A simple SSH tunneling application written in Go.
- Configuration via JSON file
- SSH authentication with username/password or private key
- Source and destination port configuration for tunneling
- No interactive shell access
- Optional configuration encryption
- Make sure you have Go installed (version 1.21 or later)
- Clone this repository
- Run
go buildto build the application
./tunnel.exe -config config.jsonThe application uses a JSON configuration file with the following structure:
{
"ssh": {
"host": "example.com",
"port": 22,
"username": "user",
"password": "password",
"private_key": ""
},
"tunnel": {
"source_port": 8080,
"destination_port": 3306
},
"encrypted": false
}host: The SSH server hostname or IP addressport: The SSH server port (usually 22)username: SSH usernamepassword: SSH password (optional if using private key)private_key: SSH private key file path or private key content (optional if using password)
If you specify a file path for private_key (e.g., "./id_rsa"), the application will read the private key from that file. If you specify the actual private key content (e.g., "-----BEGIN RSA PRIVATE KEY-----..."), the application will use it directly.
source_port: The local port to listen ondestination_port: The remote port to connect to
encrypted: Whether the configuration file is encrypted
To create an encrypted configuration file, set encrypted to true in the configuration and use the saveConfig function to save it.
Note: The current implementation uses a fixed encryption key for simplicity. In a production environment, you should use a more secure method for managing encryption keys.
To tunnel localhost:8080 to a remote MySQL server running on port 3306:
{
"ssh": {
"host": "remote-server.com",
"port": 22,
"username": "myuser",
"password": "mypassword"
},
"tunnel": {
"source_port": 8080,
"destination_port": 3306
},
"encrypted": false
}Then run:
./tunnel.exe -config config.jsonThis will forward all connections to localhost:8080 through the SSH server to remote-server.com:3306.