Using sshuttle to Tunnel Traffic securely

sshuttle is a powerful tool that allows you to tunnel network traffic through an SSH server. This can be particularly useful when you want to securely access resources or services on a remote device or network. In this article, we will guide you through the process of using sshuttle to tunnel traffic from one device to another in Linux.


Before you can start using sshuttle, you need to install it on your Linux system. Follow these steps to install sshuttle:

  1. Open a terminal window.
  2. Update the package list by running the following command:

    sudo apt update

  1. Install sshuttle using the package manager:
    sudo apt install sshuttle
  2. Wait for the installation to complete.

Tunnelling Traffic

Once sshuttle is installed, you can start tunneling traffic from your local machine to a remote device. Follow these steps to set up the tunnel:

  1. Open a terminal window.
  2. Use the following command to initiate the tunnel:
    sudo sshuttle -r <SSH_SERVER> <REMOTE_SUBNET>

Replace <SSH_SERVER> with the hostname or IP address of the SSH server you want to connect to, and <REMOTE_SUBNET> with the subnet or IP address range of the remote network you want to access.

  1. Enter your sudo password when prompted.
  2. sshuttle will establish the SSH connection and start forwarding traffic to the remote device. You can now access resources on the remote network as if they were on your local machine.
  3. To stop the tunnel, press Ctrl + C in the terminal window.

Additional Options

sshuttle provides additional options to customize the tunnelling process. Here are some commonly used options:

  • -e or --exclude: Exclude specific IP addresses or subnets from the tunnel.
  • -x or --x11: Enable X11 forwarding over the SSH tunnel.
  • -D or --dns: Redirect DNS queries through the tunnel.
  • -r or --remote: Specify a custom SSH remote address and port.
  • -v or --verbose: Display verbose output for debugging purposes.

Refer to the sshuttle documentation or run sshuttle --help in the terminal for a complete list of options and their usage.

Security Considerations

When using SSHuttle, it’s important to consider security best practices:

  • Ensure that the SSH server you connect to is secure and properly configured.
  • Use strong, unique passwords or SSH keys for authentication.
  • Regularly update SSHuttle and other software to benefit from security patches and bug fixes.
  • Avoid tunneling sensitive or confidential data over untrusted networks.

By following these guidelines, you can maintain a secure and reliable tunneling setup using SSHuttle in Linux. Enjoy seamless access to remote resources and enhance your network connectivity capabilities!

Troubleshooting and Tips

While sshuttle is a versatile tool, you may encounter some issues or need additional guidance. Here are some troubleshooting tips and suggestions to help you:

SSH Connection Issues

If you are unable to establish an SSH connection or experience connection timeouts, ensure that:

  • The SSH server is running and accessible from your local machine.
  • You have the correct hostname or IP address of the SSH server.
  • The SSH server allows remote connections and is properly configured to accept SSH connections.
  • Your local machine has network connectivity to the SSH server.

Network Access Issues

If you can establish the SSH connection but are unable to access resources on the remote network, consider the following:

  • Check the firewall settings on the remote network to ensure that the necessary ports and protocols are allowed.
  • Verify that the remote subnet or IP address range you specified in the sshuttle command is correct.
  • Test connectivity to specific resources on the remote network using ping or other network diagnostic tools.
  • Ensure that your local machine has the necessary permissions and access rights to access the remote resources.

Performance Optimization

To optimize the performance of sshuttle and enhance your tunnelling experience, consider the following tips:

  • Use compression to reduce the amount of data transferred over the SSH connection. Add the -C option to enable compression:
  • sudo sshuttle -C -r <SSH_SERVER> <REMOTE_SUBNET>.
  • Experiment with different encryption ciphers and algorithms to find the right balance between security and performance. Refer to the SSH documentation for more information.
  • Monitor your network bandwidth usage to ensure that the tunnelling traffic does not significantly impact your overall network performance.

sshuttle Alternatives

If you encounter persistent issues or require more advanced features, you may consider exploring alternative tunnelling solutions. Some popular alternatives to sshuttle include OpenVPN, WireGuard, and IPsec VPN. Each option has its own strengths and configuration requirements, so choose the one that best suits your needs and technical expertise.


sshuttle provides a convenient and secure way to tunnel network traffic in Linux. By following the installation steps, setting up the tunnel, and considering the troubleshooting tips, you can leverage SSHuttle to access remote resources and enhance your network connectivity. Remember to prioritize security and regularly update your software for optimal performance. Enjoy seamless and secure access to remote networks with SSHuttle!