SSH into your private machines from anywhere, for free, using Cloudflare Tunnel

• tailscale

  1,006 16,535 9.9 Go

  The easiest, most secure way to use WireGuard and 2FA.

  

Tailscale (https://tailscale.com) is a great solution for this use-case. It's also just an absolutely excellent experience overall and I can't say enough nice things about it.

• cloudflared

  101 7,971 8.8 Go

  Cloudflare Tunnel client (formerly Argo Tunnel)

  

Unfortunately the cloudflared software, while the source is available on GitHub, and there are pull requests open and accepted for it, is not under an open source license, so any modifications (including the aformentioned pull requests) are contrary to copyright law and thus illegal.

https://github.com/cloudflare/cloudflared/issues/464

• InfluxDB

  www.influxdata.com featured

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• utterances

  75 8,621 0.0 TypeScript

  :crystal_ball: A lightweight comments widget built on GitHub issues

  

• headscale

  222 19,696 9.2 Go

  An open source, self-hosted implementation of the Tailscale control server

Also worth mentioning the open-source derivative: https://github.com/juanfont/headscale

• sish

  33 3,773 6.4 Go

  HTTP(S)/WS(S)/TCP Tunnels to localhost using only SSH.

If you are all about self hosting, here’s my method (disclosure, I made this tool):

1. Run https://github.com/antoniomika/sish on any free tier instance or fly

• ztproxy

  2 14 0.0 Python

  A user-space stdin-to-ZeroTier proxy

I set up something similar using ZeroTier "public" networks and the libzt Python userspace library.

My use-case was to allow bitbucket hosted instances to connect to private instances in my infrastructure to push code to as part of the build pipeline. They way they are running Docker at bitbucket, you can't run the normal zerotier processes (IIRC, it wasn't allowed to create a tun/tap device).

The zerotier public networks are networks that anyone can join given the network ID, without requiring an admin to authorize them.

I wrote a python-based "ztproxy" [1] which you can call from SSH as a ProxyCommand like: `ProxyCommand /usr/bin/python3 /path/to/ztproxy /tmp 1234567890abcdef 9994 10.3.2.1 22`. On top of that I had SSH public key authentication of both the remote host and the local user, so even if the network ID was exposed, it wouldn't have been wide open. I also had ZeroTier network level rules that only allowed the SSH traffic.

[1]: https://github.com/linsomniac/ztproxy

• ZeroTier

  344 13,415 8.7 C++

  A Smart Ethernet Switch for Earth

  

• SaaSHub

  www.saashub.com featured

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

• Nebula

  141 13,742 8.6 Go

  A scalable overlay networking tool with a focus on performance, simplicity and security

  

No one uses Nebula [1] developed by Slack?

> Nebula is a mutually authenticated peer-to-peer software defined network based on the Noise Protocol Framework.

It's self-hosted and I think it's a great alternative to ZeroTier, or Tailscale.

I believe its been powering Slack's overlay network for ~5+ years.

[1]: https://github.com/slackhq/nebula

• Mosh

  152 12,216 4.6 C++

  Mobile Shell

  

Suggest a related project