I tested every IP KVM in my Homelab

Hardware
Infrastructure
Security
Open Source
Developer Tools

The post is a hands-on roundup of current IP KVM boxes, the small devices that let you remotely see a machine’s screen, send keyboard and mouse input, mount install media, and sometimes hit the power button. That matters most for homelabs, test rigs, Macs, laptops, and other hardware that lacks a built-in BMC. The writeup compares PiKVM, JetKVM, GL.iNet, Sipeed NanoKVM, TinyPilot, and a few others on price, form factor, ports, power options, and setup friction. The reaction landed in a pretty clear place. PiKVM came out as the expensive but trustworthy reference choice. JetKVM got praise for a clean software stack and good Tailscale support. Cheap options looked useful, but people were noticeably less confident in their engineering quality and security posture.

Several comments sharpened where these products are actually valuable. For rack servers, many people said the problem is mostly solved already with BMCs, iDRAC, iLO, IPMI, Redfish, or in some Intel systems vPro AMT. The catch is that those features are often missing on consumer gear, gated behind licenses, broken on old hardware, or awkward enough that an external KVM is still simpler. That made the practical use case less "every server should have one" and more "this is what you buy for weird hardware, remote labs, headless test setups, laptops, and machines whose built-in management you do not trust." The most concrete technical signal came from someone using PiKVMs in a robotics refurbishing workflow that drives BIOS menus automatically. They replaced GL.iNet units after low-level USB debugging showed the GL stack emitted a trailing zero-length packet that strict BIOS HID implementations rejected, while PiKVM behaved correctly. That fed a broader sentiment that small implementation details matter a lot here because these boxes must work in the weirdest part of the stack, before the OS boots and on machines with flaky firmware. People also called out omissions in the original review. BIOS-entry timing, boot-time latency, remote ISO mounting, and WAN performance are the failure modes that decide whether an IP KVM is genuinely useful, and several readers wanted more measurement there. A few firsthand reports backed that up, especially around JetKVM feeling sluggish despite good local networking. Security sat in the background of almost every hardware recommendation. Some readers said they distrust the cheaper vendors even without assuming malice, and several described isolating these boxes on an out-of-band VLAN with no Internet access and only reaching them through Tailscale. Older enterprise KVM gear from Raritan, Avocent, and Aten got respect for boring reliability, even if it lacks the hobbyist polish and modern software story of the newer devices. The practical conclusion was straightforward. If you want the thing that is most likely to work across ugly edge cases, PiKVM still owns that lane. If you value modern UX and remote connectivity, JetKVM is attractive but not yet universally trusted on performance or hardware revision clarity. If your hardware already has real out-of-band management, use that first.

If you need remote hands for consumer gear, Macs, laptops, or odd lab hardware, an external IP KVM is still a practical tool even when the price feels high. If you already run real server hardware, check your BMC, AMT, licensing, and power-restore options first before buying another box.

June 5, 2026
jeffgeerling.com
Discuss on HN

Discussion mood

Mostly positive about the category, but selective and skeptical. PiKVM drew the most confidence for reliability and engineering, JetKVM got interest for software and Tailscale, and the cheaper boxes triggered concern about security, firmware quality, and whether they hold up in BIOS-level edge cases.

Key insights

USB HID edge cases decide reliability

A real production use case exposed the kind of bug that separates a nice gadget from a dependable remote-control tool. In a laptop refurbishing workflow that automates BIOS navigation, GL.iNet reportedly emitted a trailing zero-length USB packet that some ThinkPad BIOS HID stacks treated as malformed, while PiKVM did not. That is a strong signal that pre-boot compatibility lives or dies on low-level protocol details you will never see on a spec sheet.

If your use case includes BIOS automation, reinstall flows, or mixed hardware fleets, test keyboard injection against the worst firmware you own before standardizing on a device. Treat USB behavior as a core buying criterion, not an implementation detail.

Attribution:

gregsadetsky #1 #2

Boot-time latency is the real test

What matters is not whether a device can show a desktop after the machine is already up. It is whether you can catch a one-second BIOS prompt, reboot remotely, and still have usable control when connecting over Tailscale or a bad hotel network. Several people said the roundup underplayed that, and one firsthand JetKVM report said the experience still felt sluggish even on a strong home network. That shifts the evaluation from feature list to timing under stress.

When you trial an IP KVM, test remote BIOS entry, cold boot, ISO mounting, and WAN access explicitly. A box that feels fine on a LAN after login can still fail the only moments you actually bought it for.

Attribution:

rendaw #1 #2
geerlingguy #1 #2
dchuk #1

External KVMs fill the gaps BMCs leave

Built-in remote management is better when you have it, but the gap between "supported in theory" and "usable in practice" is wide. Consumer hardware usually lacks BMCs entirely. Intel vPro AMT needs the right CPU, chipset, firmware enablement, and a careful security setup. Enterprise boards often gate full remote console or virtual media behind licenses, and older BMC firmware can be enough of a mess that people would rather ignore it. That is why IP KVMs persist even in environments that already own server gear.

Inventory your existing out-of-band options before buying hardware, but do not assume they will cover laptops, Macs, mini PCs, or old boards cleanly. Keep external KVMs in mind as the fallback for mixed fleets and edge hardware.

Attribution:

geerlingguy #1 #2
p_l #1
McGlockenshire #1
xnyan #1
kotaKat #1

The market is still fragmented and messy

The category looks mature from a distance, but buyers still run into clone ecosystems, silent hardware revisions, unclear naming, and add-on switches scattered across vendors. JetKVM revisions were hard to identify in retail channels. Many Pi-based boxes are effectively PiKVM derivatives with varying degrees of openness and upstream support. Multi-port control exists, but often as separate accessories or partially documented products. That makes procurement and long-term standardization harder than the glossy landing pages suggest.

