| TRUSTMUXD(1) | User Commands | TRUSTMUXD(1) |
NAME¶
trustmuxd - Trustmux daemon (mobile companion for tmux/Byobu sessions)
SYNOPSIS¶
trustmuxd [--host ADDR] [--port PORT] [--https] [--self-signed] [--version]
DESCRIPTION¶
trustmuxd is a lightweight daemon that serves a mobile-optimised web interface for monitoring and interacting with tmux and Byobu sessions over your Tailscale private network.
The daemon serves a Progressive Web App (PWA) over HTTPS. In the default mode it binds to the Tailscale interface and relies on tailscale serve for TLS termination. In direct mode (--self-signed) it generates a self-signed ECDSA certificate and binds directly on the network interface.
Authentication uses 6-digit one-time pairing codes (generated with trustmux-pair(1)) and permanent per-device session tokens stored in ~/.config/trustmux/tokens.json.
In normal use, the daemon is managed via trustmux(1) rather than being invoked directly.
OPTIONS¶
- --host ADDR
- Bind address (default: Tailscale IP, or 127.0.0.1 with --https).
- --port PORT
- TCP port to listen on (default: 7432).
- --https
- HTTPS mode: trust proxy headers and set Secure cookie flag. Use with tailscale serve.
- --self-signed
- Generate a self-signed ECDSA P-256 TLS certificate for direct HTTPS access without Tailscale.
- --version
- Print version and exit.
FILES¶
- ~/.config/trustmux/tokens.json
- Persistent session tokens (mode 0600).
- ~/.config/trustmux/trustmux.sock
- Admin Unix socket (mode 0600) used by trustmux-pair(1) and trustmux-unpair(1).
- ~/.config/trustmux/cert.pem
- Self-signed TLS certificate (mode 0644), created on first --self-signed start.
- ~/.config/trustmux/key.pem
- TLS private key (mode 0600).
SEE ALSO¶
trustmux(1), trustmux-pair(1), trustmux-unpair(1), trustmux-enable(1), trustmux-disable(1), byobu(1), tmux(1)
AUTHOR¶
Dustin Kirkland <kirkland@ubuntu.com>
| 2026-05-28 | trustmux |