TermBeam lets you access your terminal from a phone, tablet, or any browser — no SSH, no port forwarding, no configuration needed. Run one command and scan the QR code.
termbeam-demo.mp4
 |
 |
 |
npx termbeamOr install globally:
npm install -g termbeam
termbeamScan the QR code printed in your terminal, or open the URL on any device.
termbeam # tunnel + auto-password (default)
termbeam --password mysecret # custom password
termbeam --no-tunnel # LAN only
termbeam -i # interactive setup wizard- No SSH client needed — just open a browser on any device
- Touch-optimized key bar with arrows, Tab, Ctrl, Esc, copy, paste, and more
- Swipe scrolling, pinch zoom, and text selection overlay for copy-paste
- iPhone PWA safe-area support for a native-app feel
- Tabbed terminals with drag-to-reorder and live tab previews on hover/long-press
- Split view — two sessions side-by-side (auto-rotates horizontal/vertical)
- Session colors and activity indicators for at-a-glance status
- Folder browser for picking working directory, optional initial command per session
- Terminal search with regex, match count, and prev/next navigation
- Command palette (Ctrl+K / Cmd+K) for quick access to all actions
- File upload — send files from your phone to the session's working directory
- Completion notifications — browser alerts when background commands finish
- 30 color themes with adjustable font size
- Port preview — reverse-proxy a local web server through TermBeam
- Image paste from clipboard
- Auto-generated password with rate limiting and httpOnly cookies
- QR code auto-login with single-use share tokens (5-min expiry)
- DevTunnel integration for secure remote access — ephemeral or persisted URLs
- Security headers (X-Frame-Options, CSP, nosniff) on all responses; only detected shells allowed
TermBeam starts a lightweight web server that spawns a PTY (pseudo-terminal) with your shell, serves a mobile-optimized xterm.js UI via Express, and bridges the two over WebSocket. Multiple clients can view the same session simultaneously, and sessions persist when all clients disconnect.
flowchart LR
A["Phone / Browser"] <-->|WebSocket| B["TermBeam Server"]
B <-->|PTY| C["Shell (zsh/bash)"]
B -->|Express| D["Web UI (xterm.js)"]
B -.->|Optional| E["DevTunnel"]
| Flag | Description | Default |
|---|---|---|
--password <pw> |
Set access password | Auto-generated |
--no-password |
Disable password protection | — |
--tunnel |
Create an ephemeral devtunnel URL | On |
--no-tunnel |
Disable tunnel (LAN-only) | — |
--persisted-tunnel |
Reusable devtunnel URL (stable across restarts) | Off |
--port <port> |
Server port | 3456 |
--host <addr> |
Bind address | 127.0.0.1 |
--lan |
Bind to all interfaces (LAN access) | Off |
--public |
Allow public tunnel access (no Microsoft login) | Off |
-i, --interactive |
Interactive setup wizard | Off |
--log-level <level> |
Log verbosity (error/warn/info/debug) | info |
For all flags, subcommands, and environment variables, see the Configuration docs.
TermBeam auto-generates a password and creates a secure tunnel by default, binding to 127.0.0.1 (localhost only). Auth uses httpOnly cookies with 24-hour expiry, login is rate-limited to 5 attempts per minute, QR codes contain single-use share tokens (5-min expiry), and security headers (X-Frame-Options, CSP, nosniff) are set on all responses.
For the full threat model and safety checklist, see SECURITY.md. For detailed security documentation, see the Security Guide.
Contributions welcome — see CONTRIBUTING.md.
See CHANGELOG.md for version history.
Special thanks to @tamirdresher for the blog post that inspired the solution idea for this project, and for his cli-tunnel implementation.