zishuo/Servo
1
0
Fork 0
mirror of https://github.com/antoniomika/sish.git synced 2026-04-22 16:17:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
779ca206bfd117233a49fc629fd76c06786c1654
Servo/README.md
T
Antonio Mika 779ca206bf Update readme
2026-03-23 19:04:28 -04:00

3.4 KiB
Raw Blame History

sish

Open source SSH tunneling for HTTP(S), WS(S), TCP, aliases, and SNI.

If you like the simplicity of serveo/ngrok-style sharing but want to use plain SSH and run your own infrastructure, sish is built for that.

  • No custom client required for end users
  • Public and private tunnel workflows
  • Docker and binary releases
  • Designed for production-grade self-hosting

Docs | Managed Service | Releases | Docker Images

Why sish

sish runs an SSH server focused on forwarding and multiplexing. Users connect with commands they already know, and sish handles the routing.

Typical use cases

  • Share a local web app instantly over HTTPS
  • Expose a TCP service to a fixed or random external port
  • Create private TCP aliases that are only reachable through authenticated SSH
  • Route TLS traffic by SNI to multiple backends without terminating TLS

Quick Start

1) Try the managed service

The fastest way to validate your workflow:

ssh -R 80:localhost:8080 tuns.sh

This creates a public URL for your local app running on port 8080.

2) Self-host with Docker

Pull image:

docker pull antoniomika/sish:latest

Prepare directories:

mkdir -p ~/sish/ssl ~/sish/keys ~/sish/pubkeys
cp ~/.ssh/id_ed25519.pub ~/sish/pubkeys

Run:

docker run -itd --name sish \
	-v ~/sish/ssl:/ssl \
	-v ~/sish/keys:/keys \
	-v ~/sish/pubkeys:/pubkeys \
	--net=host antoniomika/sish:latest \
	--ssh-address=:2222 \
	--http-address=:80 \
	--https-address=:443 \
	--https=true \
	--https-certificate-directory=/ssl \
	--authentication-keys-directory=/pubkeys \
	--private-keys-directory=/keys \
	--bind-random-ports=false \
	--domain=example.com

Then connect:

ssh -p 2222 -R 80:localhost:8080 example.com

Forwarding Examples

HTTP tunnel

ssh -R myapp:80:localhost:8080 tuns.sh

Your app at localhost:8080 becomes available at https://myapp.tuns.sh.

TCP tunnel

ssh -R 2222:localhost:22 tuns.sh

localhost:22 is available at tuns.sh:2222

Private TCP alias

ssh -R mylaptop:22:localhost:22 tuns.sh

Access from another client:

ssh -J tuns.sh mylaptop

Feature Highlights

  • HTTP(S), WS(S), TCP forwarding, and multiplexing
  • TCP aliases for private internal-only access patterns
  • SNI proxy support for TLS-based backend routing
  • Optional load balancing modes for HTTP/TCP/SNI aliases
  • Service console support for inspecting forwarded requests
  • Key and password authentication with dynamic key reloading
  • Restrictive binding policies for safer multi-tenant setups

Local Development

Clone:

git clone git@github.com:antoniomika/sish.git
cd sish

Start locally:

go run main.go --http-address localhost:3000 --domain testing.ssi.sh

Or use:

make dev

Test a tunnel:

ssh -p 2222 -R 80:localhost:8080 testing.ssi.sh

testing.ssi.sh is configured to point to localhost for development.

Learn More

Community

Reference in New Issue View Git Blame Copy Permalink