ttyd is a lightweight, open-source command-line tool that enables you to share your Linux terminal session via a web browser. By using WebSockets, ttyd allows you to interact with the terminal remotely as if you were directly on the machine, making it ideal for remote administration, team collaboration, or educational demonstrations.

This tool wraps a terminal application (such as bash) and provides a simple, web-based interface accessible from any modern browser. With its ease of installation and customizable security features like basic authentication and SSL, ttyd is a powerful solution for accessing and sharing terminal sessions over the web.

Use Cases:

  • Remote access to a Linux system from any device with a browser.
  • Allow multiple users to interact with the same terminal.
  • Demonstrate commands and workflows in real-time, useful for teaching or workshops.
ttyd - Share your terminal over the web
ttyd – Share your terminal over the web

This article will dive into the installation, configuration, and usage of ttyd on a Linux-based system.

Installing ttyd on Linux

The process of installing ttyd on a Linux system is straightforward, but it does require some dependencies. Below are the installation steps for a Debian-based system (such as Ubuntu). The process will differ slightly on other distributions, but the core steps remain similar.

First, ensure that your system has the required build tools and libraries installed.

sudo apt update
sudo apt install -y git cmake build-essential libjson-c-dev libwebsockets-dev

Next, clone the official ttyd repository from GitHub:

git clone https://github.com/tsl0922/ttyd.git
cd ttyd

Once the repository is cloned, create a build directory, run cmake, and compile the source code:

mkdir build
cd build
cmake ..
make
sudo make install

Basic Usage of ttyd in Linux

Once installed, ttyd can be run directly from the terminal by providing a shell command as an argument.

ttyd bash

This will start a web server on the default port (7681) and provide access to a bash shell through a web interface at the following URL.

http://localhost:7681

Open this address in a web browser, and you will see an interactive terminal where you can run shell commands.

Interactive Shell Access Through Your Web Browser
Interactive Shell Access Through Your Web Browser

Instead of starting bash, you can also run other commands or applications within the terminal. For example, you can run top (a system monitor tool) in the terminal:

ttyd top
Run Linux Application in Web Browser
Run a Linux Application in a Web Browser

Sharing the Terminal Over the Web

By default, ttyd binds to localhost, making it only accessible from the local machine. To allow remote users to connect, you need to bind ttyd to a public or private IP address.

Binding ttyd to a Specific IP Address

You can specify the port and the address to which ttyd should bind:

ttyd -p 8080 bash

In this case, ttyd will listen on port 8080. If you need to access it from a different machine on the same network, you can use the machine’s local IP address:

http://local-ip:8080

To find your local IP address, use the following ip command:

ip a

If you need to expose ttyd over the internet, ensure that your UFW firewall allows inbound traffic on the chosen port, and forward the port through your router (if necessary).

Secure Your ttyd Web Terminal

Exposing a terminal to the web can introduce significant security risks if not configured properly. Below are some basic security measures you should take when using ttyd:

1. Enable Password Protection on ttyd

By default, ttyd does not require authentication. To add a layer of security, use the -c option to specify a username and password for access.

ttyd -p 8080 -c user:password bash

This will prompt users for the user and password credentials before granting access to the terminal.

2. Enable SSL for ttyd

To encrypt the communication between the client (browser) and the server, it’s highly recommended to enable SSL. You can run ttyd with SSL using the --ssl flag. However, you’ll need valid SSL certificates for this:

ttyd --ssl -p 443 bash

In this case, you would need to provide paths to your SSL certificate and private key (via --ssl-cert and --ssl-key options).

3. Limit ttyd Network Exposure

Instead of exposing ttyd to the public internet, consider using a VPN or setting up a reverse proxy (such as Nginx) to add additional layers of security.

Running ttyd on a private IP or limiting access with firewall rules is recommended for environments where security is critical.

Advanced Usage of ttyd

ttyd offers several command-line options for fine-tuning its behavior. Some of the most useful options are as follows:

  • -p <port> – Set the port on which the web server will listen.
  • -c <user:password> – Enable basic authentication with the specified username and password.
  • --ssl – Enable SSL/TLS for secure communication.
  • -t <terminal> – Set terminal-specific settings, such as font size and color.
Conclusion

ttyd is a versatile and efficient tool for sharing terminal sessions over the web, which can be used for remote administration, collaboration, and educational purposes, and it’s simple to set up.

However, it’s crucial to apply proper security measures, such as authentication and SSL encryption, when using it in production environments.

Similar Posts