Android setup — analysis, alternatives & what we left out

Part 1

The steps, re-examined

The guide makes one big call: a phone is a chat device and a remote control, not a workstation. Here's the reasoning and the roads not taken.

Apps + Termux — the two paths

We chose: the official chat apps as the easy path, with Termux as the optional power path.

Why: for most people the official Claude, ChatGPT, and Gemini apps cover all the casual use a phone is good for. Termux is a real Linux terminal, but it's an advanced detour.

Alternatives worth knowing

Termux from F-Droid vs. its GitHub releases — both are fine; the Google Play Store version is outdated and broken, so avoid it. F-Droid (f-droid.org) is the easiest trustworthy source.
UserLAnd or Andronix — if you want a fuller Linux distribution (Ubuntu/Debian) on the phone rather than Termux's lean environment, these set one up for you.
The official apps cover most casual use — Claude, ChatGPT, and Gemini in your pocket handle the vast majority of on-the-go AI without any terminal at all.

⌨️The honest note: running coding agents locally on a phone is impractical — battery drain, heat, and a cramped on-screen keyboard fight you the whole way. The phone's real role is chat + remote control, not local compute.

2–4 + ✦

The agents (Claude Code · Codex · Gemini · Hermes)

We chose: show them as the Termux-advanced path, while steering you toward running them on a real machine over Tailscale.

Why: the same npm/pip installs work in Termux, so the steps are consistent with the other OS guides — but on a phone they're a demonstration of what's possible, not the recommended daily workflow.

Alternatives & notes (May 2026)

SSH into a real computer instead. The strongly preferred path on a phone: use an SSH client to reach a PC, Mac, or droplet that already has the agents, and run them there with a real keyboard and real power.
SSH clients: ConnectBot (free, open-source), JuiceSSH (polished, popular), or just Termux's built-in ssh — any of them turns the phone into a window onto your real machine.
Claude Code now runs on Opus 4.7 and Codex got a GPT-5.5 refresh — but you'll feel the difference far more on a keyboard than on glass.

Tailscale — the network (the real point of a phone)

We chose: Tailscale, signed-in with one account across devices.

Alternatives

ZeroTier and Netbird — open-source mesh-VPN competitors; Netbird is self-hostable end to end.
Raw WireGuard — maximum control, much more manual, and fiddly on a phone.
We didn't cover Tailscale ACLs in the guide — they're how you stop, say, a lost phone from reaching your Ollama. Covered in Security below, where on a phone key expiry matters most of all.

Ollama — used remotely, never hosted on the phone

We chose: point the phone at an Ollama running on a real machine over Tailscale, never host one on the phone.

Alternatives & notes

There is no good "Ollama on a phone." Phones lack the memory and speed to run useful local models; the right pattern is a beefier machine hosting the model and the phone as a thin front-end.
Chat apps with a custom server URL — several Android chat front-ends let you point at http://your-machine:11434 over Tailscale, giving you a clean UI instead of curl in Termux.
GPU matters most on the host: whatever machine actually runs Ollama wants an NVIDIA card or Apple Silicon — see the Windows and Mac guides for that side.

Optional · editing on a phone

The editor route — edit code from the phone, never on it

A phone isn't a workstation, and VS Code doesn't exist on Android in the form you'd want — there's no real "install VS Code" path. But the editor question doesn't go away: sometimes you're on the couch, on a plane, or away from your desk and a one-line patch needs to ship. The honest editor route on Android is drive an editor that lives somewhere else: in your laptop, your NAS, a browser tab, or GitHub's cloud. Here's how each option actually works, with the tradeoffs you'd find out the hard way.

The four real paths on a phone

Path A — SSH into a real machine, edit there. Already the spine of the guide: Termux + ConnectBot/JuiceSSH into a PC, Mac, or droplet, then use nano, vim, or the agent CLIs directly. No graphical editor on the phone, just a window into one that already runs elsewhere.
Path B — vscode.dev in Chrome. Open https://vscode.dev in Chrome on the phone. You get a real-feeling VS Code in a browser tab; you can sign in with GitHub and edit any of your repos. Limitations: no terminal, no extensions that need a runtime, ephemeral state.
Path C — GitHub Codespaces in Chrome. A full VS Code with a real Linux machine behind it, running in GitHub's cloud, all in a browser tab. Has a terminal, runs extensions properly (including Copilot/Cline), persists between sessions. Bills per minute when active.
Path D — code-server on your own NAS or droplet. Run linuxserver/code-server on a machine you already own (covered in the Synology and Linux analyses), reach it over Tailscale from Chrome on the phone. You control the box and the bill; the phone is just a screen.

