Listen to this Post
Introduction:
The dream of running AI-powered development tasks from anywhere — your bed, your car, or a coffee shop across the world — is no longer science fiction. With Claude Code, Anthropic’s agentic coding system that reads codebases, plans sequences of actions, executes them using real development tools, and adjusts its approach autonomously, developers and marketers alike are discovering they can offload complex workflows to a persistent machine that never sleeps. The core concept is simple: keep a Mac Mini running Claude Code 24/7 in your office, secure it with a private VPN like Tailscale, enable SSH remote login, and use tmux to maintain persistent sessions that survive network drops and phone locks. The result? A permanent virtual assistant with full context on your entire business that you can text from anywhere in the world.
Learning Objectives:
- Set up a headless Mac Mini as a permanent, always-on Claude Code host with remote SSH access
- Configure secure remote connectivity using Tailscale or Twingate to eliminate exposed ports
- Implement tmux for persistent session management that survives disconnections
- Build iOS Shortcuts and Termius workflows for one-tap Claude Code execution from mobile
- Deploy Claude Code’s official Remote Control feature for browser and mobile app access
You Should Know:
1. Building the Always-On Foundation: Mac Mini Configuration
Before you can run Claude Code from your phone, your Mac Mini must be configured to stay awake, accessible, and ready to accept remote connections at all times. This is the bedrock of the entire setup.
Start by preventing your Mac Mini from sleeping. A sleeping Mac does not answer SSH calls. Open System Settings → Energy, and under Power Adapter, set “Prevent your Mac from automatically sleeping when the display is off” to On, and enable “Wake for network access”. Alternatively, use the Terminal:
Prevent sleep (requires plugged-in power adapter) sudo pmset -a sleep 0 Enable network wake sudo pmset -a womp 1 Verify settings pmset -g
Next, enable SSH Remote Login. Open System Settings → General → Sharing and turn on Remote Login. This enables the SSH server on your Mac. Note that Remote Login only listens on your local network interfaces by default— which is exactly what we want when combined with a VPN solution.
For security, generate an SSH key pair and configure key-based authentication:
Generate a 4096-bit RSA key ssh-keygen -t rsa -b 4096 Copy public key to authorized_keys cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys Set proper permissions chmod 600 ~/.ssh/authorized_keys chmod 700 ~/.ssh
- Secure Remote Access: Tailscale vs. Twingate vs. Official Remote Control
Exposing SSH port 22 to the public internet is a terrible idea — protected by nothing but a password or key pair, reachable by every scanner on the planet. The solution is to create a private network between your phone and your Mac using a zero-trust VPN solution.
Option A: Tailscale (Simplest, free for personal use)
Tailscale creates a private WireGuard-based network between your devices. Install it on both your Mac Mini and your phone:
On Mac Mini brew install tailscale sudo tailscale up Get your Tailscale IP tailscale ip -4
On your iPhone, download the Tailscale app from the App Store, sign in with the same account, and you’re connected. Your Mac Mini will be reachable at its Tailscale IP (e.g., 100.x.y.z).
Option B: Twingate (Enterprise-grade, free for up to 5 users)
Twingate takes a different approach: deploy a Connector on your local network (running on your Mac, a Raspberry Pi, or a Docker container), add your Mac as a Resource using its local IP, and install the Twingate client on your phone. Your phone connects through an encrypted, identity-verified connection with no open ports, no port forwarding, and no dynamic DNS.
Option C: Claude Code Official Remote Control (The easiest path)
On February 25, 2026, Anthropic shipped Remote Control — a feature that takes about five seconds to set up. From any active Claude Code session, run:
claude remote-control
You’ll get a QR code. Scan it with the Claude app on your phone, and you have full control of the session — same files, same MCP servers, same project context. No inbound ports are opened on your machine; everything routes through Anthropic’s API with TLS and temporary credentials. Remote Control requires Claude Code v2.1.51 or later — check your version with claude --version.
- Persistent Sessions with tmux: Never Lose Your Work Again
Without tmux, your Claude Code session dies every time your phone locks, your network switches, or you close your SSH client. With tmux, the session keeps running on your Mac and you reattach whenever you reconnect.
Install tmux via Homebrew:
brew install tmux
Create a named session for Claude Code:
tmux new -s claude
You can add multiple windows for different projects:
tmux new-window -t claude -1 "ads" tmux new-window -t claude -1 "content"
To detach from a session without killing it, press `Ctrl-A` then d. To reattach later:
tmux attach -t claude
For a mobile-optimized tmux experience, consider the `claude-mobile-setup` project which provides a session picker that displays active Claude sessions on connect, voice input support via Termius speech-to-text, and a mobile-optimized tmux configuration.
- Mobile SSH Clients: Termius, Blink, and Web-Based Access
Termius (Free, available on iOS and Android) is the most popular choice. Install it on your phone, create a new host entry with your Tailscale IP or hostname, port 22, and your macOS username and password or SSH key. For improved connection resilience, enable Mosh (Mobile Shell) in Termius — it survives network drops, WiFi-to-cellular handoffs, and sleep/wake cycles. Note that Mosh requires UDP ports 60000-61000 to be accessible.
For a more polished experience on iOS, Blink Shell (paid) offers excellent Mosh support and a refined mobile terminal interface.
Web-based terminal access is another option. The `vibe-coding-setup` project provides a complete setup using ttyd (a web-based terminal) and agentboard, both served over Tailscale. After installation, open your mobile browser to `http://
5. iOS Shortcuts: One-Tap Automation from Anywhere
The killer feature of this setup is the ability to trigger Claude Code tasks with a single tap from your iPhone’s home screen. Create an iOS Shortcut that runs a script over SSH.