Buy from vendors with clear versioning, active docs, and an upstream software story you can verify. If you need to scale past one machine, confirm switch support and management workflows before you commit to a fleet.

Attribution:

ectoloph #1
mwpmaybe #1
Zenbit_UX #1
geerlingguy #1 #2
js2 #1
teddyh #1
angelixd #1

People treat these like untrusted infrastructure

Even supporters of the cheaper devices described locking them onto isolated management networks, blocking Internet access, and using Tailscale as the access layer. That behavior says a lot. Buyers assume the attack surface is large, firmware quality is uneven, and recovery can be painful if you start flashing alternatives or experimenting with OpenBMC on adjacent hardware. Trust ends up being part product quality, part network architecture.

Deploy IP KVMs on a separate out-of-band network with least-privilege access from day one. Plan around containment, not trust, especially for low-cost boxes and cloud-connected features.

Attribution:

ectoloph #1
mwpmaybe #1
0xbadcafebee #1
xxpor #1
geerlingguy #1 #2
UncleOxidant #1
steele #1
syntaxing #1

Against the grain

Most people do not need one

For actual servers, this class of product often solves a problem you should not still have. Rack gear already ships with BMC-based remote management, and many outages can be handled with BIOS power-restore settings, Wake-on-LAN, a managed PDU, or plain in-band admin once the machine is up. Buying an external KVM for server-class hardware can be a sign you are compensating for the wrong design choice.

If your fleet is mostly standard servers, fix remote power and built-in management first. Save external KVMs for the machines that truly lack out-of-band control.

Attribution:

tcdent #1
wang_li #1
mrsilencedogood #1

Older enterprise KVMs may be the safer bet

The new hobbyist IP KVMs are not the only option, and not always the most dependable one. Longstanding vendors like Raritan, Avocent, Aten, and APC still have a reputation for hardware that survives in racks for years, and basic VGA capture gear can cover simpler monitoring needs cheaply. That is a reminder that the shiny single-port boxes are trading some maturity for flexibility and price.

If your priority is boring durability in a fixed rack, price out used or older enterprise KVM gear before defaulting to the newest maker-brand device. You may give up modern UX and still come out ahead operationally.

Attribution:

wowczarek #1
solareon #1

In plain english

BIOS ↩

Basic Input/Output System, the old PC firmware that initializes hardware and provides low-level services before the operating system takes over.

BMC ↩

Baseboard Management Controller, a dedicated chip on many servers that provides remote management even when the main system is off or crashed.

iDRAC ↩

Integrated Dell Remote Access Controller, Dell’s server remote-management system.

iLO ↩

Integrated Lights-Out, Hewlett Packard Enterprise’s server remote-management system.

IP KVM ↩

Internet Protocol Keyboard Video Mouse, a device that lets you remotely view a computer’s display and control its keyboard and mouse over a network.

IPMI ↩

Intelligent Platform Management Interface, a standard for out-of-band server monitoring and control.

KVM ↩

Kernel-based Virtual Machine, a Linux virtualization system for running virtual machines.

OpenBMC ↩

An open source firmware stack for server baseboard management controllers.

PDU ↩

Power Distribution Unit, a device that supplies and sometimes remotely controls power to multiple machines in a rack.

Redfish ↩

A modern web-based standard API for server and hardware management that often replaces older IPMI-style interfaces.

Tailscale ↩

A networking tool that creates a private mesh network between devices using WireGuard.

VLAN ↩

Virtual Local Area Network, a way to logically separate network traffic into isolated groups on the same physical network.

vPro AMT ↩

Intel Virtual Pro Active Management Technology, Intel firmware-based remote management features available on some business-oriented systems.

Wake-on-LAN ↩

A feature that lets a powered-down computer be turned on by a special network packet.

WAN ↩

Wide Area Network, a network connection over a long distance such as the public internet.

Reference links

Vendor and product references

PiKVM at Scale
Shows PiKVM multi-device management and switching, which came up repeatedly as a scaling option.
GL.iNet Comet
Referenced as a cheaper IP KVM option with acceptable real-world experience.
GL.iNet 4-port IP KVM
Mentioned as an upcoming integrated multi-port option.
Geekworm X680
Cited as a fully integrated multi-port PiKVM-style solution.
PiKVM Switch documentation
Points to PiKVM’s own multi-port switch hardware and scaling details.
BliSwitch v2 guide
Another switching option mentioned for managing multiple machines.
Raritan single-port IP KVM switch
Referenced as older enterprise gear with a reputation for reliability.
HP Anyware Remote System Controller
Example of a workstation-class built-in management module with Redfish and virtual media.

Management and remote access tools

MeshCommander
Suggested as an easy frontend for managing Intel AMT on vPro systems.
Digi Connect EZ terminal servers
Referenced as the older serial-console equivalent for large fleets before modern IP KVMs.

Security and debugging references

Cynthion
Used for low-level USB debugging that uncovered a HID compatibility issue between GL.iNet and PiKVM.
Tom's Hardware on NanoKVM security findings
Cited as a warning about hidden hardware and vulnerabilities in low-cost IP KVMs.
Ars Technica on IP KVM vulnerabilities
Broader security context for the category and a reason people isolate these devices on separate networks.
JetKVM issue 1158
Linked as evidence that an IPv6 display issue was known and not quickly fixed.