12 releases (4 breaking)
Uses new Rust 2024
| 0.5.1 | Mar 31, 2025 |
|---|---|
| 0.5.0 | Mar 23, 2025 |
| 0.4.0 | Feb 11, 2025 |
| 0.3.2 | Jan 12, 2025 |
| 0.1.2 | Nov 27, 2024 |
#1426 in Network programming
257 downloads per month
470KB
10K
SLoC
Sandhole
Expose HTTP/SSH/TCP services through SSH port forwarding. A self-hosted ngrok / Cloudflare Tunnels / localhost.run alternative.
Check out the Sandhole book for a full guide.
Features
- Reverse proxy that just works with an OpenSSH client. No extra software required!
- Automatic HTTPS support (with Agnos and ACME), including HTTP/2 support.
- Easily load-balance by pointing multiple services to the same domain/port.
- Bring your own custom domains and authorize them via DNS records.
- Random subdomain assignment by default, with options for deterministic assignment.
- Option to connect with SSH via the HTTPS port, if your network blocks outbound connections to SSH ports.
- A terminal-based admin interface to view and manage current connections.
- Written in Rust, with comprehensive testing of most features.
Status
Sandhole is in active development. Contributions are welcome, but try it in production at your own risk.
Some alternatives
- sish - Main inspiration for this project. Written in Golang.
- rlt - Uses localtunnel's protocol instead of SSH. Written in Rust.
- rathole - A highly configurable reverse proxy with NAT traversal and a great name. Written in Rust.
- sshuttle - A smarter proxy service, also based on SSH. Written in Python.
Dependencies
~110–150MB
~3.5M SLoC