Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Termix-SSH/Termix/llms.txt

Use this file to discover all available pages before exploring further.

Termix’s role-based access control (RBAC) system lets you share SSH hosts (and command snippets) across multiple users or groups without giving everyone full ownership. An owner shares a host with a specific user or role; the recipient can then connect to that host from their own Termix account without ever seeing the credentials.

How it works

Every host you create is owned by your account. To give another user access, you share it with them directly or by assigning them a role that has access. Credentials are automatically re-encrypted for the recipient so they can connect without you exposing the underlying password or key.
Only hosts that use a saved credential can be shared. Hosts with inline (unsaved) credentials cannot be shared. Create a credential in Credentials first, assign it to the host, then share the host.
Shared hosts appear in the recipient’s host list under a Shared with me section. The recipient can read and connect to the host but cannot edit or delete it (view-only permission level).

System roles

Two system roles are created automatically and cannot be deleted or manually assigned:
RoleWho gets itDescription
adminThe first registered userFull administrative access to all settings, users, and RBAC management
userEvery subsequent registered userStandard user access
The very first account created on a fresh Termix instance is automatically made an admin and assigned the admin role.

Creating custom roles

Admins can create custom roles to represent teams, departments, or access tiers (for example developer, ops, readonly).
1

Open the Admin Panel

Click the gear icon or navigate to Admin Panel in the sidebar.
2

Go to Roles

Select the Roles tab. Existing roles, including system roles, are listed here.
3

Create a new role

Click Create Role and fill in the fields:
FieldDescription
NameInternal identifier. Must be lowercase letters, numbers, underscores, or hyphens (developer, ops-team). Cannot be changed after creation.
Display nameHuman-readable label shown in the UI. Can be updated later.
DescriptionOptional notes about the role’s purpose.
Click Save.
System roles (admin, user) cannot be deleted. Custom roles can be deleted, which also removes all host-access grants that were made to that role.

Assigning users to roles

1

Go to Admin Panel → Users

Find the user you want to assign a role to in the user list.
2

Open user settings

Click the user row to expand their settings, or select Edit.
3

Assign a role

Under Roles, select the custom role from the dropdown and click Assign. System roles (admin, user) are managed separately and cannot be assigned here.
A user can hold multiple roles simultaneously. Their effective access is the union of all grants across all their roles.

Sharing a host with a user or role

1

Open host settings

In your host list, click the three-dot menu on the host you want to share and select Share, or open the host and navigate to the Share tab.
2

Choose a target

Select whether to share with a specific User or a Role. Then choose the user or role from the dropdown.
3

Set an optional expiry

Enter a Duration (hours) if you want the access grant to expire automatically. Leave blank for indefinite access.
4

Confirm

Click Share. The host appears in the recipient’s host list immediately.
When you share a host with a role, all current members of that role gain access. Any user later added to the role will also receive access automatically — their shared credentials are provisioned when the role is assigned.

Revoking access

Open Host settings → Share. The current access list shows each user or role that has been granted access, along with who granted it and when it expires. Click Revoke next to any entry to remove access immediately. Access grants with an expiry date are also cleaned up automatically in the background; expired grants are removed roughly every minute.

Sharing command snippets

The same sharing model applies to command snippets. Open a snippet, go to its Share settings, and share it with a user or role. Snippets are shared with view-only access and can optionally have an expiry.

Permission levels

Currently Termix supports one permission level for shared resources:
LevelCan connectCan edit host settingsCan share with othersCan delete
view (shared)YesNoNoNo
OwnerYesYesYesYes
Write and delete actions on shared hosts are blocked at the permission layer and return an error if attempted.

Permissions cache

For performance, each user’s effective permissions are cached for up to 5 minutes. If you assign or remove a role and the change does not appear to take effect immediately, it will be reflected within that window or on the user’s next login.

Quick reference

Go to Admin Panel → Users, click the user, and click Make Admin. This grants the isAdmin flag which gives full access to all admin features. It is separate from the admin role.
No. Shared hosts are view-only. Only the owner can edit host settings, credentials, or re-share the host.
Deleting a role removes all host-access grants that were made to that role, and all user-role assignments for that role. All affected users immediately lose access to any hosts that were shared via that role.
No. Hosts must have a credential assigned before they can be shared. This is required so Termix can securely re-encrypt the credential for the recipient.
Role assignments do not currently support expiry dates. Only individual host-access grants support expiry dates. To give time-limited access to a host, share the host directly with a user and set a duration.

Build docs developers (and LLMs) love

Get started for freeTalk to us