Porthole
Peer-to-peer · nothing touches the server

Share your terminal, peer to peer

Run one command, share a link. Your terminal streams straight to the browser over an encrypted WebRTC connection — no terminal data ever passes through a server.

Install the agentRead the docs
~/projects — porthole
$porthole host
◈ Porthole — share your terminal, peer to peer
Linkporthole.professorhusnain.com/s/p3rx-9kma
Codep3rx-9kma
Status● waiting for viewer…

Join a session

Have a code?

Paste the code or link your host shared, and jump straight into their terminal — nothing to install.

How it works

A handshake, then the server steps aside

The signaling server only introduces the two peers. After that, terminal data travels directly — it never sees your session.

1

Run porthole host

The agent spins up a PTY on your machine and registers a short-lived session with the signaling server.

2

Share the link

You get a link, code, and QR. The viewer opens it in any browser — desktop or mobile — and the two peers negotiate a connection.

3

Stream peer to peer

Once the WebRTC DataChannel opens, the server drops out. Keystrokes and output flow directly between host and browser.

Features

Everything you need to share a shell

Built for the way developers actually pair, debug, and demo — with privacy as the default, not an add-on.

Private by design

Terminal data flows over an encrypted WebRTC DataChannel directly between peers. The signaling server only brokers the handshake — it never sees a single keystroke.

One static binary

No runtime, no dependencies. Cross-compiled for macOS, Linux, and Windows.

Read-only mode

Share a view-only session. Input is rejected at the source, not just hidden in the UI.

Password protected

Gate any session behind a password so only the people you trust can connect.

Open on mobile

Scan the QR and watch — or type — from any phone. The viewer is built for touch too.

Runs anywhere

Any modern browser is the viewer. Nothing to install on the watching end.

Install

Up and running in one command

Grab the agent for your platform, then run porthole host. The viewer needs nothing but a browser.

$ curl -fsSL https://assets.porthole.professorhusnain.com/install.sh | sh

Prefer to build from source, or want every flag? Read the docs

Security & privacy

Terminal data never touches the server

Porthole was built privacy-first. The architecture makes eavesdropping not a policy you trust, but a thing that can't happen.

The server never sees your terminal

Signaling brokers the connection and then gets out of the way. Terminal bytes travel peer to peer — there is nothing to log, store, or leak.

Encrypted end to end

WebRTC DataChannels are encrypted with DTLS by default. The stream between your machine and the browser is private in transit.

Enforced at the source

Read-only and password rules are applied by the agent on your machine — not trusted to the viewer — so a tampered client can't bypass them.

Share your next session in seconds

Install the agent, run one command, send the link. That's the whole thing.

Install the agentRead the docs