At Velocity we use ngrok quite a bit to show some of our work to our clients before it goes live. However, there are some limitations with Ngrok -- the connection per second limit, being one of them.

So today we used some simple SSH tunneling to punch a hole through the firewall(s) to allow easy access to our clients.

In my set up, I have a publicly accessible server at avior.velocitywebworks.com. I can SSH into this server.

The first step is to edit my /etc/ssh/sshd_config file on the publicly accessible server (in this case, Avior) and add the following line:

GatewayPorts clientspecified  

This allows me to specify a publicly accessible tcp port when I tunnel in.

Next step is I created a new SSH connection to Avior like this:

ssh avior.velocitywebworks.com -R 0.0.0.0:8081:localhost:8081  

The first part after -R: 0.0.0.0:8081 is the remote address and IP I want to listen on. 0.0.0.0 is short hand for accepting a connection from anywhere. The second bit, localhost:8081 refers to my machine and port. I have a copy of the website running locally on my desktop at port 8081.

After logging in and keeping this SSH session open, I open my browser by going to http://avior.velocitywebworks.com:8081 and voila! The website on my desktop is now available for the public!