{"id":14934,"library":"sshuttle","title":"sshuttle Transparent Proxy VPN","description":"sshuttle is a transparent proxy server that acts as a 'poor man's VPN', forwarding network traffic over SSH. It doesn't require admin privileges for basic use and works across Linux and macOS, supporting DNS tunneling. The current stable version is 1.3.2, with releases occurring periodically, often driven by bug fixes and platform compatibility updates.","status":"active","version":"1.3.2","language":"en","source_language":"en","source_url":"https://github.com/sshuttle/sshuttle","tags":["networking","proxy","vpn","ssh","cli","tunneling"],"install":[{"cmd":"pip install sshuttle","lang":"bash","label":"Install with pip"}],"dependencies":[],"imports":[],"quickstart":{"code":"sshuttle -r user@remote_server 0.0.0.0/0\n# For specific subnets:\n# sshuttle -r user@remote_server 192.168.1.0/24 10.0.0.0/8\n\n# To enable DNS tunneling (requires remote_server's sshd to allow dns queries from sshuttle):\n# sshuttle --dns -r user@remote_server 0.0.0.0/0\n\n# Example using environment variables for SSH:\n# export SSH_USER=\"your_user\"\n# export SSH_HOST=\"your_host.com\"\n# sshuttle -r \"$SSH_USER@$SSH_HOST\" 0.0.0.0/0","lang":"bash","description":"This command will establish a transparent proxy connection to `remote_server` via SSH, routing all local traffic (0.0.0.0/0) through the remote server. Replace `user` with your SSH username and `remote_server` with the IP address or hostname of your SSH server."},"warnings":[{"fix":"Ensure your environment uses Python 3.9 or 3.10. Consider using pyenv or virtual environments to manage Python versions for sshuttle.","message":"Python version compatibility for sshuttle is strict: it requires Python >=3.9 and <4.0. Using incompatible Python versions can lead to installation failures or runtime errors.","severity":"gotcha","affected_versions":"<1.3.0"},{"fix":"Verify that `sshuttle --dns` works correctly by checking name resolution after connecting. If issues persist, ensure the remote SSH server allows outgoing connections on port 53 (UDP/TCP) from the `sshuttle` process or disable `--dns` and configure local DNS to a remote server.","message":"DNS tunneling can be problematic. If the remote SSH server's `sshd` configuration or firewall prevents `sshuttle` from making DNS queries, your DNS resolution might fail or leak.","severity":"gotcha","affected_versions":"All versions"},{"fix":"Disable other VPNs before starting sshuttle. If you have custom firewall rules, you may need to adjust them to allow sshuttle's traffic manipulation. Test connectivity thoroughly after starting sshuttle.","message":"sshuttle can conflict with existing VPN connections or complex network configurations (e.g., specific firewall rules, other routing daemons), potentially leading to routing loops or connection drops.","severity":"gotcha","affected_versions":"All versions"},{"fix":"Choose an SSH server with low latency to your client. For specific applications requiring higher throughput, consider alternative VPN solutions. Optimize SSH settings (e.g., Compression, Cipher) if possible, but keep in mind sshuttle itself handles some optimizations.","message":"Performance can be significantly impacted by high latency or low bandwidth SSH connections, as all traffic is multiplexed and tunneled over a single TCP connection.","severity":"gotcha","affected_versions":"All versions"}],"env_vars":null,"last_verified":"2026-04-17T00:00:00.000Z","next_check":"2026-07-16T00:00:00.000Z","problems":[{"fix":"Verify the remote server's SSH service is running and accessible from your client. Check firewall rules on both client and server. Ensure the SSH port (default 22) is open and specified correctly if non-standard (e.g., `sshuttle -r user@host:port ...`).","cause":"The SSH daemon on the remote server is not running, is firewalled, or the specified port is incorrect.","error":"sshuttle: failed to connect to remote server: [Errno 111] Connection refused"},{"fix":"Ensure you're using the correct username and password/key for the remote server. Test SSH connectivity independently (e.g., `ssh user@remote_server`). Add your SSH key to your agent (`ssh-add ~/.ssh/id_rsa`).","cause":"SSH authentication failure. The username, password, or SSH key is incorrect or not properly configured.","error":"Permission denied (publickey,password)."},{"fix":"Without `--dns`, ensure your local system's DNS resolvers are functional. If using `--dns`, verify the remote SSH server has working DNS resolution and its firewall allows outgoing DNS queries. Try `sshuttle -r user@remote_server 0.0.0.0/0` (without `--dns`) to isolate the issue.","cause":"DNS resolution is failing, often when using `--dns` and the remote server cannot resolve names or the local client's DNS is misconfigured.","error":"Name or service not known"},{"fix":"This usually means another instance of sshuttle or a different application is using the required port. Kill existing sshuttle processes (`pgrep sshuttle | xargs kill`) or identify and stop the conflicting application. Rebooting may also resolve transient port issues.","cause":"The specified local port that sshuttle tries to bind to is already in use by another application.","error":"sshuttle: Cannot bind to 127.0.0.1:port (or similar IP/port combination)"}],"ecosystem":"pypi"}