Web SSH

SSH from your browser.

Access any device instantly — no SSH client, no keys to manage, no ports to open. Certificate-based authentication with every session automatically recorded.

Click to connect — no SSH client needed
Short-lived certificates, not static keys
Every session recorded for compliance
Just-in-Time privilege elevation

Try it free Pair with Session Recording →

root@api-server — meshr Web Terminal

Connected to api-server.meshr (10.0.0.5)
Session: e7f3a21b • Recording enabled
───────────────────────────────────

Last login: Tue Mar 25 09:15:02 2026
root@api-server:~# systemctl status nginx
● nginx.service - A high performance web server
     Active: active (running) since Mon; 14 days ago
     Memory: 12.4M
      Tasks: 5

root@api-server:~# df -h /
Filesystem  Size  Used  Avail Use%
/dev/sda1    50G   12G    35G  26%

root@api-server:~# _

Cert auth • 12h TTL

Session replay

Watch every session back.

Every keystroke, every command, every output — recorded and replayable. Click play to see exactly what happened.

Session Replay — root@db-primary

[email protected]Mar 25, 2026 09:15

0:00 / 2:34 1x

Last login: Tue Mar 25 09:15:02 2026 from 10.0.0.50
root@db-primary:~# _

2:34Duration

23Commands

1.2 KBData

How it works

From click to shell in under 2 seconds.

No configuration needed.

Click Connect

Select a device from the dashboard and click SSH.

→

Certificate issued

A short-lived certificate is generated automatically. Valid for 12 hours.

→

Policy check

Zero Trust engine verifies your identity, role, and access policy in real-time.

→

Shell ready

Encrypted tunnel opens, session recording starts, and you get a shell.

Capabilities

Audited shell access, built in.

Session Recording

Every SSH session is recorded in asciicast v2 format. Play back any session from the dashboard — see exactly what happened, when, and by whom.

Session #e7f3a21bRecording

Duration: 4m 12sUser: [email protected]Device: api-server

Certificate-Based Auth

No passwords, no SSH keys to distribute. Each session uses a short-lived certificate (12h TTL) signed by your organization's CA. Auto-rotated, instantly revocable.

Per-organization User CA + Host CA
12-hour TTL, auto-rotated
One-click certificate revocation
Ed25519 keys (modern, fast)

Just-in-Time Elevation

Need root access? Request temporary elevated privileges with a reason. Admins approve or deny from the dashboard. Time-limited, fully audited.

Elevation requestroot@db-primary • "Emergency hotfix" • 30 min

ApproveDeny

Granular Access Control

Define exactly who can SSH where and as which user. Group-based policies with allowed login lists. Admin override for emergencies.

devops-team→production-serversroot, deploy

developers→staging-serversapp, deploy

Old way vs meshr

SSH without the hassle.

	Traditional SSH	meshr Web SSH
Key management	Manual distribution	Automatic certificates
Client required	Terminal + SSH client	Browser only
Port exposure	Port 22 open	Zero open ports
Session recording	Third-party tool	Built-in
Access control	.authorized_keys	Policy engine
Privilege elevation	sudoers file	JIT with approval
Audit trail	auth.log parsing	Real-time dashboard
Certificate rotation	Manual scripts	Automatic (12h)

Open a shell from your browser.

Every feature is unlocked while we're in beta. No credit card, no commitments.

Get early access See pricing →