Lib.rs

Network programming
#ssh #proxy #service #port #expose #forwarding #connection

bin+lib sandhole

Expose HTTP/SSH/TCP services through SSH port forwarding

Owned by EpicEric.

4 releases

new 0.1.4 Dec 3, 2024
0.1.2 Nov 27, 2024
0.1.1 Nov 26, 2024
0.1.0 Nov 25, 2024

#1526 in Network programming

Download history 402/week @ 2024-11-25

402 downloads per month

MIT license

195KB
5K SLoC

sandhole

GitHub Actions workflow status crates.io version GitHub license

Expose HTTP/SSH/TCP services through SSH port forwarding.

Check out the Sandhole book.

Features

  • Reverse proxy that only requires your services to have a regular SSH client.
  • Automatic HTTPS support (with dnsrobocert and/or ACME).
  • Random subdomain assignment by default, with options for deterministic assignment.
  • Easily balance load by pointing multiple services to the same domain/port.
  • Authorize keys for custom domains with DNS, via TXT records.
  • A terminal-based admin interface to view current connections.
  • Written in Rust, with comprehensive testing of most features.

Status

This is still in early development. Contributions are welcome, but try it in production at your own risk.

Alternatives

  • sish - My favorite one. Written in Golang.
  • rlt - Uses own protocol instead of SSH. Written in Rust.
  • sshuttle - A smarter proxy service, also based on SSH. Written in Python.

Dependencies

~95–135MB
~3M SLoC