SSH terminal, Wayland desktop, VNC/RDP, cloud storage & SFTP for Android
About this app
Haven is an open-source SSH, VNC, RDP, and SFTP client for Android with a native Wayland desktop and cloud storage.
Terminal: - Full VT100/xterm emulator with Unicode, multiple tabs, and 6 color schemes - Session persistence via tmux, zellij, screen, or byobu - Mouse mode for TUI apps (vim, htop, mc) - Configurable keyboard toolbar with Esc, Ctrl, Alt, arrows, function keys, and custom macros - Text selection with word expansion, copy, and clickable URL detection - Voice input and autocomplete mode - Mosh and Eternal Terminal for roaming and persistent connections
Native Wayland Desktop: - GPU-accelerated labwc compositor running directly on your device - Waybar panel, fuzzel app launcher, thunar file manager, mousepad editor - Starter Pack addon with Firefox, calculator, image viewer - XWayland for X11 app compatibility - Multi-desktop management — run multiple desktops simultaneously - No root required (PRoot with Alpine Linux)
VNC Remote Desktop: - VNC viewer with pinch-to-zoom, pan, and fullscreen mode - SSH tunnel support for encrypted connections - Touch-to-click with drag gesture support
RDP Remote Desktop: - Connect to Windows Remote Desktop, xrdp, and GNOME Remote Desktop - Pinch-to-zoom, keyboard with scancode mapping - SSH tunnel with auto-connect through saved profiles
Cloud Storage: - 60+ providers via rclone — Google Drive, Dropbox, OneDrive, S3, and more - OAuth authentication with browser flow - Folder sync with filters, bandwidth limits, and dry-run preview - Media streaming to VLC via local HTTP server - DLNA server for smart TVs and Chromecast
File Transfer: - SFTP browser with upload, download, rename, delete, and folder transfer - SMB/Windows file share browsing with optional SSH tunnel - Cross-filesystem copy between any backends
Networking: - SSH with auto-reconnect, port forwarding, and ProxyJump multi-hop - Tailscale peer auto-discovery - Reticulum mesh network support via rnsh - Network discovery for SSH hosts on local network
Security: - SSH key generation (Ed25519, RSA, ECDSA) with encrypted storage - FIDO2 hardware key support (ed25519-sk, ecdsa-sk) via NFC or USB - Biometric app lock with configurable timeout - Connection audit log - No ads, no tracking, no data collection
Haven is free and open source (AGPLv3).
Licensed under GPL-3.0-only, by GlassOnTin.
What's New in v5.68.69
Imported from the F-Droid repository index.
- • Following a moved device now works when your phone is the hotspot. Yesterday's fix got the re-discovery to run, but it then searched the wrong network — the phone's internet-facing one (mobile data), rather than the hotspot the phone itself provides, where the device actually is. It now also searches the network the device was last seen on, which is where an address change leaves it. The everyday "everything on one Wi-Fi" case is unchanged.
Version history
Jul 16, 2026 · 106.9 MB · Android API 26–35 · code 6491
Imported from the F-Droid repository index.
- • Following a moved device now works when your phone is the hotspot. Yesterday's fix got the re-discovery to run, but it then searched the wrong network — the phone's internet-facing one (mobile data), rather than the hotspot the phone itself provides, where the device actually is. It now also searches the network the device was last seen on, which is where an address change leaves it. The everyday "everything on one Wi-Fi" case is unchanged.
SHA-256 4b6f025f1f69c7d9c24ca1a8ac261a018e6d93935686226300d6cf2b8d297af6
Jul 12, 2026 · 106.9 MB · Android API 26–35 · code 6211
Imported from the F-Droid repository index.
- 🖥️ Fixed: X11 desktops now start a dbus session bus. Launching an X11-over-VNC desktop (Xfce4, or a Custom command (X11) session) left DBUS_SESSION_BUS_ADDRESS unset, so components that need a session bus failed and you got a bare grey Xvnc screen instead of your desktop. Startup now establishes a dbus session bus before running the session command. Best-effort — desktops that ship no dbus-launch (like Openbox) are unaffected. Thanks to sugerpersion (#370, and the likely cause of #361).
