A self-hosted, open-source alternative to Termius for SSH connection management.
- π₯οΈ Cross-platform: Windows, macOS, and Linux support
- π Self-hosted: Run your own Debian-based server
- π Certificate Authentication: Secure key-based authentication
- π ICMSF Files: Import/Export encrypted connection profiles
- πΎ Encrypted Storage: Secure local credential storage
- π¨ Modern UI: Clean interface inspired by Termius
- π SSH Management: Full-featured SSH client with terminal emulation
- OpenSSH server with enhanced security
- Connection management API
- Certificate authority for client authentication
- User management system
- Built with Electron + React + TypeScript
- Terminal emulation with xterm.js
- SSH2 protocol support
- AES-256 encryption for local data
- ICMSF (Import Connection Mothership Server File) support
cd server
sudo ./setup.shSee macOS Quick Start Guide or Complete macOS Installation
Quick install:
- Download latest
.dmgfor your Mac (Intel/Apple Silicon/Universal) - Open DMG and drag to Applications
- Launch from Applications folder
From Source:
cd client
npm install
npm run dist:mac # All architectures
npm run dist:mac:intel # Intel only
npm run dist:mac:arm # Apple Silicon onlyFrom Release: Download the latest release for your platform from the releases page.
From Source:
cd client
npm install
npm run build
npm run dist:win # Windows
npm run dist:linux # Linux- Launch Terminium
- Create username and password
- Enter your server IP address
- Follow the setup wizard to:
- Install dependencies
- Generate certificates
- Configure authentication
- Enable encryption
- Launch Terminium
- Select "Import Connection"
- Choose your .icmsf file
- Enter your credentials to decrypt
ICMSF (Import Connection Mothership Server File) is a military-grade encrypted file format containing:
- Server IP address
- Connection ports
- Authentication certificates
- User credentials (encrypted)
File Extension: .icmsf
Encryption: AES-256-GCM with enhanced security
Key Derivation: PBKDF2-HMAC-SHA512 (600,000 iterations)
Additional Security: HMAC-SHA512 integrity verification, gzip compression
Format: Versioned binary format
See ICMSF Security Specification for complete details.
- Node.js 18+
- npm or yarn
- For server: Debian 11+ or Ubuntu 20.04+
cd client
npm install
npm run dev # Development mode
npm run build # Production build
npm run dist # Create distributablecd server
npm install
npm start- β Military-grade AES-256-GCM encryption (ICMSF files)
- β PBKDF2-HMAC-SHA512 key derivation (600k iterations)
- β Dual integrity verification (GCM + HMAC-SHA512)
- β Encrypted ICMSF files with compression
- β Secure key storage (OS keychain integration)
- β File format versioning for forward compatibility
- β Cryptographically secure random generation
- β Certificate-based SSH authentication only
- β Password authentication disabled by default
- β LUKS2 full disk encryption (AES-XTS-512, Argon2id)
- β Encrypted swap and home directories
- β TPM2 integration for automatic unlock
- β UFW firewall with fail2ban
- β Multiple LUKS key slots (recovery options)
- β Secure key management and backup tools
- β Defense-in-depth security model
- β Multiple encryption layers (client + server)
- β Compliance ready (PCI-DSS, HIPAA, GDPR)
- β NSA approved algorithms (AES-256)
MIT License - See LICENSE file for details
Contributions are welcome! Please read CONTRIBUTING.md for guidelines.
- SFTP file transfer
- Port forwarding
- Snippet management
- Team collaboration features
- Mobile apps (iOS/Android)
- Dark/Light theme customization
- Multi-factor authentication
For issues and questions, please use the GitHub issue tracker.