Here’s how to build it:
1. Open the Shortcuts app on your iPhone
2. Tap “+” to create a new shortcut
3. Add action: “Run Script Over SSH”
- Configure the host with your Tailscale IP, port 22, and your Mac username
- Under “Authentication,” select your SSH key (generated and stored in the Shortcuts app)
- In the script field, enter your command, for example:
tmux new -s quicktask -d "claude 'Generate 5 ad variations for our new product launch'"
- Name the shortcut and add it to your home screen
With this in place, you can run ad campaigns, write social media posts, generate thumbnails, format content, and more — all from your phone, the car, or even before getting out of bed.
- Advanced Automation: Ad Campaigns, Content Generation, and MCP Servers
Claude Code’s true power emerges when you connect it to external tools via the Model Context Protocol (MCP). Several MCP servers already exist for ad campaign management:
- Google Ads MCP: Manage Google Ads campaigns directly from Claude Code — view performance metrics, adjust budgets, pause/enable campaigns, and analyze keywords without leaving your terminal.
- Meta Ads Analyzer: A Claude Code skill + MCP server setup for expert-level Meta Ads campaign analysis, including the Breakdown Effect framework, Learning Phase diagnostics, and 9 reference documents from Meta’s official documentation.
- Ad Generator MCP: Lets Claude Code autonomously create ad campaigns — generate copy, render templates to images, and save assets to the project library.
To use these, configure Claude Code by filling in the environment values in `.mcp.json` at your project root. The MCP server runs locally on your Mac Mini, accessible via your Tailscale connection, meaning you can trigger ad campaign generation from anywhere.
For content creation, create custom Agent Skills that define your brand tone, voice, product accuracy guidelines, and best practices. Claude Code can then cross-reference your inputs against these skills, producing on-brand content that requires minimal editing.
7. Security Hardening: Protecting Your Always-On Machine
Running an always-on, remotely accessible machine requires security diligence. Implement these measures:
Disable password authentication in SSH to prevent brute-force attacks:
sudo nano /etc/ssh/sshd_config Set these values: PasswordAuthentication no PermitRootLogin no Restart SSH sudo launchctl stop com.openssh.sshd sudo launchctl start com.openssh.sshd
Change the default SSH port from 22 to a non-standard port:
In /etc/ssh/sshd_config Port 2222
Remember to update your SSH client configuration accordingly.
Install Fail2Ban to block IPs with repeated failed login attempts:
brew install fail2ban sudo fail2ban-client start
Configure your firewall to restrict access:
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on
Enable Two-Factor Authentication for your Tailscale or Twingate account. For Tailscale, enable MagicDNS and use ACLs to restrict which devices can access your Mac Mini.
What Undercode Say:
- Key Takeaway 1: The combination of Tailscale (zero-trust networking), tmux (persistent sessions), and Termius (mobile SSH client) creates a production-grade remote development environment that works from anywhere. This isn’t a hack — it’s a legitimate architecture used by developers and marketers running millions in ad spend.
-
Key Takeaway 2: Anthropic’s official Remote Control feature eliminates the complexity of SSH tunneling and VPN configuration for most use cases. With a single command (
claude remote-control) and a QR code scan, you get full local environment access — filesystem, MCP servers, tools, and project configuration — all without opening any inbound ports.
Analysis: The shift toward mobile-first AI development represents a fundamental change in how knowledge workers interact with automation. Caleb Kruse’s setup — running ad campaigns, writing posts, generating thumbnails, and formatting courses from bed — demonstrates that the bottleneck is no longer technical capability but rather the interface between human intent and machine execution. The ecosystem is rapidly maturing: official tools (Remote Control), community projects (claude-mobile-setup, vibe-coding-setup, remote-claude), and specialized MCP servers for ad platforms are all converging to make remote AI work seamless. Security concerns remain valid, but solutions like Tailscale, Twingate, and Anthropic’s own TLS-encrypted channel provide enterprise-grade protection without compromising accessibility. The real question isn’t whether this works — it’s whether your workflow can afford not to adopt it.
Prediction:
+1 The democratization of remote AI agents will accelerate by 300% over the next 18 months as official tools like Claude Code Remote Control mature and third-party ecosystems expand. Expect to see dedicated mobile apps purpose-built for AI agent interaction, replacing generic SSH clients.
+1 The “always-on Mac Mini” pattern will become the standard deployment model for solo founders, creators, and small teams, effectively creating a new category of “personal AI infrastructure” that competes with cloud-based solutions on cost and data sovereignty.
-1 Security incidents involving misconfigured remote AI hosts will rise sharply in 2026-2027. The convenience of SSH access from anywhere will tempt users to skip essential hardening steps — disabling password auth, changing default ports, and implementing proper access controls.
+1 MCP server ecosystems for advertising platforms (Google, Meta, TikTok, LinkedIn, Spotify) will explode, enabling natural language campaign management that reduces the need for dedicated ad operations teams. This will lower the barrier to entry for small businesses while increasing the leverage of skilled operators.
-1 The “productivity from bed” trend may paradoxically increase burnout as the boundary between work and personal time dissolves entirely. The ability to run ad campaigns before getting out of bed is powerful — but it also means never truly disconnecting.
▶️ Related Video (66% Match):
🎯Let’s Practice For Free:
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
IT/Security Reporter URL:
Reported By: Calebkrusemedia Media – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅
