Poor man's VPN for Web Developers or Make Remote Server Local Or How To Make Developer's Life Easier While Working With Remote Servers

02 Jul · by Tim Kamanin · 3 min read

"Woa, what a long title", you must say. Yes it is and it deserves that for sure. But at first, please answer this question: "How many times you've been forced to work on client's server, because of the fact that there are services, that work only with remote server's localhost and can't be exposed to the outer world?".

It could be a case with SOAP server or DB (in my case it was MSSQL) which accepts connections only from remote server's localhost. Doing development work on a remote server is not the most pleasant stuff, if you're not a big fan of vim and connection timeouts.

Looking how to solve this annoying problem, I've stumbled upon a little tool called " Sshuttle" (you can grab it from Github here: https://github.com/apenwarr/sshuttle). Here is what project's page says about it "Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling."

In simple words, it forwards all your Linux/Mac OS X traffic through your remote ssh connection, that makes remote server act as a proxy and think, that you're local. The best thing is that you don't need to have root on a remote server. You just need to be able to access it through ssh. The concept is so easy and simple that I can't excuse myself for not finding this tool earlier!

Installation

Installation is simple, just do a

git clone https://github.com/apenwarr/sshuttle.git

into any directory you want.

Usage

1) When you want to forward all your traffic through a remote server, you just do this:

/home/username/sshuttle/sshuttle -r remote_server_user_name@remote_server_ip_or_domain_name 0.0.0.0/0 -vv

Note, I cloned sshuttle into my /home/username directory.

2) Then the system will ask for your local root password and after that, it will ask you for your remote server user name password.

3) If eveything goes well and command won't get interrupted, sshuttle will start forwarding all traffic from your Ubuntu/Mac OS to the remote server. You can even open your browser and check your ip, you'll see it has changed to your remote server's ip. Sometimes, however, command breaks, but it is easily fixed by running it again.

4) When you want to stop, just hit Ctrl + C in terminal to abort the command.

My workflow

For every remote server I need to forward my connection I create a .sh file like 'server_name.sh' that has only one line:

/home/username/sshuttle/sshuttle -r remote_server_user_name@remote_server_ip_or_domain_name 0.0.0.0/0 -vv

Then I just run this script:

bash server_name.sh

And get all my connections forwarded to remote server. This way you don't have to remember all your ip addresses and user names. So that's it. I hope you'll find this tool useful. To me it is a huge life and time saver in one. I want to thank Avery Pennarun for creating this tool.

Once again, you can get Sshuttle from GitHub: https://github.com/apenwarr/sshuttle.

P.S. Shuttle icon is by Stefan Dziallas from iconwerk.de

Comments

Required for comment verification