Lib.rs

Network programming
#ssh #proxy #service #port #expose #forwarding #connection

bin+lib sandhole

Expose HTTP/SSH/TCP services through SSH port forwarding

Owned by EpicEric.

3 releases

new 0.1.2 Nov 27, 2024
0.1.1 Nov 26, 2024
0.1.0 Nov 25, 2024

#1596 in Network programming

Download history 146/week @ 2024-11-20

156 downloads per month

MIT license

190KB
4.5K SLoC

sandhole

GitHub Actions workflow status crates.io version GitHub license

Expose HTTP/SSH/TCP services through SSH port forwarding.

Check out the Sandhole book.

Features

  • Reverse proxy that only requires your services to have a regular SSH client.
  • Automatic HTTPS support (with dnsrobocert and/or ACME).
  • Random subdomain assignment by default, with options for deterministic assignment.
  • Easily balance load by pointing multiple services to the same domain/port.
  • Authorize keys for custom domains with DNS, via TXT records.
  • A terminal-based admin interface to view current connections.
  • Written in Rust, with comprehensive testing of most features.

Status

This is still in early development. Contributions are welcome, but try it in production at your own risk.

Alternatives

  • sish - My favorite one. Written in Golang.
  • rlt - Uses own protocol instead of SSH. Written in Rust.
  • localhost.run - Free but closed-source, no self-hosting option.
  • Serveo - Free but closed-source, no self-hosting option. Frequently goes offline.

Beware that not self-hosting your reverse proxy allows others to spy on your traffic!

Dependencies

~96–135MB
~3M SLoC