Weaponise Your Flipper Zero: Remote Control from Anywhere

**SKULLBOT NOT INCLUDED**

Introduction

Most people treat their Flipper Zero like a shiny toy. They plug it in, mess around with Sub-GHz and NFC for a few hours, then toss it back in the drawer until the next conference or engagement.

That’s cute.

But if you’re actually doing red team work the kind where you don’t get to waltz back on-site whenever you feel like it leaving your hardware sitting idle is a waste. The Flipper is already one of the best portable tools for physical access testing. The real problem? It was never built to be controlled from anywhere else.

That’s where things get interesting.

In this guide, we’re going to turn your Flipper Zero into something far more useful: a remotely accessible asset. We’ll walk through how to set up proper remote control over SSH using a tool called fztea. No cloud dashboards. No vendor B.S. Just your Flipper, a host machine, and the ability to reach out and touch it whenever you need to.

If you’re the type who likes their tools working even when you’re not physically there… keep reading.

Prerequisites

Before starting, ensure you have the following:

• A Flipper Zero

• A host machine (Linux recommended, laptop, mini PC, or Raspberry Pi)

• USB-C data cable (not just charging)

• Basic familiarity with Linux terminal and SSH

• Go installed (for easiest installation method)

Step 1: Install fztea

On your host machine, install fztea:

# Recommended method
go install github.com/jon4hz/fztea@latest

Alternative installation methods:

# macOS / Linux (Homebrew)
brew install jon4hz/homebrew-tap/fztea

# Arch Linux
yay -S fztea-bin

Verify the installation:

fztea --help

Step 2: Fix Serial Port Permissions (Linux)

By default, your user may not have permission to access the serial port. This is one of the most common issues.

Add your user to the dialout group:

sudo usermod -aG dialout $USER

Log out and log back in (or reboot) for the change to take effect.

You can verify group membership with:

groups $USER      

Step 3: Start the fztea SSH Server

This is the most important step for remote access.

Run the following command on the machine physically connected to the Flipper Zero:

fztea server -l 0.0.0.0:2222

Important notes:

• Using 0.0.0.0 allows connections from other machines on the network.

• The default (127.0.0.1) will only allow local connections and will result in “Connection refused” errors.

• For better security, use SSH key authentication:

fztea server -l 0.0.0.0:2222 -k ~/.ssh/authorized_keys

Step 4: Connect Remotely

From any machine on the network (or over VPN), connect using:

ssh user@host-ip -p 2222

Example:

ssh pentester@192.168.0.245 -p 2222

Once connected, you should see the Flipper Zero’s screen rendered in your terminal and be able to control it using your keyboard.

Step 5: Make the Service Persistent (Recommended)

Running fztea in a regular terminal session is not practical for ongoing use. Use tmux to keep the server running in the background.

# Install tmux if needed
sudo apt install tmux

# Start a new tmux session
tmux new -s flipper

# Inside the session, start fztea
fztea server -l 0.0.0.0:2222 -k ~/.ssh/authorized_keys

# Detach from tmux: Ctrl + B, then press D

To reattach later:

tmux attach -t flipper

Security Recommendations

Let’s be honest giving remote access to something that can replay door codes and mess with wireless systems is a terrible idea if you’re careless.

Here’s how to not shoot yourself in the foot:

• Use SSH keys only. Password authentication is for people who enjoy getting owned. Disable it.

• Never expose this directly to the internet. Put it behind a VPN (WireGuard or Tailscale). If you’re lazy and just forward port 2222, you deserve whatever happens next.

• Restrict access. Even over a VPN, don’t let every device on the network talk to it. Lock it down with firewall rules.

• Harden the host. Keep the machine updated. Don’t run random crap on it. Treat it like the gateway it is.

• Run it as a low-privilege user if possible. No need to give fztea root just because you can.

  
  

The Flipper itself is already powerful enough. Don’t make the host machine the weak link that gets you caught or burned.

Recommended Architecture

If you’re going to do this properly (and not half-ass it), here’s how it should look:

• Use a dedicated, always-on device something like a Raspberry Pi 4/5 or a small mini PC.

• Plug the Flipper Zero into it via USB and leave it there.

• Run fztea inside a tmux session so it keeps running even if the terminal closes.

• Access should only happen through a VPN. No direct port forwarding. No “I’ll just open it for a minute.” That minute usually turns into a permanent mistake.

• Use SSH keys for authentication.

• Keep the host machine minimal and updated.

• Think of this setup as a quiet little outpost not something you want lighting up logs or drawing attention.

Done right, it becomes a reliable, low-maintenance way to keep interacting with your hardware even when you’re not physically on site. Done wrong, it becomes evidence.

Conclusion

At the end of the day, the Flipper Zero is still just a clever little device with a CC1101 and some antennas. It doesn’t become dangerous on its own.

What makes it dangerous is what you do with it and how long you can keep doing it.

Remote access turns a short window of physical access into something much more persistent. It lets you keep testing, triggering, and observing long after you’ve left the building. That’s the real value here.

Just don’t be an idiot about it.

Run it behind a VPN. Use key-based authentication. Don’t expose it to the internet like some script kiddie. The same device that can open doors and replay signals can also become a liability if you get sloppy.

Do it right, and your Flipper stops being a toy you carry around.

It becomes something that keeps working for you even when you’re not there.