Security
by design.
Your machine, your control. Outbound-only. Zero knowledge. E2E encrypted.
We never see your commands. Your terminal output is encrypted end-to-end. We just route the traffic.
Core principles.
Outbound only
Agent initiates connection. No open ports on your machine.
E2E encrypted
All traffic encrypted. We never see your data.
Session tokens
Short-lived tokens. Revoke access anytime from dashboard.
How it works.
No inbound traffic
Your firewall stays closed. Agent connects out, not in.
Zero knowledge
We route encrypted packets. Cannot read your terminal.
Local control
Runs as your user. No root access required.
Verify yourself.
Don't take our word for it.
1Monitor network traffic — only outbound
2Run in VM for extra isolation
3Check process permissions — no root
4Inspect encrypted traffic with Wireshark
Traditional remote access
- Open ports on your machine
- Expose SSH to the internet
- Complex firewall rules
- VPN server to maintain
With Cmdop
- Zero open ports
- Outbound connections only
- No firewall changes needed
- E2E encrypted.