Back to journal
hermes-agent JUN 04 · 2026

How to Open the Hermes Dashboard Locally Against a Remote Server

Author poornerd
Published June 04, 2026
Reading time 2 min read
Tags
#hermes-agent #howto

Most of my Hermes Agent work happens on a remote server, not my laptop. That’s where the agents run, where the gateway lives, and where things keep humming when my Mac is asleep. But the Hermes dashboard — the nice Kanban view of boards, channels, and sessions — wants to open in a browser. On a headless server, there is no browser.

The obvious fix is to bind the dashboard to 0.0.0.0 and open the port. Don’t. That puts your agent control panel on the public internet. The better move is to keep the dashboard bound to 127.0.0.1 on the server and tunnel that port to your laptop over SSH. Your browser hits localhost, SSH carries the traffic, and nothing is ever exposed.

Three steps.

1. Open an SSH tunnel

From your local machine, connect to the server with a local port forward:

ssh -L 9119:127.0.0.1:9119 root@your-server.example.com

The -L 9119:127.0.0.1:9119 part is the whole trick. It says: take local port 9119 on my laptop and forward it to 127.0.0.1:9119 on the remote side. Anything I send to localhost:9119 here comes out as a connection to 127.0.0.1:9119 there.

Leave this SSH session open. The tunnel only lives as long as the connection does.

2. Start the dashboard on the remote

Inside that same SSH session, on the server, run:

hermes dashboard --host 127.0.0.1 --port 9119 --no-open

Two flags matter here:

  • --host 127.0.0.1 keeps the dashboard private to the box. It’s not listening on any public interface — only the loopback address that our tunnel targets.
  • --no-open stops Hermes from trying to launch a browser on the server. There isn’t one, and without this flag it’ll complain.

3. Open it in your local browser

Back on your laptop, go to:

http://localhost:9119

The request travels down the tunnel and lands on the dashboard running remotely. You get the full Kanban view — boards, channels, gateway status, sessions — exactly as if it were running locally.

Takeaway

Keep the dashboard bound to 127.0.0.1 on the server and let SSH do the reaching. One -L flag, no open ports, no reverse proxy, no auth layer to bolt on. Close the SSH session when you’re done and the tunnel disappears with it.

Follow Brian Porter on LinkedIn →
← Previous
Brian Porter

Written by

poornerd

CTO at an automotive data company in Munich. Co-founder of SiteForce AG. Four decades writing software and shipping production systems.

Keep reading

Related essays

ai MAY 21 · 2026

Why I Switched From OpenClaw to Hermes Agent

OpenClaw got me into agentic coding. Hermes Agent kept me there. Easier setup, fewer surprise breakages, an...

ai MAY 21 · 2026

Can You Actually See What Your AI Coding Agents Are Doing?

Running multiple Claude Code and Codex sessions in parallel? abtop is the system-level view that finally te...

ai MAY 19 · 2026

Conductor: How I Run a Whole Team of Claude Agents From One Mac

How Conductor turns Claude Code into a parallel workforce — many agents, many projects, one overview, and a...