Codex Remote: Control OpenAI Codex From Your Phone (2026)
Codex Remote reached general availability on June 25, 2026. It lets you drive a long-running OpenAI Codex coding session from the ChatGPT mobile app while the work runs on a Mac or Windows host you already own — or on a cloud machine you provision in one prompt. This guide covers the QR-pairing setup, the relay security model, a real mobile workflow, and the DigitalOcean plugin that spins up a remote workspace. It is about where you run Codex and how you steer it, not which model is best.

TL;DR + what you actually need
Codex Remote is not a phone-sized version of Codex. It is a remote control for the Codex that is already running on your computer. One r/ChatGPT writer put it exactly right: “It is not a smaller version of Codex on your phone. It is a remote control for the Codex that runs on your Mac or in the cloud.” Four things get you running:
- A host running the Codex App — the latest Codex desktop app for macOS or Windows, signed in, awake, and online. The code, shell, credentials, and plugins all stay here.
- The latest ChatGPT mobile app — on iOS or Android, signed into the same ChatGPT account and workspace as the host.
- A one-time QR pairing — scanned from the host’s screen, it binds that phone to that host through an authenticated relay. No open ports, no VPN.
- (Optional) the DigitalOcean plugin — if you would rather not tether your phone to a laptop that must stay awake, provision a cloud Droplet as the host instead.
The whole point: start a bug fix while you wait for coffee, make a decision mid-commute, and walk up to your desk with the work already moving. This post walks the setup, the trust model, and the honest limits — sourced to OpenAI’s docs, the Codex changelog, GitHub issues, and the r/codex community.
What Codex Remote is (one sentence)
Codex Remote is the feature that connects the ChatGPT mobile app to a Codex session running on a connected Mac or Windows host, so you can start, review, steer, and approve long-running coding work from your phone. OpenAI’s changelog states it plainly:
“Codex Remote has reached general availability. Use Codex from the ChatGPT mobile app to start or continue work on a connected Mac or Windows host, review progress, and approve actions from your phone.”
— OpenAI Codex changelog, June 25, 2026
The key mental shift: the intelligence and the execution live on the host. Your phone sends prompts, approvals, and follow-ups, and receives screenshots, terminal output, diffs, and test results in return. Nothing about your model choice changes — Codex Remote is a transport and control layer, not a model. If the question on your mind is which model to run, that is a different article; see the best AI coding model in 2026 and, for Codex versus Claude Code as a harness, Claude Code vs Codex CLI. This guide stays on the remote layer.
Why it exists: the Tailscale-and-SSH era
Before Codex Remote, controlling a coding agent away from your desk meant a hand-rolled rig. The feature request that kicked this off (openai/codex discussion #9200) describes exactly that: a developer running Codex headless on a desktop and reaching it through a Tailscale VPN plus SSH, wanting a proper mobile UI instead of a terminal on a phone screen. The thread filled with the same ask — one commenter wrote “This is MUST! I am on Claude Max 20. I want to switch to codex, but I use remote control all the time,” a blunt signal that a competitor’s remote control was pulling users away.
The status quo failed on three fronts: a raw SSH session is a poor approval surface (no clean way to review a diff and tap “yes”), it exposes a machine to the network, and it could not carry the App’s plugins, browser access, and session state. Codex Remote answers all three by keeping the host private behind a relay and shipping a real review UI to the phone.
The moving parts
Five named pieces. Learn these and the rest of the guide lands cleanly.
- Host — the machine where Codex actually runs: your Mac, a Windows PC, a Mac mini on your desk, or a cloud Droplet. Holds the repo, shell, credentials, plugins, and MCP servers.
- ChatGPT mobile app — the control surface. Sends prompts and approvals; renders the host’s live state.
- The relay — OpenAI’s secure layer that keeps the host reachable from your phone without exposing it to the public internet, and keeps session state synced across your signed-in devices.
- QR pairing — the one-time, authenticated handshake that binds one phone to one host.
