Yuval Adam

Poor Man's VPN

Today I decided to check out Avery Pennarun’s sshuttle, or as he calls it - Poor Man’s VPN. (Thanks to Fedot for the re-discovery!)

It’s an amazing tool, that runs amazingly fast and is completely transparent. Basically what it does:

  • runs on client (Mac or Linux supported)
  • connects via SSH to target proxy server (an active SSH shell account and Python are the only prerequisites, you don’t even need root or admin access on server)
  • uploads and installs on-demand the necessary dependencies on the server (completely transparent to user)
  • reconfigure the client network service to route all (or some, if you like) traffic through proxy
  • that’s it, cheap VPN!

All the heavy lifting of changing iptables, DNS and network settings is all done for you, on-the-fly. It just works.

I highly recommend using sshuttle for when you need the occasional tunneling. Once you discover how simple it is, you’ll want to use it all the time.