Both solve NAT traversal. But one is a purpose-built AI terminal; the other is a generic tunnel. Here's which one fits your workflow.
TL;DR. If you want to run Claude Code, Ollama, or a shell on a remote machine and access it from your phone, AITerm is the faster path — session management, browser UI, multi-AI scanning, and team sharing are built in. If you want to expose an arbitrary local HTTP or TCP port (a dev server, a webhook receiver, an API), ngrok is the right tool. Many teams use both.
AITerm is a multi-AI terminal SaaS. You install a lightweight open-source connector on each machine; it connects outbound to aiterm.io over WebSocket+TLS. You open any browser — including your phone — to reach a full xterm.js terminal running Claude Code, Ollama, llama.cpp, LM Studio, vLLM, GPT4All, or plain bash. Sessions persist across connector restarts. The connector is MIT-licensed.
ngrok is a reverse-tunnel service. You install the ngrok client, run ngrok http 3000 (or similar), and ngrok hands you a public URL that tunnels traffic to your local port. Popular for demoing web apps, testing webhooks, and exposing local APIs.
| AITerm | ngrok | |
|---|---|---|
| Primary use case | Browser access to AI tools & shell | Exposing arbitrary ports |
| Mobile-friendly UI | Yes (xterm.js touch support) | Depends what you tunnel |
| Multi-AI scan | Built-in | N/A |
| Session persistence | PTY manager survives connector restarts | Depends on the exposed app |
| Team sharing | View-invites + share links | Paid tiers only |
| Protocol exposed | WebSocket over TLS, paired sessions only | HTTP / TCP / TLS |
| Attack surface | Paired AI sessions only | Whatever port you tunnel |
| Auth model | Per-machine token + browser session | OAuth + optional basic auth |
| Free tier | 5 machines, 1 user, unlimited sessions | 1 static domain, 1 endpoint |
| Paid tier | €9 / user / month | $10 / month personal |
| Open source | Connector is MIT | Client is source-available, not OSS |
| Self-hostable | Connector-configurable hub_url | No (official service only) |
The biggest practical difference is what a leaked credential gives away.
Both services use TLS. AITerm additionally pins the hub certificate (TOFU) and Ed25519-signs update manifests to prevent a compromised hub from pushing malicious code.
In real teams we see both: ngrok for the web-dev side, AITerm for the AI side. They don't overlap as much as it first looks.
Technically yes — expose a port running ttyd, gotty, or similar browser-based terminal, wrap it with HTTP basic auth, and mount your AI CLIs. In practice you end up rebuilding AITerm's UI, session management, scanning, pairing, and team-sharing from scratch. Many developers try this route and switch to AITerm after their third "why can't I upload a file" moment.
No. AITerm only exposes paired terminal sessions. It isn't a generic reverse proxy and intentionally won't tunnel arbitrary ports — that would widen the attack surface and blur the product.
AITerm's browser UI works on Safari and Chrome on phones without any app install. Authentication is the same as desktop (email + password, session cookie). No SSH client needed — SSH on mobile generally requires a paid app (Termius, Blink Shell) and a painful setup.
Install on any Linux or macOS machine in 30 seconds: