Tenodera
Open Source · Self-hosted · MIT

Manage your Linux servers
from the browser

A self-hosted admin panel for Linux servers. Terminal, services, packages, containers, files, firewall, and more — no VPN, no SSH tunnels required.

curl -sSfL https://raw.githubusercontent.com/tenodera-io/tenodera/main/tenodera.sh | sudo bash

Everything you need to manage Linux servers

Real-time visibility and full control over your infrastructure — from a single, self-hosted web interface.

🔒
No Inbound Ports

Agents connect outbound to the gateway over WebSocket. No open ports, firewall exceptions, or VPN tunnels required on managed hosts.

🔑
PAM Authentication

Uses existing system accounts — local users, FreeIPA, SSSD, LDAP. No separate user database to manage.

📊
Real-time Dashboard

Live charts for CPU, memory, disk I/O, and network — streamed over WebSocket with 90-point rolling history. No page refresh needed.

🖥️
Browser Terminal

Full PTY running in the browser via xterm.js. Opens a shell as the authenticated user — no root shell exposed. Auto-copy on text selection.

🌐
Multi-host Management

Manage unlimited servers from a single panel. Switch between hosts with one click — all pages instantly show data from the selected host.

⚙️
Comprehensive Feature Set

Services, packages, containers (Docker/Podman), file manager, firewall, DNS, TLS certificates, cron jobs, kernel dumps, and audit logs.


See it in action

A clean, dark interface built with React — designed for long admin sessions.

Dashboard
Dashboard — real-time system overview
Terminal
Terminal — browser-based PTY via xterm.js
Services
Services — manage systemd units
Users & Groups
Users & Groups — NSS-aware user management
Packages
Packages — apt / dnf / pacman auto-detected
Storage
Storage — block device tree and disk I/O chart
Networking
Networking — traffic charts, firewall, interfaces
Containers
Containers — Docker and Podman management
Files
Files — browser-based file manager with sudo support
Logs (Journal)
Logs — systemd journal with unit filter
Log Files
Log Files — /var/log browser with full-text search
Cron Jobs
Cron Jobs — view and edit system and user crontabs
DNS
DNS — resolv.conf, /etc/hosts, interactive dig lookup
Certificates
Certificates — TLS cert scan, import, trust store
Management
Management — enrolled hosts, pending, bootstrap tokens

What you need

Tenodera ships as a static binary — no runtime dependencies. If your system runs systemd, you're good to go.

OS
Any Linux with systemd
Debian · Ubuntu · RHEL · Fedora · Arch
Architecture
x86_64
arm64 planned
Runtime deps
None
No JVM · no Python · no Node.js
Ports
9090 · 9091
Panel :9090 inbound · Agent :9091 outbound only
Auth
PAM · sudo · wheel
FreeIPA · LDAP · SSSD supported via PAM
Disk
~20 MB
per binary (panel or agent)

Up and running in minutes

The installer handles everything: Rust, Node.js, build, binary install, systemd service. One command on the panel host, one on each managed host.

# Install panel on your gateway host
curl -sSfL https://raw.githubusercontent.com/tenodera-io/tenodera/main/tenodera.sh | sudo bash

# Access at http://<host>:9090 — log in with any system user

Supported: Debian, Ubuntu, RHEL, Fedora, Arch — any Linux with systemd and x86_64.


How it works

Agents connect outbound — the gateway never initiates connections to managed hosts. All communication is multiplexed over a single authenticated WebSocket per host.

Browser HTTPS / WSS Gateway Axum · PAM auth · session management outbound WS outbound WS Agent host-1 Agent host-2 Agent localhost · · ·
Gateway
Rust · Axum 0.8
UI
React 19 · TypeScript · Vite 6
Agent
Rust · Tokio · ~20 MB
Protocol
JSON over WebSocket · v2

Built with security in mind

No agent opens inbound ports. No separate credential store. Designed to be auditable from day one.

PAM authentication
Credentials validated against the OS — no password database to protect or leak.
No inbound ports on agents
Agents connect outbound over WebSocket — no firewall rules, no open attack surface on managed hosts.
Audit log
Every login, logout, and privilege escalation written to /var/log/tenodera_audit.log.
Rate limiting & brute-force protection
Login attempts rate-limited per IP. Repeated failures trigger a temporary lockout.
CSRF · CSP · Secure headers
All state-changing requests require a CSRF token. Strict CSP and security headers on every response.
Privilege separation
Gateway drops to a dedicated service account after startup. PAM operations run in an isolated subprocess.

Common questions

Is there a Docker image?
No, and it cannot work correctly in a standard container. Tenodera authenticates users through the host's PAM stack — inside a container, PAM sees the container's empty user database, not the real system users. Authentication also relies on a setuid root subprocess that standard Docker security (no-new-privileges, user namespace remapping) prevents from working. The only workaround is --privileged, which removes container isolation entirely and makes containerization pointless. Install directly on the host using the installer above.
Do I need a VPN to connect managed hosts?
No. Agents connect outbound to the panel over WebSocket — the panel never initiates connections to managed hosts. As long as the managed host can reach the panel on port 9091, it works across NAT, cloud, and private networks with no VPN or firewall rules required.
Does it work with FreeIPA / LDAP / Active Directory?
Yes — Tenodera uses PAM, so any identity provider that integrates with PAM works automatically. This includes FreeIPA, SSSD + LDAP, Winbind, and local accounts. No extra configuration needed on the Tenodera side.
What happens if an agent goes offline?
The host is marked as offline in the panel UI. All other connected hosts continue working normally — each agent has its own independent WebSocket connection. The agent reconnects automatically when it comes back online.
Does Tenodera store my passwords?
No. Passwords are passed directly to PAM and never written to disk. Sessions use short-lived tokens. The password field is zeroed in memory immediately after the PAM call returns.
Can the panel and an agent run on the same host?
Yes. Install both tenodera and tenodera-agent on the same machine. The agent appears as localhost in the panel alongside any remote hosts.
Is it production-ready?
Yes. For production deployments, enable TLS so the panel is served over HTTPS/WSS — this encrypts all traffic between the browser and the gateway. Review the documentation for the recommended setup before going live.