v0.5 New: agent mode - reach hosts behind NAT

Manage every SSH host
without trusting the cloud.

A cross-platform credential manager and terminal. Your hosts, keys, and passwords live in one encrypted vault on your machine - never on a server, never in plaintext.

Local-first No telemetry AES-256-GCM Auditable code
Kino SSH Manager
root@prod-web-01 host key verified
vault unlocked
~ $ connect prod-web-01
→ tunnel localhost:5432 → db:5432 up
→ snippet "system status" auto-run
root@prod-web-01:~# uptime
15:42:09 up 84 days, load 0.07 0.04 0.01
root@prod-web-01:~#
Features

One app for every connection

A full terminal, file transfer, tunnels, and a credential vault - in a single native binary.

Encrypted vault

Argon2 key derivation and AES-256-GCM. One master password unlocks every host, key, and snippet.

SSH terminal

A full xterm.js terminal per host, with scrollback search and adjustable font size.

Flexible auth

Password and/or SSH key per host. Import .pem, .key, .ppk - or generate ed25519 keypairs on the spot.

Port forwarding

Local (-L), remote (-R) and dynamic SOCKS5 (-D) tunnels, started and stopped independently per session.

SFTP browser

Browse, upload and download with progress, rename, delete, mkdir, and chmod - built in.

Snippets

A reusable command library. Selected snippets auto-run on connect, configurable per host.

Optional cloud sync

Sync the encrypted vault to a private GitHub repo, with sha-based conflict detection.

Host key verification

TOFU SHA256 fingerprint store. Trust on first use, then refuse on any mismatch.

Quality of life

Idle auto-lock, host search, per-host accent colors, themes, connection history, and session logging.

Remote file editor

Open a remote file from the SFTP browser and edit it in a built-in Monaco editor, saving straight back over SFTP - no download round trip.

Session recording

Record any SSH or local session to an asciicast file, then replay it in-app with a built-in player - great for audits and demos.

Docker management

List and control containers, images, volumes and networks over the SSH connection - with live log streaming and one-click container shells.

Agent mode NEW

Reach hosts with no inbound port - behind NAT, CGNAT or a firewall - through a relay you control. The agent dials out; nothing is exposed.

Encrypted profile sharing NEW

Export a host as a password-encrypted file (Argon2 + AES-256-GCM). Share it safely - the recipient needs only the password to import it.

Live system metrics

A streaming dashboard - CPU, memory, disk, load average, uptime and network throughput - sampled once a second, for remote hosts and your own machine.

New in v0.5

Reach hosts that expose nothing

A homelab box behind NAT. A laptop on café Wi-Fi. A VM with SSH firewalled off. Agent mode reaches all of them without opening a single inbound port.

  • The agent dials out. A tiny companion process on the target machine opens an outbound connection to a relay you run. No port forwarding, no firewall holes, no public IP.
  • The relay only moves bytes. Your SSH session stays end-to-end encrypted between the terminal and the host's sshd - the relay never sees credentials or keystrokes.
  • Host keys still verified. Each agent host's SSH fingerprint is pinned independently, so a swapped backend is caught exactly like a classic known_hosts mismatch.
  • Entirely opt-in. Off by default. Turn it on in Settings, and self-host the relay and agent - both are open source and MIT licensed.
The connection path
manager→ wss → relay
agent→ wss → relay
agent → host127.0.0.1:22
inbound ports openednone
ssh sessionend-to-end
relay seesciphertext only
runs onLinux · Windows
Security model

Built so secrets stay yours

  • Local-first by default. The vault is an AES-256-GCM ciphertext on your disk. Plaintext never touches a server.
  • Argon2-derived key. Your master password plus a random 16-byte salt derive the key. Nothing is stored in the clear.
  • Zero-knowledge sync. Cloud sync uploads only the encrypted blob - GitHub never sees your secrets or master password.
  • Memory hygiene. Secrets are zeroized on lock; idle auto-lock and master-password re-keying are built in.
  • Encrypted sharing. Exported host profiles are sealed with their own password - a separate Argon2 key, never your master password - so a profile can be handed to a teammate safely.
  • Relays are blind. Agent mode keeps SSH end-to-end encrypted; a relay forwards ciphertext and cannot read a session even if you don't run it yourself.
Cryptographic details
vault encryptionAES-256-GCM
key derivationArgon2
salt16 bytes · random
host keysTOFU · SHA256
memory on lockzeroized
sync payloadciphertext only
profile exportAES-256-GCM
relay transportTLS · wss://
Under the hood

Native, fast, and small

A Rust backend behind a React interface, packaged as a lightweight Tauri 2 desktop app.

Rust Tauri 2 russh · SSH/SFTP aes-gcm + argon2 React 19 + TypeScript Vite + Zustand xterm.js

Your hosts, everywhere - on your terms.

Free and open source under the MIT license. Download a build, or compile it yourself in minutes.