Poly1305 (authenticated encryption).

File Format Overview

The export file is JSON. On import, Textastic also accepts JSON files with comments (JSONC).

Top-level structure

The file has this general structure:

{
   "format": "com.textasticapp.remote-connections",
   "version": 1,
   "exportedAt": "2026-01-17T18:03:32+01:00",
   "secrets": { /* secrets block */ }, // optional
   "connections": [ /* connection entries */ ]
}

Top-level fields:

  • format: must be "com.textasticapp.remote-connections".

  • version: current format version (currently 1).

  • exportedAt: timestamp string (informational).

  • secrets: present only if the export included encrypted credentials.

  • connections: array of connection entries.

Secrets block

If the export includes encrypted usernames/passwords, the file contains a secrets object:

"secrets": {
   "v": 1,
   "s": "BASE64_SALT"
}

  • v: secrets scheme version (currently 1).

  • s: 16-byte random salt encoded as base64.

Connection entries

Each entry has:

  • type: "ftp" or "webdav".

  • id: connection identifier (UUID string).

  • title: title string (may be empty).

Credentials are stored in one of these forms:

  • Plain username (no passwords exported):

    • user: string (may be empty)

  • Encrypted username/password:

    • userEncrypted: base64 string

    • passwordEncrypted: base64 string

Textastic also accepts a plain-text password field for hand-written files, but Textastic itself does not export plaintext passwords.

FTP connection fields

FTP entries use "type": "ftp" and include the following fields:

{
   "type": "ftp",
   "id": "...",
   "title": "...",
   "protocol": "sftp", // or "ftp", "ftps", "ftpes"
   "host": "...",
   "port": 21,
   "user": "...",      // or userEncrypted/passwordEncrypted
   "askForPassword": false,
   "path": "...",
   "encoding": "utf-8",
   "concurrentConnections": 3,
   "debugLog": false,
   "showHiddenFiles": false,
   "passiveMode": true,
   "disableEPSV_EPRT": false,

   "verifySSLCertificate": true,
   "sslMode": 0,
   "tlsMin": 0,
   "tlsMax": 0,

   "usePublicKeyAuth": false,
   "privateKeyFile": "/ssh/id_rsa"
}

Notes:

  • protocol: must be one of:

    Value

    Protocol

    Default Port

    "sftp"

    SFTP (SSH)

    22

    "ftpes"

    FTPS (Explicit)

    21

    "ftps"

    FTPS (Implicit)

    990

    "ftp"

    FTP (Unencrypted)

    21

  • encoding: the IANA charset name (for example "utf-8" or "iso-8859-1").

    On import, numeric encodings corresponding to NSStringEncoding values are also accepted for compatibility.

  • sslMode, tlsMin, tlsMax: numeric values corresponding to Textastic’s internal settings.

  • usePublicKeyAuth, privateKeyFile: For SFTP only, these settings control public key authentication.

WebDAV connection fields

WebDAV entries use "type": "webdav" and include:

{
   "type": "webdav",
   "id": "...",
   "title": "...",
   "user": "...",    // or userEncrypted/passwordEncrypted
   "url": "https://example.com/webdav/",
   "verifySSLCertificate": true
}

Editing Export Files Manually

The export file is designed to be editable by hand.

Common edits

You can safely edit values such as:

  • connection titles

  • host names and ports

  • paths and URLs

  • protocol (ftp/ftps/ftpes/sftp)

  • flags like verifySSLCertificate or showHiddenFiles

Adding a new connection by hand

To add a new entry:

  • Add a new object to the connections array.

  • Set type to ftp or webdav.

  • Optionally provide a unique, valid UUID string in id.

  • Provide required fields (for example protocol, host, and port for FTP; url for WebDAV).

Note

The id field must be a valid UUID string. If it is missing or invalid, Textastic will treat the entry as new and assign a new identifier during import.

Advanced users can generate UUIDs using developer tools (for example UUID().uuidString in Swift or uuidgen on the macOS command line).

Credentials in hand-written files

Creating encrypted fields by hand is not practical. For hand-written files:

  • Use user and optionally password as plain text, or

  • Omit passwords and enter them in Textastic after import.

Minimal example files

The following examples show complete, minimal JSON files that can be imported directly into Textastic.

You can copy one of these examples into a new file, adjust the values as needed, and import it. Textastic will automatically generate unique identifiers for all connections.

Minimal SFTP example file

sftp_connection.json
{
   "format": "com.textasticapp.remote-connections",
   "version": 1,
   "connections": [
      {
         "type": "ftp",
         "protocol": "sftp",
         "host": "example.com",
         "port": 22,
         "user": "username"
      }
   ]
}

Notes:

  • Passwords are optional and can be entered in Textastic after importing.

  • Additional fields such as path, encoding, or authentication options can be added as needed.

Minimal WebDAV example file

webdav_connection.json
{
   "format": "com.textasticapp.remote-connections",
   "version": 1,
   "connections": [
      {
         "type": "webdav",
         "url": "https://example.com/webdav/",
         "user": "username"
      }
   ]
}

Notes:

  • url must be a full WebDAV URL.

  • verifySSLCertificate defaults to true if omitted.

  • Passwords are optional and can be added later.

Troubleshooting

“Nothing to Import”

If the preview list is empty, the selected file may not contain any valid connection entries. Check:

  • format is "com.textasticapp.remote-connections"

  • version is 1

  • connections exists and is an array

  • each connection entry has a supported type (must be "ftp" or "webdav")

“Import Failed”

Common reasons include:

  • The file is not valid JSON.

  • The file has the wrong format value.

  • The file uses an unsupported version.

  • The file is missing the connections field.

“Passphrase Incorrect”

If the file contains encrypted credentials and the passphrase does not match:

  • no connections are created or updated

  • import is aborted before applying any changes

If you exported the file yourself, make sure you enter the exact same passphrase used for export.