Sshuttle Command Guide

Sshuttle allows you to create a VPN connection from your machine to any remote server that you can connect to via ssh. No admin needed on the remote server.

Top 10 Useful Commands

1. Basic Network Tunnel

sshuttle -r user@10.10.10.10 192.168.1.0/24

Explanation: "Route all traffic for subnet 192.168.1.0/24 through the SSH server at 10.10.10.10".

2. Auto-Detect Subnets

sshuttle -r user@10.10.10.10 -N

Explanation: Automatically determine the networks the remote server is connected to and route them.

3. Tunnel All Traffic

sshuttle -r user@10.10.10.10 0.0.0.0/0

Explanation: Forward EVERYTHING (like a full VPN).

4. SSH Key Auth

sshuttle -r user@10.10.10.10 --ssh-cmd "ssh -i key.pem" 10.0.0.0/8

Explanation: Use a key file.

5. DNS Forwarding

sshuttle --dns -r user@10.10.10.10 192.168.1.0/24

Explanation: Tunnel DNS queries too. Essential for Active Directory (resolving domain names).

6. Daemon Mode

sshuttle -D ...

Explanation: Run in background.

7. Verbose

sshuttle -v ...

Explanation: Show routed packet info.

8. Exclude Subnet

sshuttle -r ... 192.168.1.0/24 -x 192.168.1.5

Explanation: Route the subnet BUT exclude checking IP .5.

9. Use sudo

# sshuttle itself requires sudo locally to modify iptables

10. Stop

# Ctrl+C clears iptables headers automatically

The Most Powerful Command

sshuttle --dns -r user@10.10.10.10 172.16.0.0/12

Explanation: Instantly gives you access to the target's entire internal cloud network, allowing you to run tools (browser, nmap, etc) directly from your machine against internal IPs, with DNS working.