the real advantage of WebRTC here is NAT traversal without any config. SSH requires either port forwarding, a relay service like Tailscale, or a publicly reachable host. WebRTC with ICE/STUN/TURN handles all of that automatically and degrades gracefully.
that said, the security model is fundamentally different. SSH has decades of hardened key exchange and host verification. WebRTC DTLS-SRTP is solid for the data channel but the trust anchor shifts to whatever signaling server coordinates the connection. if the signaling server is compromised you get MITMed. with SSH you verify host keys locally.
for the actual use case of phone-to-mac on the same wifi or carrier NAT, Tailscale is probably still the right answer. but this is a neat exploration of the design space.
Why stop at just one terminal? (shameless plug for https://github.com/rcarmo/webterm, which works pretty well on mobile)
The pricing is extremely steep for a tech-savvy audience that could just set up Tailscale or MOSH.
Here is an implementation you might like
https://github.com/artpar/terminal-tunnel
P2P with webrtc with e2ee
client side is webui so you can use on any device
ps: the default Cloudflare Worker from my account is already maxed out so you will need your own exchange (self host on your account)
yeah Tailscale + mosh is the obvious answer for most people. but WebRTC has one specific win: corporate networks that block all VPN/UDP traffic. mosh needs UDP, Tailscale needs its relay port at minimum. WebRTC's TURN fallback is pure HTTPS port 443 -- you literally can't block it without breaking the web. so if your target user is 'I need to SSH into my Mac from a locked-down enterprise wifi', WebRTC is actually the right call.
Especially for a tool that only work on macOS and iPhone, and only serves one purpose.
Pretty much every developer out there has some kind of tooling that does this already, that also does more.
This is a cool little project, but I cannot imagine paying for it.
Shell In A Box has been a thing for like two decades now, and gives you a simple web-based interface ssh interface you can use from any device. https://github.com/shellinabox/shellinabox
In no serious case have I ever considered connecting to my PC terminal using phone. Connecting from PC to phone makes sense, but when talking the opposite situation, phones simply are terrible at doing things from terminal. Keyboard takes roughly 40% of the screen, and displaying wide lines is awkward. Forget about TUI applications, Midnight Commander and such. Other than toying around and extreme emergencies, why?
I use ssh from my phone to my computer to run yt-dlp on YouTube videos that I want to save.
And I regularly ssh into my servers from my phone to run some small routine tasks.
Both these kinds of tasks involve extremely minimal amounts of typing, and little to no reading of output. So the small keyboard of the phone is not annoying, and neither is having a small screen.
Do you have an Android or an iPhone?
IMO terminals are still the fastest way to do a lot of things on a phone, but it's a much better experience on Androids with keyboards for the purpose.
And even on an iPhone, it's just fine. Python works really well as a shell for quick calculations, and you can use a script with the -i flag to make it more accessible.
It's better to have it and not need it than need it and not have it (emergencies come to mind, as you've noted).
Conveniently running Claude Code while sitting on the toilet?
The keyboard is the biggest problem. I actually did a lot of terminal management from my old Blackberry, and later the Samsung Moment (early Android phone with a slide-out physical keyboard).
Previously:
https://news.ycombinator.com/item?id=47122939 (yesterday, 3 points, 4 comments)
https://news.ycombinator.com/item?id=47103613 (Sunday, 1 point, 0 comments)
Or... use something like https://shellbox.dev
If you're using tmux, you can try my plugin https://github.com/bjesus/muxile . It sends your tmux session to your phone, with quick QR code scanning and WebSockets.
Title: Connect to Mac Terminal from iPhone
How do you do data transfer with only blind signaling when either user is behind a NAT?
I’m not sure I get why this is better. Something like Tailscale makes it trivial to connect to your own machines and is likely more secure than this will be. Tailscale even has a free plan these days. Combine that with something like this that was shared on HN a few days ago: https://replay.software/updates/introducing-echo
Then you’re all in for like $3. What about webRTC makes this better?
What guarantee is there that the connection is not being MitM? Closed source app from an unknown developer versus OpenSSH is a no-brainer to me.
Its a very handsome website.
No, use wireguard or ssh or both.
I wanted a way to access my mac terminal from my iphone without setting up any vpn or weird router rules and then buying a separate ssh app in app store. So I built macky.dev as a fun side project.
When the mac app is running it makes an outbound connection to my signaling server and registers itself under the account. iPhone also connects to this same signaling server to request a connection to this mac. Once both the host and remote are verified it establishes a direct p2p webrtc connection.
What portion of the security-critical code is written by a human? A shell is literally keys to the kingdom in every regard.