All posts

Remote Access

Louis Knight-Webb
Louis Knight-WebbFebruary 28, 2026

Remote Access allows you to remotely control coding agents on a computer running Vibe Kanban. This means you can prompt coding agents on your laptop, from your phone. The service is free for individuals, and you can read the guide to get started.

Remote Access

One Big Box vs Many Small Boxes

The incumbent approach to running coding agents remotely involves isolating each agent in its own small VM. We see a different future, one in which all of your agents run on a single large host machine.

Agents already run type checkers, tests, builds projects, and they'll soon launch browsers and other QA tools. As complexity and performance expectations rise, the same reason you prefer a high-spec laptop for local development is the same reason your coding agents will prefer a high-spec machine for their own execution.

For compiled languages this problem is even more prevalent. On a decent MacBook the Vibe Kanban Rust backend takes 5m+ to compile.

There's also a lot of capable hardware sitting idle. In our office, we had three spare MacBook Pro's that we've turned into Vibe Kanban hosts, and after the OpenClaw mania of the last few weeks, many of you likely have a Mac mini that could serve the same purpose too. This initial release is aimed at people running Vibe Kanban Desktop who want to take their workspace with them on the go. We're already working on improvements that make it easier to launch Vibe Kanban headlessly on platforms like Hetzner and OVH.

Security

To avoid accidentally creating an enormous botnet, we've designed the system to minimize single points of failure. Our primary security concern during development was preventing our backend from being able to issue arbitrary commands to customer machines (for example, invoking a coding CLI to exfiltrate bitcoin wallets).

That's why the cloud architecture is zero trust. During pairing, a host is bound directly to a single browser session, not to our backend. Every action your browser requests is signed locally in the browser and then verified by the host. If the signature doesn't check out, the host rejects the request.

This doesn't eliminate every possible attack, but it meaningfully reduces the attack surface. We have more to do, and this is just one example of how we're securing your environment.

Bug bounty program

Today we're also launching a bug bounty program where we'll pay up to $5,000 for critical findings. This is an additional layer of scrutiny that helps to ensure Vibe Kanban stays secure. You can find more details on our responsible disclosures page.