ziti
SHA-256OpenZiti is an open-source zero-trust networking platform that makes network services invisible to unauthorized users. It provides cryptographic identity for every entity, end-to-end encryption, and policy-driven access without VPNs or open ports.
Smart Download
Download Download Version
v1.6.15 · 49.8 MB
Open-source zero-trust network platform that hides services, replaces VPNs, and provides identity-based access.
Core Features
- Dark services: zero listening ports
- Cryptographic identity for everything
- End-to-end encryption (libsodium + mTLS)
- No VPN clients or firewall rules needed
- Smart routing for performance
What It Can't Do
- •Requires understanding of zero-trust identity and policy concepts; SDK embedding needs code changes, but tunneler mode works with zero code mods; high throughput may require careful routing topology design; non-Docker deployments have scattered docs—refer to official documentation.
Use Cases
- Replace VPNs for secure remote access
- Dark APIs and services with zero attack surface
- IoT and non-human identity management
- Multi-cloud and hybrid connectivity
- Self-hosted service access (Nextcloud, Home Assistant, etc.)
- Kubernetes cross-cluster service mesh
- Agentic AI secure communication
OpenZiti is an open-source zero-trust networking platform designed to make network services invisible to unauthorized users. Every connection—from users, services, devices, or workloads—is authenticated with a cryptographic identity, authorized by policy, and encrypted end-to-end. It supports three deployment models: network-level (no code changes), host-level (tunneler on the same host), and application-level (embedded SDKs). It can be self-hosted entirely, offering an alternative to commercial solutions like Zscaler or traditional VPNs. Use cases include replacing VPNs, securing APIs, IoT, multi-cloud connectivity, Kubernetes cross-cluster services, and agentic AI workloads.
Tags
Getting Started
Download installer
Click the button above to download the installer for your system
Install the software
Double-click the downloaded installer and follow the prompts
Download and run the Docker quickstart script: `wget https://get.openziti.io/d`
Follow the script to set up a local controller and router, then enroll an identity
Use tunneler (no code changes) or SDK to connect your service, or access the admin console via browser
- Download and run the Docker quickstart script: `wget https://get.openziti.io/d`
- Follow the script to set up a local controller and router, then enroll an identity
- Use tunneler (no code changes) or SDK to connect your service, or access the admin console via browser
SHA-256 checksum verified
Checksum extracted from GitHub official Release page
SHA256 Checksum
5c52d73d42ac7051686077ec73a150b2c7e9cce78aebeb41b39ee14ee94f1d1eThis checksum is extracted from the GitHub Release page. Verify file integrity after download.
All SHA-256 checksums on this platform are extracted from the project's official GitHub Release page, without any modification. You can independently verify them on the GitHub Releases page.
Open Source Transparency
View GitHub SourceUninstall Info
Stop and remove all OpenZiti Docker containers and images: `docker stop $(docker ps -a -q --filter name=ziti) && docker rm $(docker ps -a -q --filter name=ziti) && docker rmi openziti/...` and delete the local data directory (~/.openziti).
No Extra Dependencies
Ready to use after download. No additional runtime required.
Having issues? Check the FAQ below
5 FAQs
Similar Projects
SearXNG
SearXNG is a free metasearch engine that combines results from over 70 search services while respecting your privacy. Self-host it to keep your data under your control.
Immich
High performance self-hosted photo and video management solution with automatic backup, AI search, facial recognition, and multi-user support.
syncthing
A continuous file synchronization program that syncs files between devices securely and automatically, with no central server.