Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
Go to file
Alex Tomlins 0e99adc5d1 Fix potential deadlock condition in nft_get_handle
This was susceptible to the same deadlock issue that ipt_chain_exists
had and was fixed in d43db80 where if the command returned a significant
amount of output, it wouldn't all be read in, resulting in the
subprocess hanging waiting for the output to be read.
2019-01-23 18:53:45 +13:00
docs docs: document --ns-hosts --to-ns and update --dns 2018-12-29 15:02:18 +11:00
sshuttle Fix potential deadlock condition in nft_get_handle 2019-01-23 18:53:45 +13:00
tests Changes pf exclusion rules precedence 2018-11-03 12:24:32 +11:00
.gitignore Add entries to .gitignore 2018-03-16 18:10:09 +11:00
.prospector.yml Fixes some style issues and minor bugs 2017-11-13 11:58:43 +11:00
.travis.yml Remove Python 2.6 from automatic tests 2018-03-16 18:34:15 +11:00
bandit.yml updated bandit config 2018-10-17 20:52:04 +11:00
CHANGES.rst Prepare for 0.78.4 2018-04-02 14:52:22 +10:00
LICENSE Fix LGPL2 license. 2016-03-07 10:03:22 +11:00
MANIFEST.in Fix error in requirements.rst 2017-07-09 09:08:48 +10:00
README.rst Update README.rst 2018-06-22 16:02:11 +10:00
requirements-tests.txt Added coverage report to tests 2018-10-17 20:54:28 +11:00
requirements.txt Pin version in requirements.txt 2017-07-09 09:08:48 +10:00
run turn off debugging 2017-10-23 06:58:21 +11:00
setup.cfg Added coverage report to tests 2018-10-17 20:54:28 +11:00
setup.py Added coverage report to tests 2018-10-17 20:54:28 +11:00
tox.ini Remove Python 2.6 from automatic tests 2018-03-16 18:34:15 +11:00

sshuttle: where transparent proxy meets VPN meets ssh
=====================================================

As far as I know, sshuttle is the only program that solves the following
common case:

- Your client machine (or router) is Linux, FreeBSD, or MacOS.

- You have access to a remote network via ssh.

- You don't necessarily have admin access on the remote network.

- The remote network has no VPN, or only stupid/complex VPN
  protocols (IPsec, PPTP, etc). Or maybe you *are* the
  admin and you just got frustrated with the awful state of
  VPN tools.

- You don't want to create an ssh port forward for every
  single host/port on the remote network.

- You hate openssh's port forwarding because it's randomly
  slow and/or stupid.

- You can't use openssh's PermitTunnel feature because
  it's disabled by default on openssh servers; plus it does
  TCP-over-TCP, which has terrible performance (see below).


Obtaining sshuttle
------------------

- Debian stretch or later::

      apt-get install sshuttle

- From PyPI::

      sudo pip install sshuttle

- Clone::

      git clone https://github.com/sshuttle/sshuttle.git
      cd sshuttle
      sudo ./setup.py install

It is also possible to install into a virtualenv as a non-root user.

- From PyPI::

      virtualenv -p python3 /tmp/sshuttle
      . /tmp/sshuttle/bin/activate
      pip install sshuttle

- Clone::

      virtualenv -p python3 /tmp/sshuttle
      . /tmp/sshuttle/bin/activate
      git clone https://github.com/sshuttle/sshuttle.git
      cd sshuttle
      ./setup.py install

- Homebrew::

      brew install sshuttle


Documentation
-------------
The documentation for the stable version is available at:
https://sshuttle.readthedocs.org/

The documentation for the latest development version is available at:
https://sshuttle.readthedocs.org/en/latest/