ttyd

Start a read only web server sharing Bash shell on the default port (7681)

$ ttyd bash

$ ttyd [[-p|--port]] [8080] bash

$ ttyd [[-W|--writable]] [command]

$ ttyd [[-t|--client-option]] [key=value] [command]

$ ttyd [[-h|--help]]

$ ttyd [[-v|--version]]

ttyd [OPTIONS] <command> [<arguments>...]
or
ttyd [OPTIONS] (to run a default shell)

-p, --port <port>
    Specifies the port number for the web server to listen on. The default is 7681.

-i, --interface <address>
    Binds the server to a specific network interface address (e.g., 0.0.0.0 for all interfaces or 127.0.0.1 for localhost).

-c, --credential <user:pass>
    Sets basic authentication credentials (username:password). This option can be specified multiple times for different user accounts.

-s, --ssl
    Enables SSL/TLS encryption for secure HTTPS connections. Requires certificate and key files.

--ssl-cert <path>
    Path to the SSL certificate file (e.g., fullchain.pem).

--ssl-key <path>
    Path to the SSL private key file (e.g., privkey.pem).

-C, --cwd <path>
    Sets the initial working directory for the executed command.

-a, --allow-anonymous
    Allows clients to connect without providing credentials if basic authentication is enabled. Anonymous users will not be prompted for a password.

-t, --client-options <key=value>
    Passes additional options to the xterm.js client in key=value format (e.g., 'fontFamily=monospace'). Can be specified multiple times.

-H, --header <header>
    Adds a custom HTTP header to the server's responses (e.g., 'X-Frame-Options: DENY'). Can be specified multiple times.

--once
    The ttyd server will exit after the first client disconnects.

-h, --help
    Displays the help message and exits.

-v, --version
    Displays the version information and exits.

ttyd (terminal to ttyd) is a lightweight and powerful command-line tool that allows you to share your terminal as a web application. It acts as a web server, taking the standard input/output of a specified command (typically a shell like bash or zsh) and making it accessible through a web browser. This enables users to interact with a Linux terminal environment remotely without needing traditional SSH clients, simply by navigating to a URL.

ttyd supports a variety of features including SSL/TLS encryption for secure connections, basic authentication for client access control, custom index pages, and the ability to resize the terminal window in the browser. It's particularly useful for demonstrations, remote collaboration, or providing web-based access to specific command-line tools or applications with minimal setup.

Security Risks: Exposing a shell or command over the web inherently carries significant security risks. Always use SSL (-s), strong credentials (-c), and ensure the command executed by ttyd operates with the least necessary privileges.
Access Control: Without proper authentication, anyone with the URL can access your terminal. Even with basic auth, consider network-level restrictions or a reverse proxy for enhanced security.
Resource Usage: While efficient, serving many concurrent high-activity terminal sessions can consume significant system resources (CPU, memory, network bandwidth).
Browser Compatibility: ttyd relies on modern web browser features like WebSockets and JavaScript. Ensure client browsers are up-to-date for optimal functionality.

ttyd utilizes WebSockets for its underlying communication protocol, enabling efficient, real-time, and bidirectional data exchange between the web browser and the server. This ensures a highly responsive and interactive terminal experience, mimicking a native terminal's feel.

The client-side terminal emulation within the browser is powered by xterm.js, a robust JavaScript library. This integration provides a full-featured terminal environment directly in the browser, supporting colors, keybindings, and complex cursor movements, closely mirroring the capabilities of a desktop terminal emulator.

ttyd was developed by students at Tsinghua University (THU) and subsequently maintained by a community. It emerged as a solution to provide a user-friendly bridge between web browsers and traditional command-line interfaces, leveraging WebSockets for real-time communication. Its development prioritized simplicity, performance, and crucial security features like SSL and authentication, quickly making it a popular choice for web-based terminal access and demonstrations.

ssh(1), screen(1), tmux(1)