- Workspace — the project/directory the session operates in, whether local on the host or on a connected remote (SSH or Droplet).
┌───────────────┐ secure relay ┌────────────────────┐
│ ChatGPT │ ····· no open ports ···· │ Codex App on your │
│ mobile app │ ── QR-paired session ──▶ │ Mac / Windows host│
│ (your phone) │ ◀─ screenshots, diffs ── │ (or a DO Droplet) │
└───────────────┘ └────────────────────┘
prompts, files, shell, creds,
approvals plugins, MCP, browserTakeaway: the arrow of trust runs through your ChatGPT account and the relay. The host never opens a port to the world. That is the whole security design in one diagram — and also where its one sharp edge lives, covered below.
Pair your phone to your host
The official flow is UI-driven — there is no config file to edit for the pairing itself. These steps are confirmed by OpenAI’s Remote connections docs.
- Update both apps. Latest Codex App on the host (macOS or Windows), latest ChatGPT app on the phone. Stale versions are the single most common pairing failure.
- On the host, start the flow. Open the Codex App, go to the sidebar, and choose Set up Codex mobile. It displays a QR code.
- Scan with your phone. The QR opens ChatGPT and begins the pairing handshake.
- Confirm and authenticate. Verify you are on the same ChatGPT account and workspace, then complete any MFA, SSO, or passkey step your workspace requires.
- Manage devices later from the host’s Settings → Connections, where paired phones and remote hosts are listed and can be revoked.
One durability note from the changelog: connections used since June 8, 2026 stayed paired through the GA rollout, but older inactive connections had to pair again. If a previously-working link went dead around late June, re-pairing is the fix, not a bug hunt. For a full reference on Codex as a client — config paths, MCP support, and the rest — see mcp.directory/clients/codex.
Security: QR pairing, the relay, and what actually flows
This is the section to read before you point your phone at anything real. Two design choices carry the trust model, and one gap is worth naming out loud.
The relay keeps the host off the public internet. OpenAI describes it directly: “Codex uses a secure relay layer that keeps trusted machines reachable across devices without exposing them directly to the public internet.” So unlike the old SSH-over-VPN approach, there is no listening port for an attacker to scan.
QR pairing binds one device to one host. The code encodes a session handshake specific to a single pairing attempt. Completing it requires a phone already signed into the same ChatGPT account and workspace, plus any configured MFA, SSO, or passkey. It is a physical-presence, one-time step, not a reusable secret.
The gap to understand
Your ChatGPT account is the trust boundary. One r/codex user asked the uncomfortable question directly: if someone gets into your ChatGPT account, can they open the Codex mobile app and run shell commands on your machine? Because there is no separate relay credential, the honest answer is that account security (strong password, MFA, session hygiene) is what stands between an attacker and your host. Treat your ChatGPT login like SSH keys.
There is a second half to the risk that has nothing to do with break-ins: an unattended agent with live credentials keeps working after you have forgotten it exists, so the dangerous state is the one you stopped watching. Teardown, not spin-up, is the real security story. Keep approval prompts on for anything destructive, and tear down cloud hosts when a job is done. What flows where:
| Stays on the host | Travels to your phone |
|---|---|
| Repository files & local documents | Prompts you type |
| Shell commands, credentials, permissions | Approvals & follow-ups |
| Plugins, MCP servers, skills, browser access | Screenshots, terminal output, diffs, test results |
If you run private MCP servers on the host, none of that traffic leaves the machine — the phone only sees rendered results. If you want the deeper pattern for reaching private servers from hosted AI clients, our OpenAI Secure MCP Tunnels guide covers the outbound-only relay idea in more depth.
A real mobile workflow, start to finish
Here is the flagship use case, drawn from OpenAI’s own stated examples and how the r/codex community actually runs it.
1. Kick it off before you leave. Standing in the coffee line, you open ChatGPT, pick your paired host, and type: “There is a bug where the export CSV button does nothing on Safari. Reproduce it, find the cause, and start a fix on a new branch.” Because Codex is running from your dev environment, it opens the relevant files, reproduces the issue in a browser, and runs tests — all on the host.
