SSH into private machines from anywhere using Cloudflare Tunnel

1. perakojotgenije ◴[10 Feb 22 12:31 UTC] No.30285198[source]▶

shameless self-promotion: https://sshreach.me

We have a ssh reverse-forwarding based solution. And unlike the Cloudflare solution you don't need to "give the keys of your house" (as someone here commented) to reach your private machines.

You can remotely open and close the tunnels through our web interface or our web API.

Plus, we have web API-based automated deployment solution if you have many clients.

replies(2): >>30285472 #>>30295186 #

2. op00to ◴[10 Feb 22 13:05 UTC] No.30285472[source]▶

>>30285198 (TP) #

“Your server creates a forwarding ssh tunnel to one of our publicly visible forwarding servers” seems like a huge risk for somebody else to own these “forwarding servers”. Worse than giving keys to your house? I dunno.

replies(1): >>30288892 #

3. perakojotgenije ◴[10 Feb 22 16:49 UTC] No.30288892[source]▶

>>30285472 #

Your internal computer is still protected by password and/or public/private key-pairs, so even when the tunnel is open nobody can enter your computer without having those.

It is _your_ computer that makes connection to our servers, so you are in control of everything and there is literally nothing on our forwarding servers that would allow anybody to enter your computer.

4. Jenda_ ◴[11 Feb 22 00:41 UTC] No.30295186[source]▶

>>30285198 (TP) #

This seems to be a cool service, I was actually thinking of creating something similar (but was deterred by the hassle of setting up billing and user management apart from the interesting technical stuff). I sometimes get asked by someone not owning a server/account they can use for ssh -R 0.0.0.0:1234:localhost:22, who are behind NAT and need to publish some service on the internet.

Why is the traffic rather limited? You seem to be hosting it on Linode and they offer like $5/TB traffic, I think you could easily offer several times more traffic, at least with the bigger plans.