Lil' TCP / HTTP Tunnel over SSH
Lil' Tunnel is a simple CLI application for proxying TCP / HTTP requests over SSH.
TCP AND HTTP?!?
Yes. You and I both know that HTTP runs on top of TCP. By interacting at the HTTP
level liltunnel
can cache HTTP responses to disk. I find this pretty
handy when I need a quasi-offline mode. If you don't need this feature liltunnel
happily defaults to tcp
like any normal SSH tunnel.
CLI Args
Usage:
liltunnel --port-mapping 80:8080 --remote me@remote.example.com --identity ~/.ssh/liltunnel_rsa
Options:
-p, --port-mapping= local:remote or port. If remote is not specified local port is used
-r, --remote= username@remote.example.com or remote.example.com. If username is not specified the current $USER is used
-i, --identity= private key to be used when establishing a connection to the remote (default: ~/.ssh/id_rsa)
-o, --known-hosts= known hosts file (default: ~/.ssh/known_hosts)
-n, --protocol=[http|tcp] network protocol to use when tunneling (default: tcp)
-c, --http-cache HTTP only. Cache all succesful responses to GET requests to disk
-t, --http-cache-ttl= HTTP only. Expressed in seconds. Length of time to keep successful responses in cache. Defaults to 12 hours
-s, --http-cache-serve-stale HTTP only. Always return return a stale read from the cache. Handy if you need an offline mode
-v, --verbose
Help Options:
-h, --help Show this help message
Setup passwordless access to your server
Generate an SSH Key for liltunnel
MY_EMAIL=...
ssh-keygen -t rsa -b 4096 -C "$MY_EMAIL" -P "" -f ~/.ssh/liltunnel_rsa
Copy your public key to your server
In order to SSH with a public key you'll need to add ~/.ssh/liltunnel_rsa.pub
to
~/.ssh/authorized_keys
on your server
cat ~/.ssh/liltunnel_rsa.pub | pbcopy
# SSH into your server
ssh ...
# From your remote machine
mkdir -p ~/.ssh
# If authorized_keys does not exist run the following
touch authorized_keys
chmod 600 authorized_keys
# open authorized_keys with your favorite editor and paste your public key
# into the file.
Verify with liltunnel
Run the following command:
liltunnel --port 2009 --host your.host.example.com --ssh-key ~/.ssh/liltunnel_rsa
As a smoke test you can run something like the following, or run something else
that makes an HTTP request to 2009
curl -v http://localhost:2009
Usages
liltunnel --local-host-port 1080 \
--remote-host-port 1081 \
--remote-host-user-name root \
--remote-host-name the.best.example.com \
--ssh-key ~/.ssh/liltunnel_rsa \
--protocol-http \
--http-cache-responses
liltunnel -p 1080 -h example.com --protocol-http --http-cache-responses
liltunnel --port-mapping 1080:1080 --remotehost root@example.com
liltunnel -p 1080:1080 -h root@example.com -k ~/.ssh/liltunnel_rsa