2. Unblock it mid-commute. Codex finds two viable fixes and needs a call it should not make alone. On your phone you read the tradeoff, tap the approach you want, and it keeps going in that direction.
3. Review at your desk. You sit down to a branch, a passing test, and a diff waiting for review — not a blank editor. The phone was the steering wheel; the host did the driving.
That “start it, steer it, review it” loop is the whole pitch, and OpenAI reports more than four million weekly Codex users for whom these small check-ins add up. The honest counterweight, in a moment.
Provision a cloud host: the DigitalOcean plugin
Controlling your laptop from your phone has one obvious catch: the laptop must stay awake and online. The DigitalOcean plugin, shipped alongside GA, removes that constraint by making a cloud Droplet the host. OpenAI Developers announced it directly:
You can now spin up a persistent cloud development environment in one prompt with the @DigitalOcean plugin for Codex.
— OpenAI Developers (@OpenAIDevs) June 25, 2026
It runs in your DigitalOcean account and keeps working when you step away.
The setup is doc-confirmed by DigitalOcean’s launch post and the plugin’s repository. It provisions a Droplet from the Codex Universal image, mints and configures an SSH key locally, and connects the machine to your Codex App — with no doctl CLI and no API tokens to paste.
- Install the plugin from the Codex plugin directory and connect your DigitalOcean account via OAuth. In DigitalOcean’s words, there are “no API tokens to create or paste.”
- Provision in one prompt. Ask Codex:
Codex creates the Droplet from the Codex template, generates and configures the SSH key, waits for provisioning, and returns a deeplink to finish connecting.@DigitalOcean create a new remote machine - Or connect an existing Droplet by its ID (found in the URL at
cloud.digitalocean.com/droplets/):@DigitalOcean connect <droplet id> - Register it as a host. The plugin’s own README is explicit that “there is no supported CLI to register a desktop remote SSH project in Codex” — you add it through Codex App → Settings → Connections → Add SSH Host, pick the alias, and choose the remote folder.
Once the Droplet is a connected host, pair your phone to it the same way you would a laptop, and steer it from anywhere. Greg Brockman flagged the same combination on launch day (“digital ocean for running a codex remote session”). One caveat with teeth: the Droplet is billed hourly until you delete it. A persistent environment that keeps working when you step away also keeps billing when you forget it — set a reminder to tear it down.
Remote SSH and enterprise environments
The DigitalOcean plugin is one path to a remote host; general Remote SSH is the broader one, and it went GA in the same release. The Codex desktop app now auto-detects hosts from your existing SSH configuration and lets you create projects and run threads inside those machines just like local ones. Once connected, those environments become reachable across your authorized ChatGPT devices through the same relay — so a managed devbox with approved dependencies and credentials can be steered from your phone.
OpenAI paired the GA with several team-scale updates:
- Programmatic access tokens — scoped credentials issued from ChatGPT workspace settings for CI pipelines and automations (Enterprise and Business plans).
- Hooks (GA) — run validators, scan prompts for secrets, log conversations, or customize behavior per repository.
- HIPAA-compliant use of Codex in local environments (CLI, IDE, App) for eligible ChatGPT Enterprise workspaces.
The through-line: Codex Remote is not just a solo-dev toy. It is positioned to sit on top of the managed, credentialed environments teams already run — with the phone as a universal approval surface.
What surprised us (and the gotchas to plan for)
We went in assuming this was a polished, one-tap feature. It mostly is on macOS — and rougher than expected around the edges, especially early Windows and networking. Each item below traces to a real report.
