oxideterm
OxideTerm is a Rust-based, open-source SSH client and workspace for managing remote servers with integrated terminal, SFTP file manager, port forwarding, and optional AI assistance. It emphasizes local-first operation, no account requirements, and uses native Tauri instead of Electron.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | AnalyseDeCircuit/oxideterm |
| Owner | AnalyseDeCircuit |
| Primary language | Rust |
| License | GPL-3.0 — OSI-approved |
| Stars | 920 |
| Forks | 65 |
| Open issues | 9 |
| Latest release | v1.6.12 (2026-07-06) |
| Last updated | 2026-07-07 |
| Source | https://github.com/AnalyseDeCircuit/oxideterm |
What oxideterm is
Built on Tauri 2.0 and pure Rust (russh 0.59), OxideTerm implements dual-plane IPC (Tauri JSON control + per-session WebSocket binary data), SSH multiplexing, ChaCha20-Poly1305 encryption for local config, and plugin support via ESM runtime. No OpenSSL or libssh2 dependencies.
Get the oxideterm source
Clone the repository and explore it locally.
git clone https://github.com/AnalyseDeCircuit/oxideterm.gitcd oxideterm# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Verify Rust 1.85+ and Tauri 2.0 compatibility with your target platforms (macOS, Windows, Linux); custom builds may be needed for non-standard architectures.
- SSH key management relies on OS keychain integration; confirm keychain APIs are available and accessible in your deployment environment.
- If using OxideSens AI, prepare API credentials for your chosen provider (OpenAI/Ollama/DeepSeek) and verify network connectivity from the desktop app to the endpoint.
- Review GPL-3.0 obligations if OxideTerm is used in a commercially distributed product; consider whether source disclosure and copyleft requirements fit your licensing model.
- Test Grace Period reconnect behavior in your network environment to confirm tolerance for latency and connection loss; idle timeouts and forwarding rules may need tuning.
When to avoid it — and what to weigh
- You require commercial closed-source SSH client support — GPL-3.0 license mandates source distribution and derivative disclosures. Proprietary or non-GPL-compliant use is not permitted.
- Your team relies on hosted cloud sync or zero-knowledge backup — OxideTerm is local-first by design; cloud sync is opt-in via external plugin only. No central account or managed backup service.
- You need battle-tested enterprise SLAs or vendor support contracts — Project is actively maintained but community-driven. No official support tier, SLA, or liability coverage stated in public data.
- Your deployment requires minimal native dependencies — Tauri 2.0 still requires platform-specific system libraries (WebKit2GTK on Linux, native frameworks on macOS/Windows). Not suitable for headless or minimal environments.
License & commercial use
GPLv3.0 (GNU General Public License v3.0). Copyleft license requiring source disclosure for any distributed derivatives. Commercial use of unmodified OxideTerm is permitted; modifications distributed commercially require source release and must remain GPLv3.0.
Caution: GPLv3.0 is a copyleft license. You may use OxideTerm unmodified in a commercial context, but if you distribute a modified version to customers or embed it in a proprietary product, you must release source code under GPLv3.0. Internal-only use may be safer; consult legal counsel if commercial distribution or relicensing is planned.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Strong |
| License clarity | Clear |
| Deployment complexity | Low |
| DEV.co fit | Good |
| Assessment confidence | High |
Credentials (passwords, API keys) are stored in OS keychain; .oxide exported files use ChaCha20-Poly1305 + Argon2id (256 MB) encryption; local config is encrypted at rest; memory is cleared with `zeroize` crate. Host key verification uses TOFU (Trust On First Use). No telemetry stated. However: security posture claims cannot be independently verified from README alone; conduct code audit or penetration test if high-assurance security is required. Pure Rust SSH (russh) avoids OpenSSL but introduces auditing burden for Rust SSH library itself.
Alternatives to consider
Termius
Cloud-first SSH client with sync and team management; requires account and subscription. Proprietary, not open-source. Better if you want managed backup and multi-device sync.
SecureCRT
Enterprise SSH client with advanced scripting and clustering. Closed-source, commercial license. Better if you need vendor support and established enterprise workflows.
Tabby (powered by OpenSSH or libssh2)
Open-source Electron-based terminal/SSH client. Active community; uses OpenSSH/libssh2. Better if you prefer Electron and want lightweight setup; worse if you want pure Rust and minimal footprint.
Build on oxideterm with DEV.co software developers
Review the source code on GitHub, test the latest release, and confirm GPL-3.0 compliance in your commercial workflow. Contact the author for adoption questions and architecture deep-dives.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
oxideterm FAQ
Can I use OxideTerm in a commercial product?
Does OxideTerm require an account or send telemetry?
What platforms are supported?
Is there a headless or server version?
Software developers & web developers for hire
From first prototype to production, DEV.co delivers software development services around tools like oxideterm. Our software development agency staffs experienced software developers and web developers for custom software development, web development, integrations, and ongoing support across rag frameworks and beyond.
Evaluate OxideTerm for Your Team
Review the source code on GitHub, test the latest release, and confirm GPL-3.0 compliance in your commercial workflow. Contact the author for adoption questions and architecture deep-dives.