Local editor options on the phone (for completeness)

Acode — a free Android code editor with syntax highlighting and a built-in terminal. Decent for one-file fixes; not a serious development environment.
Termux + nano / vim / micro — the closest thing to a "local editor" that's actually useful. Pair it with a Bluetooth keyboard and a small Android tablet and you have a barely-real Linux setup.
The AI-agent CLIs in Termux — Claude Code, Codex, Gemini, Hermes all can install in Termux (npm/pip work there), but as Step 2–4 says, this is a demo of what's possible, not a daily driver. Use them remotely, on a real machine.

If you're going to do this seriously: the kit

A Bluetooth keyboard. The single biggest comfort upgrade — typing on glass is what makes phone editing actively painful. Folding keyboards (Keychron, Logitech Keys-To-Go) fit in a bag.
A larger phone or small tablet. A 6.7"+ Android phone or a Pixel Tablet makes Path B/C/D usable; a 5" phone makes them theoretical.
Tailscale on the phone — already in the guide, but doubly important for Path D so you can reach your code-server without exposing it to the open internet.
Chrome's "Add to Home Screen" for vscode.dev or your code-server URL — makes it feel like a real app, full-screen, one tap.

AI in the browser-based editors (Paths B/C/D)

GitHub Copilot works inside Codespaces and vscode.dev with a subscription — the smoothest in-browser AI experience on a phone.
Claude Code, Cline, Continue work in code-server (Path D) because that's a full VS Code; they generally do not work in vscode.dev (Path B), which is the sandboxed web build.
The agent runs where the editor runs — in Codespaces, the agent is in the cloud; in code-server on your NAS, the agent is on your NAS. The phone is just the view.

Pros — what the editor route gives you on Android

One-handed code review. Diff a PR, scan an agent's changes, approve or reject — all from the phone. The phone is great at reading code.
"Emergency edits" become possible. A typo in a config file, a stuck deploy — you can fix it from a coffee shop without your laptop.
Codespaces and code-server are real editors — extensions, terminal, agent included. Not toys.
Tailscale + code-server is private — your code never touches GitHub or the open internet.
Nothing to install for Paths B/C — just a Chrome tab.

Cons — what it costs you

The screen is small. No editor design fixes this. Expect to do small things well, not big things at all.
Browser quirks. Chrome on Android handles browser-based VS Code better than Firefox; some keyboard shortcuts clash with Android system shortcuts; copy-paste in long terminals can misbehave.
Codespaces bills by the minute. Easy to leave a session running and watch the meter — set Codespaces' "auto-stop after 30 min idle" before relying on it.
Latency. Cellular adds round-trip lag to every keystroke in browser-based editors. On Wi-Fi it's fine; on a train it's frustrating.
Battery and heat. A long Codespaces or code-server session in Chrome is a sustained-CPU job — your phone will warm up and drain faster than chat would.
No real local-AI option. A phone can't host an Ollama model the agent could use; everything happens in the cloud or on a remote machine.

When to pick which

Read-only / quick PR review: vscode.dev in Chrome. Zero setup, perfect for "what changed?"
One-shot fix on the road: SSH into your real machine via Termux + ConnectBot, edit with nano or vim. Fastest, no browser involved.
Genuine work session from a phone or small tablet: Codespaces in Chrome with a Bluetooth keyboard. Real editor, real AI. Watch the bill.
Privacy-preserving editor on the road: code-server on your NAS, reached over Tailscale from Chrome. No third party in the loop.
Don't bother: trying to install VS Code "natively" on Android, or running an LLM locally on the phone. Neither path leads anywhere good.

📱The honest take: a phone is for reviewing and triggering, not authoring. The editor route on Android exists so you can fix the broken thing from the airport — not so you can spend an afternoon refactoring on a 6" screen. Carry a folding keyboard if you actually want to type; pair it with Codespaces or your own code-server for the rare real-work session.