- We assumed Windows would “just work” at GA. The changelog covers a “Mac or Windows host,” but early Windows adopters hit friction: remote control was gated behind a
[features]flag inconfig.toml, and one widely-upvoted r/codex thread (“Easy Steps to Activate Codex Remote Control on Windows”) documented a workaround because the app would rewriteremote_control = trueout of the file on startup. This is an unofficial community fix, not a documented step. If you are on Windows and pairing fails, first confirm you are on the latest Codex App — and for MCP-server woes specifically, see our Codex MCP Windows fix guide. - Pairing can stick on “Waiting for desktop.” A detailed GitHub issue (#22851) traced this to the remote-control daemon not using the machine’s HTTP proxy, so the backend never saw the host as online even though the QR screen showed fine. If you are behind a corporate or local proxy, that mismatch is a prime suspect.
- Stale hosts can be hard to clear. Multiple issues (#23078) describe a removed device leaving a ghost host on mobile that blocks re-pairing. If a fresh QR scan does nothing, a stale server-side association may be the cause.
- The dopamine loop is real. Our favorite honest report: an r/codex user titled a post “Codex on mobile gave me what I wanted. Now I’m burnt out,” describing feeding the agent ideas nonstop from the couch while “my main project hasn’t moved in weeks.” Ubiquitous access is a productivity feature and a focus tax at the same time.
Community signal
The reception splits cleanly. On r/codex, the mood at launch was relief — “Finally!! New Codex in ChatGPT ios app!!” topped the subreddit — because the Tailscale-and-SSH era was genuinely tedious. The demand was documented for months in discussion #9200 before it shipped.
The skeptics are worth hearing too. The persistent-host worry is real: a cloud box keeps going on whatever wrong turn it took while you were away, and you cannot always just delete it and restart clean. An unattended agent on a persistent cloud box is more rope than a local session you watch. The counter is discipline — approvals on, hosts torn down — not more autonomy.
Who it’s for — and who should wait
Reach for Codex Remote if you:
- Already run Codex on a Mac or Windows machine and lose momentum every time you step away from it.
- Run long tasks (migrations, refactors, investigations) that need occasional decisions but not constant babysitting.
- Want a cloud host that keeps working independent of your laptop’s power state — the DigitalOcean path.
- Are on a team with managed SSH devboxes you want to steer from a phone.
Hold off, or keep it on a tight leash, if you:
- Are not comfortable that your ChatGPT account login is the gate to running commands on your machine.
- Work on Windows and cannot tolerate early-adopter friction with proxies or config rewrites.
- Tend to over-feed an always-available agent — be honest about the focus cost.
- Would let cloud Droplets pile up unmanaged; hourly billing punishes forgetfulness.
The verdict
Our take
Turn on Codex Remote if you already live in Codex and lose time every time you leave your desk — the QR-paired mobile control is the clean, no-VPN version of the Tailscale hack people built by hand, and the DigitalOcean plugin finally frees you from a laptop that has to stay awake. Set-up is a two-minute UI flow on macOS. Keep it on a leash if you are on Windows during the rough early days, if your ChatGPT account is not locked down with MFA, or if you know you will let a persistent cloud host run unattended and unbilled-out-of-mind. It is a genuinely useful control layer, not a license to stop reviewing.
Where this is heading
Codex Remote is one move in a broader shift: the developer workstation is decoupling from a single physical machine. When the host can be your laptop, a Mac mini, a managed devbox, or a Droplet — all steerable from one phone through one relay — the question stops being “where is my environment?” and becomes “which host should this thread run on?” The thread-handoff feature added in June (moving a session between local and remote hosts) points exactly there.
This does not change the model debate, and it is not meant to. Codex Remote is about reach and control; the substance of your agent is still the model and the harness. If you are weighing the harness itself, our Claude Code vs Codex CLI comparison is the place to go, and the best coding model breakdown covers the models. This layer just decides where you sit while the work happens.
Frequently asked questions
What is Codex Remote?
Codex Remote pairs the ChatGPT mobile app with a Mac or Windows host running the Codex App, so you can start, steer, and approve coding sessions from your phone. It reached general availability on June 25, 2026. The work still runs on the host — your phone is a control surface, not a second Codex.
How do I set up Codex Remote?
