Collaborative vaults, encrypted at rest and self-hosted. Manage every server and network device โ even the ones behind NAT โ from one place your whole team can share, safely.
Every credential your team stores is encrypted before it ever touches disk. Nothing about the way you work should mean trusting a third party with your keys.
Every password and private key is sealed with AES-256-GCM on your server. Stored secrets are never plaintext.
Account passwords are scrypt-hashed and compared in constant time โ never stored, never logged.
Grants over companies and folders decide who sees what. Personal vaults stay private to their owner.
Optional Telegram one-time codes at login stop brute-force and stolen-password attacks.
Runs on your infrastructure. Your vaults, sessions and audit log never leave your server.
Jump agents dial out and are pinned to a public key โ reach private devices without exposing them.
One place for your whole fleet โ servers, routers, switches โ shared with the right people.
Store an SSH login once as a reusable credential, then attach it to any host. Organize devices in nested folders per company, and grant teammates exactly the access they need.
Secrets are encrypted with AES-256-GCM using a key that lives on your server; passwords are scrypt-hashed. Access is enforced by a role model, so people only ever decrypt what they're allowed to.
Deploy a lightweight jump agent inside a private network. It dials out to your server (no inbound ports, no NAT rules) and the server tunnels your session through it โ with the agent identified by a pinned key.
GPU-accelerated rendering, split panes and broadcast-to-all typing. Colour-highlight the output โ mark errors, IPs or any keyword with your own rules and saved profiles so problems jump out at a glance โ plus side-by-side diff of two sessions and one-click quick commands.