Part 2

What we left out — and why

The guide is deliberately a clean spine: apps, an optional Termux detour, Tailscale, and a remote Ollama. That clarity has a cost — real omissions. Here they are, honestly, with the reason each was cut.

Left out	What it is	Why it was cut
Hermes Agent	Nous Research's self-improving, model-agnostic coding agent	Genuinely an oversight in v1 — it's newer and niche. Now added as the bonus agent. A good reminder that "the big three" isn't the whole field.
A dedicated SSH client	ConnectBot / JuiceSSH — a polished app just for reaching other machines	We leaned on Termux's built-in `ssh` to keep the app count down. A dedicated client is friendlier if you live on remote machines.
A hardware keyboard	A small Bluetooth or USB-C keyboard for the phone or tablet	Not a download, so it didn't fit the steps — but it's the single biggest upgrade if you ever want to do real work on the device instead of just chatting.
MCP servers	The standard plugs that connect agents to your files, GitHub, browser, data	The biggest conceptual omission, but it belongs on the machine the agent actually runs on — for a phone, that's the remote box, not the handset (see the tool map).
Biometric lock on the AI apps	Requiring face/fingerprint to open Claude, ChatGPT, etc.	Assumed, not taught. On a device you carry everywhere it should be on — covered in Security.
Local model hosting	Running Ollama or similar on the phone itself	Cut because it simply isn't viable — phones lack the memory and thermal headroom. The honest answer is "use a remote model," not "host one here."

🧭The pattern: a phone is a great front-end and a poor workstation. Everything we cut is either something that belongs on the real machine (MCP, local models, serious agent work) or a comfort upgrade (a real keyboard, a dedicated SSH client). This analysis page is where that depth lives.

Part 3 · what the AI crowd is actually using

Trending & cool — tools worth a look

Scanning the developer conversation on X and GitHub in May 2026, here's what's hot that the guide doesn't yet mention. On a phone, you'll mostly meet these tools by reaching a real machine over Tailscale and running them there — not by running them locally.

OpenCode

The open-source CLI agent everyone's talking about — 150K+ stars, ~6.5M monthly devs. LSP integration, multiple parallel sessions, shareable session links. The strongest "free, bring-your-own-model" alternative to Claude Code.

Warp 2.0

A terminal that's also an agent cockpit — runs Claude Code, Codex, and others in one windowed UI with panes. Nice on the desktop you SSH into.

Goose · OpenHands

Goose (from Block) and OpenHands are open-source autonomous agents that take a goal and run a long multi-step job. The frontier of "set it and walk away."

GitHub Spec Kit

93K+ stars. A "spec-driven development" workflow that teaches any agent (Claude Code, Copilot, Gemini, etc.) to plan before it codes. Tessl and Kiro play in the same space.

MCP servers

The plug-ins that matter: chrome-devtools-mcp (let an agent drive Chrome), filesystem, GitHub, database connectors. This is the fastest-moving, highest-leverage area right now.

Qwen 3.6-Plus (local)

An agentic open model with a 1M-token context and MCP-native tool use — a serious local option for the Ollama running on your desktop, reachable from the phone.

⚖️Why these aren't in the main guide: they're powerful but move fast, need more setup, or assume comfort with the basics — and they belong on the machine you SSH into, not the handset. The guide's job is to get you to "it works." This list is your "now go further." Honorable mentions from the same conversation: Amazon Q Developer CLI, Sourcegraph Amp, Qwen Code, Crush, Plandex, Kimi CLI, Aider, Cline.

Part 4 · the next wave

Getting ready for Mythos

Mythos is Anthropic's first model specialized for one domain: defensive cybersecurity. Announced April 7 2026 as the engine of Project Glasswing, it has already found a 27-year-old vulnerability in OpenBSD and bugs in FFmpeg. It is invitation-only ($25 / $125 per million tokens), shipped to 12 founding orgs and 40+ critical-infrastructure partners — not a download. Full briefing →

A phone is never where a Mythos-class tool runs — it's a remote and monitoring endpoint for security work happening on your real machines. So "getting ready" means preparing those machines so that when domain-specialized models open up, your phone can keep an eye on the results:

Get on MCP now — on your real machines. Specialized models reach your code and infrastructure through MCP. The phone is where you'll review and approve, not where the plumbing lives.
Have your code in Git, reachable over Tailscale. A security model is only useful pointed at your systems. Repos in Git + machines on your tailnet = ready to analyze, and a phone on the same tailnet can monitor from anywhere.
Tighten your own security first (Part 5). The irony: you can't safely run a vulnerability-finding model on a sloppy fleet — and a lost phone is the sloppiest link of all. Hardening is the prerequisite, not the reward.
Keep a clean Anthropic account & current Claude apps. Access to new models lands through the same account and tooling you already use.
Watch Glasswing. If you run anything critical (a business, rentals, client sites), the initiative is where defensive tooling will surface first — and your phone is a fine place to get the alert.

🔭Honest take: as an individual you won't get Mythos itself soon, and never on a phone. What you can do is build the habits — MCP, Git, a private network, hardened machines — that make any future specialized model immediately useful, with the phone as the remote that keeps watch (see the tool map).

Part 5 · don't skip this

Securing the install — the part most guides skip

A phone running AI apps and reaching into your private network is powerful — and unlike a desktop, it lives in your pocket and can be lost or stolen in a second. Here's how to keep it from biting you — phone specifics first, then universal rules.

⚠Real incident (Feb 2026): Check Point Research disclosed that a malicious config could redirect Claude Code's traffic via the ANTHROPIC_BASE_URL setting and exfiltrate your API key in plaintext. Anthropic patched it before disclosure — the lesson stands: keep Claude Code updated, install only from official sources, and be suspicious of any config that reroutes where a tool "phones home."

The phone gets lost — plan for it

A screen lock + biometrics are non-negotiable. A device you carry everywhere is the one most likely to walk off. A strong PIN/passcode plus face or fingerprint unlock is the floor, not a nicety.
Turn on biometric lock for the AI apps themselves where they offer it, so a found phone can't open Claude or ChatGPT even if the screen is unlocked.
Tailscale key expiry matters most here. A lost phone should drop off the tailnet. Set key expiry in the admin console so a stolen device loses network access on its own, and revoke it immediately if it goes missing.
Review app permissions — location, microphone, files, contacts. Grant only what each app needs; a phone hands out far more sensors than a desktop.

Protect your keys & logins

Keys never get stored on a phone you might lose. Prefer the official apps' login flows (no key on disk) over pasting an API key into Termux. Anthropic + GitHub run secret-scanning that auto-deactivates leaked Claude keys — helpful, but don't rely on it.
If you must use a key on the phone, treat it as disposable: a short-lived, low-scope key you can rotate the instant the device goes missing — never your main one.
Give helpers their own keys and logins, never yours.

Supply chain (where the apps come from)

Only F-Droid or official app stores. Install Termux from F-Droid or its GitHub releases, and the AI/Tailscale apps from the official Play Store. Don't sideload Termux from random mirrors — a tampered build sees everything you type.
npm install -g and pip install in Termux run other people's code. Only use the exact official sources in the guide; don't paste install one-liners from random blog posts or X replies.
Keep apps and Termux packages updated (pkg upgrade); most fixes ship fast.

Network hygiene

Use cellular or trusted Wi-Fi for anything sensitive — open café/airport Wi-Fi is exactly where a phone is most exposed.
Tailscale ACLs: in the admin console, restrict what the phone can reach — it rarely needs to touch everything on the tailnet. Combined with key expiry, this contains the damage if the device is lost.

Using a remote Ollama safely

There's no Ollama on the phone — so the security question is using a remote one safely. The machine hosting it should set OLLAMA_HOST=0.0.0.0:11434 only behind Tailscale, never on a public IP or open Wi-Fi; there's no password on Ollama by default.
From the phone, reach that model over Tailscale by its tailnet name, never by exposing port 11434 to the internet. ACLs on the host decide that the phone — and only the phone — may talk to it.

✓ Good shape when: screen lock + biometrics are on, the AI apps require biometric unlock, no real keys live on the phone, Tailscale has key expiry + ACLs so a lost phone drops off, permissions are trimmed, and you only install from F-Droid/official stores. That's a phone you can carry into the world without flinching.

The Android setup, under the microscope.