SHA-256 a72d38234c31389274a2d66b1730606f23346f75e344ba080d48c9ecb77fc911
Jul 12, 2026 · 106.9 MB · Android API 26–35 · code 6181
Imported from the F-Droid repository index.
- 🧰 Dependency and toolchain updates, no user-facing changes: Kotlin 2.4.0 (+ matching KSP), OkHttp 5.4.0, the RDP transport's uniffi bindings to 0.32, and sha2 0.11 in the RDP native library. The RDP native library was rebuilt for all three ABIs against the updated bindings and the app re-verified green (build, tests, lint). RDP connections behave exactly as before.
SHA-256 70de4fe6846e15306699bab25e08f276cd21ebb94ce1b2d69f6f025dd2a5ca37
Will it run on your device?
78%
- Runs on a broad range of modern Android versions.
- ABI coverage is focused on newer 64-bit devices.
- Aligned with the latest Android target SDK expectations.
Installation Guide
Open Settings on your Android device
Go to Security → Unknown sources (or Install unknown apps)
Enable "Allow from this source" for your browser or file manager
Open the downloaded APK file from your Downloads folder
Tap "Install" and wait for installation to complete
Launch the app from your home screen
Make sure to re-enable Unknown Sources restrictions after installation for security.
How to install this safely
How to verify the file you downloaded
Before you install anything, confirm the file is the one described here. On a computer, run shasum -a 256 your-download.apk (macOS or Linux) or certutil -hashfile your-download.apk SHA256 (Windows), then compare the output character-for-character with the SHA-256 on this page. If a single character differs, the file is not the build we recorded — delete it.
What the signing certificate proves
Every Android app is signed with a private key that only its developer holds. The fingerprint on this page is a hash of the matching public certificate, and it proves continuity rather than identity: it tells you a build came from whoever signed the earlier ones. Android enforces this at install time — if a package claiming to be sh.haven.app is signed with a different key, the system will refuse to install it over your existing copy. A fingerprint that changes between releases is worth pausing on, because a repackaged app that has been modified by someone else cannot keep the original signature.
How to roll back to an earlier version
If the current release misbehaves, 5.68.41 is the last build before it. Android will not install an older version code over a newer one, so you must uninstall Haven SSH Client first — which clears its local data unless you have a backup. Reinstall the older APK only if its signing fingerprint matches the build you already trust, and check the API range: an older release may target an Android version your device has moved past.
Why we list sources instead of hosting everything
The official store channel is almost always the right choice: it updates automatically and carries the publisher's own distribution guarantees. A direct APK is useful when a device has no store access, when a rollout has not reached your region, or when you need a specific version — and only when the publisher has authorized that copy. APKBrowse does not list pirated, cracked, or unauthorized rebuilds of Haven SSH Client, and a listing is removed when the evidence for it stops holding up.
Get Haven SSH Client
Every source we list for sh.haven.app is legality-reviewed. Pirated or cracked builds are never offered.
Other sources
F-Droid listing
officialF-Droid builds this app from source and signs it. This is its official listing, with older builds and full release notes.
Source code
verified publisherThe upstream repository this build is compiled from.
We check legality and signature continuity, but device behaviour still varies. Install at your own discretion.
App Information
Security Verification
We record provenance; we do not run malware scans. Verify the hash yourself before installing.
SHA-256 Hash
4b6f025f1f69c7d9c24ca1a8ac261a018e6d93935686226300d6cf2b8d297af6
Signing certificate
ea05a89431961b8ac53c36725452673c2be1c2d7b6e48771617b974e6092b332
Permissions Required
Previous Versions
The signing certificate fingerprint for this release is on record, so a build that does not match it did not come from this publisher.
Report a problem with this listing
A listing is only as good as its corrections. If a source is broken, a signature looks wrong, or this app should not be here, tell the moderation team.