antoniomika/sish

★ 4,626GoAudience · ops devopsComplexity · 3/5Setup · moderate

Mindmap

mindmap
  root((sish))
    What it does
      SSH tunneling
      Local to public internet
      Self-hosted ngrok
    How it works
      Standard SSH command
      No custom client
      No router config
    Features
      HTTPS web tunnels
      Raw TCP tunnels
      SSH key access control
      SNI TLS routing
    Use cases
      Share local dev app
      Expose home server
      Team tunneling infra

mindmap root((sish)) What it does SSH tunneling Local to public internet Self-hosted ngrok How it works Standard SSH command No custom client No router config Features HTTPS web tunnels Raw TCP tunnels SSH key access control SNI TLS routing Use cases Share local dev app Expose home server Team tunneling infra

Click or tap to explore — scroll the page freely

Things people build with this

USE CASE 1

Share a local web app with a client or teammate via a public HTTPS URL without deploying it to a server

USE CASE 2

Expose a TCP service such as a database or local SSH server through a secure tunnel for remote access

USE CASE 3

Run your own tunneling infrastructure instead of depending on a commercial service like ngrok or Cloudflare Tunnel

USE CASE 4

Give multiple developers individual public subdomains that each point to their own local development machine

Tech stack

GoDockerSSH

Getting it running

Difficulty · moderate Time to first run · 30min

Self-hosting requires a VPS with a domain name pointed at it and Docker, the connection itself requires only the standard ssh command already on every Mac and Linux system.

In plain English

sish is a tool that lets you expose a service running on your local computer to the public internet using SSH, the same protocol used for secure remote server access. The idea is similar to commercial tunneling services: you run something on your own machine, and sish gives you a publicly accessible URL or port without you needing to configure your router or open firewall rules. The difference is that sish is open source and designed to be self-hosted on your own server, so you are not dependent on a third-party service. Connecting requires no custom software. You use the standard ssh command that ships with every Mac, Linux, and most Windows systems. A single command like "ssh -R 80:localhost:8080 yourserver.com" is enough to create a public HTTPS address pointing at your local app. You can also expose raw TCP services, not just web apps, which makes it useful for things like sharing a local SSH server, a database port, or any other network service. For operators running sish for multiple users, the tool includes access control options: connections can be restricted by SSH key, random ports can be enforced to prevent conflicts, and private TCP aliases can be created that are only reachable through authenticated SSH connections rather than being publicly exposed. It also supports TLS routing by SNI, which means it can forward encrypted traffic to different backends without decrypting it. sish is written in Go and is distributed as Docker images and pre-built binaries. The self-hosting setup in the README uses Docker and requires a domain name pointed at the server. A managed version is available at tuns.sh for users who want to try the tool without running their own server. Documentation covering forwarding types, CLI options, and an FAQ is published at docs.ssi.sh.

Copy-paste prompts

Prompt 1

I have sish running on my server at example.com. Show me the SSH command that exposes my local port 3000 app as a public HTTPS URL.

Prompt 2

How do I deploy sish on a VPS using Docker so multiple developers can each get their own public subdomain for local development?

Prompt 3

How do I restrict sish to only allow SSH connections from specific keys and set up private TCP aliases that are not publicly exposed?

Open on GitHub → Explain another repo

← antoniomika on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.