sshuttle - a dead simple VPN solution

There are a number of open source solutions for VPN, such as OpenVPN, SoftEther and strongSwan. They all take a bit of learning to setup, no actually for StrongSwan and SoftEther there is a massive amount of learning and OpenVPN is not trailing that far behind. If you're like me.

And then there is sshuttle, a python program that uses SSH to make a tunnel to the server. A server that does not need to have sshuttle installed: The client sshuttle will connect and run the needed stuff on the server side in a similar way to e.g. Ansible. I just tested it and it seems to work fine!

Forward all traffic except DNS:

sshuttle -r username@sshserver 0.0.0.0/0

Also forward DNS queries:

sshuttle --dns -r username@sshserver 0/0

I installed it (you can use apt-get, yum or pip) and then just ran it from terminal. Done. It works!

I can read through sshuttle's code, it's 3283 lines of python code (I haven't yet I might add).

According to the SoftEther site, OpenVPN has 91'000 lines of C code and SoftEther has 378'000 lines of C and C++ code.

Now granted, they do much more. I haven't  tested it much yet but sshuttle looks promising. I wonder a bit about throughput though, gotta check that. And there is no Android client.

sshuttle/sshuttle: Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.

There is also tinc by the way which seems quite interesting in other ways. Untested by me.