Onepilot is a mobile-first agentic IDE for iPhone. It lets you SSH into any remote server, deploy and manage AI agents, browse files, manage git repos, and schedule cron jobs — all from your pocket.

What kind of servers can I connect to?

Pretty much anything you can SSH into. Your personal computer, a cloud server on AWS or Hetzner, a Raspberry Pi in your closet, a Docker container, your company's jump host — it all works. Just enter your credentials and you're in.

How does Onepilot connect to my server?

Onepilot connects via SSH with support for password and key-based authentication. Simply add your server credentials, and you get a full terminal, file browser, and agent deployment — all through a native iOS interface.

What AI agents can I deploy with Onepilot?

Onepilot supports multiple agent frameworks, with an agent-agnostic architecture designed to work with any terminal-based agent. You can deploy agents with customizable personalities, connect them to 23+ LLM providers, and control them via Telegram, Discord, or Slack.

Yes — everything you need is free to get started. You bring your own servers and API keys, so there are no hosting fees or hidden costs.

What LLM providers are supported?

Onepilot supports 23+ LLM providers including Anthropic (Claude), OpenAI, Google Gemini, Mistral, Groq, DeepSeek, xAI, Perplexity, Ollama, and many more. You can also add custom providers.

How is Onepilot different from Termius or Blink Shell?

While Termius and Blink are SSH clients, Onepilot is an agentic IDE. Beyond terminal access, it provides AI agent deployment and management, a soul designer for agent personalities, cron job scheduling, git integration, and a file browser — all designed for the AI-native developer workflow.

Is my server data secure?

Yes. All credentials are stored in the iOS Keychain and never transmitted to any third party. SSH connections are end-to-end encrypted. Agent API keys are stored locally on your device and deployed directly to your servers.

Can I run AI coding agents from my iPhone?

Yes. Onepilot lets you deploy and manage AI coding agents directly from your iPhone. Set up an agent on your remote server through a guided wizard, pick your LLM provider and messaging channel, and your agent is live — all without touching a laptop.

Does Onepilot work with AWS, Hetzner, or DigitalOcean?

Yes. Onepilot works with any server you can SSH into — AWS EC2, Hetzner Cloud, DigitalOcean Droplets, Google Cloud VMs, Linode, Vultr, Oracle Cloud, Raspberry Pi, home lab machines, Docker containers, and more.

Can I use Onepilot as a mobile IDE?

Yes. Onepilot is a full mobile IDE with a real terminal, file browser with syntax highlighting for 20+ languages, git integration (diffs, commits, branches), cron job management, and AI agent deployment. It goes well beyond a basic SSH client.

How do I deploy an AI agent on a remote server?

Open Onepilot, connect to your server via SSH, then tap Deploy Agent. A step-by-step wizard guides you through choosing your agent framework, LLM provider, API keys, and messaging channels. Your agent is deployed and running in minutes.

What is the best mobile SSH client for developers in 2026?

For developers who want more than just a terminal, Onepilot is the most capable option. Unlike Termius or Blink Shell which focus on SSH access, Onepilot combines a full terminal with AI agent deployment, file browsing, git tools, and cron management — purpose-built for the AI-native developer workflow.

Is it safe to deploy AI agents from my iPhone?

Yes, if you follow security best practices. Onepilot stores SSH keys in iOS Keychain (hardware-encrypted). Use SSH keys (not passwords), run agents as a limited user, keep API keys in environment variables, and review changes before merging.

How does iPhone protect AI agent credentials?

Onepilot stores SSH keys and credentials in iOS Keychain, which is hardware-encrypted via the Secure Enclave. Keys never leave the device. The SSH connection is encrypted end-to-end. Use Face ID to protect access to the app.

AI Agent Security on iPhone: What You Need to Know

An AI coding agent running on your server has real power — it can read files, execute commands, and modify code. Deploying one from your phone doesn't add risk if you follow the same security practices you'd use from a laptop. Here's what to get right.

The Threat Model

When you deploy an AI agent, it inherits your SSH user's permissions. The risks are:

Overprivileged access — the agent can read/write more than it needs to
API key exposure — keys in environment variables are visible to the agent
Unreviewed changes — the agent writes code that introduces vulnerabilities
Session persistence — a tmux session stays active with your permissions

None of these are mobile-specific. They apply whether you're deploying from a phone or a desktop.

SSH Hardening

Use SSH keys, never passwords — Onepilot stores keys in iOS Keychain (hardware-encrypted)
Disable password authentication — PasswordAuthentication no in /etc/ssh/sshd_config
Use non-standard ports — reduce noise from automated scanners
Enable fail2ban — auto-block IPs after failed attempts

For a full walkthrough, see our SSH from iPhone guide.

Least-Privilege Agent Users

Don't run AI agents as root or your personal admin account. Create a dedicated user:

useradd -m -s /bin/bash ai-agent

Give it access only to the project directory. No sudo. No SSH keys to other servers. If the agent misbehaves, the blast radius is contained.

API Key Management

Use environment variables — never hardcode API keys in scripts or config files
Scope keys narrowly — if your LLM provider supports key scoping, limit what each key can do
Rotate regularly — especially if you share server access with a team
Use .env files with strict permissions — chmod 600 .env

Review Before Merge

Never blindly merge AI-generated code. Always:

Run git diff to review every change
Run the test suite
Check for hardcoded secrets or credentials
Look for common vulnerabilities: SQL injection, XSS, command injection

This takes 5 minutes on your phone. It can save you from a security incident.

iPhone-Specific Security

Device lock — use Face ID / passcode. Your SSH keys are only as secure as your phone.
Public WiFi — SSH is encrypted, but use a VPN as an extra layer on untrusted networks.
Session timeout — don't leave tmux sessions attached indefinitely. Detach when done.

The Bottom Line

Mobile AI agent deployment is as secure as your practices. Use SSH keys, run agents as limited users, review changes before merging, and keep API keys locked down. Onepilot handles the secure connection — you handle the discipline.

Learn the full workflow in our remote AI agent management guide. Or get started with deploying your first agent.