On the host machine, open the Codex App, go to the sidebar, and choose 'Set up Codex mobile' to show a QR code. Scan it with the ChatGPT mobile app, confirm you are on the same ChatGPT account and workspace, and complete any MFA or passkey step. Manage paired devices from the host's Settings, then Connections.
Is Codex Remote secure? Can someone hijack my computer if my phone is stolen?
Codex uses a secure relay so your host is never directly exposed to the internet, and pairing is a one-time QR handshake tied to your signed-in ChatGPT session. But your ChatGPT account is the real trust boundary — anyone who controls it, MFA included, can act as you. There is no separate relay credential, a gap Reddit users have flagged.
Does Codex Remote work on Windows, or only Mac?
Both. OpenAI's June 25, 2026 general-availability changelog entry explicitly covers a connected Mac or Windows host, and the docs confirm Remote Control supports Windows. Requirements are identical: the latest Codex App on the host, the latest ChatGPT mobile app, and both signed into the same account and workspace.
What does the DigitalOcean plugin actually do?
It provisions a DigitalOcean Droplet from a Codex-ready image, generates and configures an SSH key, and connects the new machine to your Codex App as a remote workspace — no doctl CLI or manual API tokens. Prompt it to create a machine, or connect an existing Droplet by ID. It is billed hourly by DigitalOcean until you delete it.
Do I need to keep my computer turned on?
Yes, if you are controlling a laptop — it must stay awake, online, and signed in, or your phone cannot reach it. The DigitalOcean plugin sidesteps this: the Droplet runs in the cloud independent of your laptop's power state, which is the whole point of provisioning one instead of using your desk machine.
Is Codex Remote free, or does it need a paid ChatGPT plan?
Codex in the ChatGPT mobile app rolled out broadly, including to Free and Go plans, per OpenAI's release notes. Remote Control runs on the same Codex access your ChatGPT plan already grants, and OpenAI has adjusted these tiers before, so check your plan's current entitlement in-app.
Glossary
- Codex Remote
- The GA feature (June 25, 2026) for controlling a host-run Codex session from the ChatGPT mobile app.
- Host
- The machine Codex runs on: a Mac, a Windows PC, or a cloud Droplet. Holds all code and credentials.
- Relay
- OpenAI's secure layer that connects phone to host without exposing the host to the public internet.
- QR pairing
- A one-time authenticated handshake, scanned from the host screen, that binds one phone to one host.
- Droplet
- A DigitalOcean virtual machine. The Codex plugin provisions one as a cloud host, billed hourly.
- Remote SSH
- GA feature letting the Codex desktop app detect SSH hosts and run projects inside them.
- Workspace
- The ChatGPT account context (personal or team) both devices must share to pair.
- Thread handoff
- Moving an in-progress Codex conversation between a local and a remote host.
Sources
- Primary — Codex changelog, GA entry: developers.openai.com/codex/changelog (“Codex Remote reaches general availability,” June 25, 2026)
- Primary — setup and troubleshooting: developers.openai.com/codex/remote-connections
- Primary — OpenAI announcement: “Work with Codex from anywhere” (relay, examples, availability)
- Primary — DigitalOcean plugin: “Run Codex in the cloud” · github.com/digitalocean/CodexPlugin
- Community — first-party X post: @OpenAIDevs on the DigitalOcean plugin · @gdb, June 25 2026
- Community — the feature request that started it: openai/codex discussion #9200
- Community — r/codex threads: “Easy Steps to Activate Codex Remote Control on Windows” · “Now I’m burnt out” · account-security question
- Community — behavior bugs: proxy pairing #22851, stale host #23078
- Related MCP.Directory guides: Claude Code vs Codex CLI · Best AI coding model 2026 · Codex client reference
Comparison
Claude Code vs Codex CLI — the harness question
ReadFix guide
Codex MCP not working on Windows? Every fix
ReadClient
Codex — MCP client reference
OpenFound an issue?
If something here has drifted — Windows pairing smoothing out, plan availability shifting, a new host provider plugin — email [email protected] or read more on our about page. We keep these guides current.