v2.0 · For DevOps, SRE & sysadmins · Private beta

The SSH client
that doesn't leak your keys.

One native macOS app for SSH, SFTP, FTP and Telnet — with the encrypted vault, the audit log, and the cloud sync that keeps your operators in sync without giving up zero-knowledge. Built by ops for ops.

See pricing See preview

macOS 13+ · Native Rust · Swiss-hosted sync

<1 ms
Native keystroke latency · no Electron
0 keys
leave your device — server holds ciphertext only
100%
of vault changes audited & rollback-able
🇨🇭
Sync hosted in Switzerland · ILYGO operated

One client. All your protocols.

No more switching between iTerm + Cyberduck + 1Password. ILYGO Hawser handles SSH, SFTP, FTP, Telnet, plus your credentials, in one native binary.

SSH that doesn't lag

Native Rust SSH engine. Sub-millisecond keystroke latency, no Electron overhead, no JS bridge. Your terminal feels local even on a transatlantic link.

SFTP, FTP & Telnet

One UI for every transfer protocol. Drag-and-drop file transfers, side-by-side panes, dashboard for Docker and Kubernetes hosts.

Encrypted vault, local-first

SSH keys, passwords, host configs. AES-256-GCM at rest, Argon2id key derivation. No cloud dependency — your secrets stay on your disk.

Zero-knowledge sync

Optional. Off by default. The server stores opaque ciphertext — we cannot decrypt your vault, even if compelled by court order.

Pre-save backups

Every save snapshots the previous version, kept locally. Roll back any corruption (cloud sync collision, disk hiccup) in one click. 5 versions retained.

Session recording

Replay any past terminal session with full ANSI fidelity. Useful for incident postmortems and onboarding new engineers.

A glimpse

Real screenshots of the current build.

ILYGO Hawser connections hub

Connections hub

All your hosts in one place. Filter by protocol, one click from a working shell or SFTP.

ILYGO Hawser cloud account

Cloud account

Sync up to 500 items across your devices. Zero-knowledge encryption — the server holds opaque ciphertext only.

ILYGO Hawser security settings

Security & 2FA

Touch ID, passkeys, TOTP, auto-lock — every safety net stacked on top of the AES-256-GCM vault.

ILYGO Hawser in-app help

In-app help

Onboarding articles built right into the app — no docs site to leave when you're stuck.

Simple pricing. No hidden quotas.

The desktop app is free. Cloud sync starts free for a few items, scales when you add devices & teammates.

Free · Personal
0 CHF
Everything local-first, forever.
  • Native SSH, SFTP, FTP & Telnet client
  • Local encrypted vault (.ivault)
  • Touch ID unlock + auto-lock
  • Session recording & replay
  • 2 items in cloud sync (just a taster)
  • no point-in-time restore
Get started
Recommended
Pro · Multi-device
7 CHF / month
Cloud sync & daily backups for serious operators.
  • Everything in Free
  • 500 items sync (hosts, keys, secrets, TOTPs)
  • Sync across all your devices, as many vaults as you need
  • Daily backups, 90-day retention
  • 10 MB safety cap per file
  • Priority support & early features
Subscribe

Quotas indicatives — final pricing may evolve before public release.

Built for people who don't trust the cloud.

ILYGO Hawser is designed under a strict threat model: the server is hostile, your laptop may be lost, and credentials must survive both.

The server can't read your vault.

The master key never leaves your devices. Cloud sync only sees AES-256-GCM ciphertext. Even with full server access, an attacker gets opaque blobs.

Account compromise ≠ vault compromise.

Stealing your sync account password lets an attacker download your ciphertext. Without the (separate) vault password, it stays unreadable.

Versioning as a safety net.

Every save creates a new version: the 5 latest stay on your disk, and every cloud upload becomes a server-side version you can roll back to. Corruption rolls back instantly.

Open format, no lock-in.

The .ivault format is documented and shared across the ILYGO suite. Export, audit, script — your data is portable.

Memory hygiene.

Master keys live in zeroized memory, scrubbed on drop. Auto-lock after configurable idle. No JS heap leaks.

Native code, audited stack.

Rust core, no Electron. Crypto via the RustCrypto org — battle-tested aes-gcm and argon2.

How ILYGO Hawser compares

Same job, different priorities. Here's where we draw the line.

ILYGO Hawser Termius Royal TSX iTerm + 1Password
SSH / SFTP / FTP / TelnetAll fourYesYesSSH only
Native (no Electron)RustElectronNativeNative
Zero-knowledge syncYesServer-side encryptionNoVia 1Password
Vault format openYesNoNoNo
Docker & K8s dashboardsBuilt-inNoPluginNo
Cross-platformmacOS today · Win/Linux on the roadmapYesmacOS onlymacOS only
Local-firstYesCloud-firstYesYes
Price (single user)Free desktop · Sync from 7 CHF/mo10 CHF/mo99 CHF one-time2 apps to buy

How the sync works

Three steps. The server learns nothing about your vault contents.

# 1. Open ILYGO Hawser → Settings → Cloud sync (off by default) # 2. Configure server URL Server: https://hawser.ilygo-app.ch # 3. Register an account (your account password ≠ vault password) Email: alice@example.com Account password: ████████████ # Argon2 hashed server-side # 4. Pair this device with a remote vault. From now on: # - Push: uploads ciphertext blob (server sees no plaintext) # - Pull: downloads latest, atomic write to local file # - Versions: roll back to any of the last N saves

The server stores ciphertext only. Your master key never leaves your devices — even a full server compromise leaks opaque blobs, never plaintext.

ILYGO Hawser is in private beta.

Native binaries are in the works. The desktop app will be free; cloud sync is optional and starts free with 2 items — just a taste.

macOS Universal Soon Windows Soon Linux Soon

Want early access? Drop us a line.