Welcome to rTerm
Instantly and securely connect to any Linux/MacOS based terminal remotely using a P2P connection.
rTerm creates secure P2P terminal connections and allows the client to remotely administer the server. The server can be accessed anywhere, by trusted devices, even behiind firewalls/NATs or if the location/IPs changes.
The Basics
rTerm Agent- Accepts and authenticates (by default using SSH keys) remote connections via rTerm CLI or rTerm Web CLI (Linux/MacOS/RaspberryPI/Docker supported)rTerm CLI- Run from terminal(s) on Linux/MacOS/RaspberryPI and used to establish secure connections with machines running rTerm AgentrTerm Web- The rTerm Agent can allow connections via the Web CLI
Installation
rTerm Agent
The rTerm Agent receives and authenticates connection requests. Once the connection is established, a remote terminal session is started.
Installation Instructions
Run the following command from the terminal and it will create a ~/rterm directory with all dependencies:
curl https://t.rterm.io/dist/rterm-agent/linux-x64/install.sh | bash
To run the agent simply run ~/rterm/rterm-agent, the agent will start a session that can be joined using the rTerm CLI or rTerm Web CLI.
Run the following command from the terminal and it will create a ~/rterm directory with all dependencies:
curl https://t.rterm.io/dist/rterm-agent/macos/install.sh | bash -s macos
To run the agent simply run ~/rterm/rterm-agent, the agent will start a session that can be joined using the rTerm CLI or rTerm Web CLI.
Run the following command from the terminal and it will create a ~/rterm directory with all dependencies:
curl https://t.rterm.io/dist/rterm-agent/pi4/install.sh | bash
or (x64 ARM)
curl https://t.rterm.io/dist/rterm-agent/pi4/install.sh | bash -s pi4-x64
To run the agent simply run ~/rterm/rterm-agent, the agent will start a session that can be joined using the rTerm CLI or rTerm Web CLI.
rTerm Agent can be added to the Dockerfile or added after the fact.
Are you interested in rTerm Agent for Windows? Let us know!
rTerm CLI
rTerm CLI connects to trusted rTerm Agents. rTerm CLI must authenicate (default using SSH Keys) with the rTerm Agent before any commands can be sent. Once the connection is authenticated, a terminal session is created on the remote host.
Run the following command from the terminal and it will create a ~/rterm directory with all dependencies:
curl https://t.rterm.io/dist/rterm-cli/linux-x64/install.sh | bash
See the rTerm CLI page for more configuration options
Run the following command from the terminal and it will create a ~/rterm directory with all dependencies:
curl https://t.rterm.io/dist/rterm-cli/macos/install.sh | bash
See the rTerm CLI page for more configuration options
Run the following command from the terminal and it will create a ~/rterm directory with all dependencies:
curl https://t.rterm.io/dist/rterm-cli/pi4/install.sh | bash
or (x64 ARM)
curl https://t.rterm.io/dist/rterm-cli/pi4/install.sh | bash -s pi4-x64
See the rTerm CLI page for more configuration options
Authentication
Quite a bit of time has been taken to ensure the appropriate security measures are in place. In order for connections to be successful, ssh private/public keys are used (same as any ssh connection).
rTerm Agent
rTerm agent needs to read public key(s) in order to authenticate requests. By default, rTerm Agent will read ~/.ssh/authorized_keys. To change this behavior, set the RTERM_AUTHORIZED_KEYS_PATH or RTERM_PUBLIC_KEY_PATH environment variables. The public keys are used to verify signatures from rTerm CLI or rTerm Web CLI.
If RTERM_PUBLIC_KEY_PATH is set, then rTerm CLI will authenticate using a single key. Example export RTERM_PUBLIC_KEY_PATH=~/.ssh/id_rsa.pub
If RTERM_AUTHORIZED_KEYS_PATH is set, then rTerm CLI will expect a file with one public key per line. Example export RTERM_AUTHORIZED_KEYS_PATH=~/.ssh/rterm_authorized_keys
rTerm CLI
rTerm CLI needs access to private keys in order to authenticate with rTerm Agents. This must be set with the RTERM_PRIVATE_KEY_PATH environment variable (there is no default private key path).
If the private key has a passpharase then the RTERM_SSH_PASSPHRASE environment variable must be set.
Both the private key path and passphrase can be set using rTerm Settings. See the rTerm Settings page for more details.
rTerm Web CLI
The first time you visit https://t.rterm.io a new private/public key is created for you. The public key is shown in the development console and can be copied to any authorized_keys file or stored in a standalone .pub file. The rTerm Web CLI will sign any requests with the private key created and the rTerm Agent will use the public key to authenticate.
Once the provided public key is available to the rTerm Agent (e.g. via authorized_keys) then a connection can be authenticated. Simply visit the URL that the rTerm Agent provides to access the terminal.
The private/public key pair is stored in local storage for further use. If you open a new profile or different browser a different set of keys are created.
Privacy
This should be obvious, but in case it's not... no private (or public) key information is transferred to any server(s) at anytime. The ssh keys are used for signature and verification only.
Any communication between rTerm Auth, rTerm CLI and rTerm Web CLI is P2P in almost all cases. If a P2P connection cannot be established, a [TURN] server may be used. Per this writing, over 80% of all connections should be P2P, which rTerm prefers.
Any traffic sent to any server(s) is encrypted. The only information that is ever stored is signaling information; this is the information that helps establish the initial connection. Once a connection is established, the signaling server is no longer involved in communcation (and no other information is stored).
If you would prefer to use your own signaling server please contact us, we are happy to help make that happen.