BackTunnel/README.md at cb81c1671b0ca1e7f98c8cec0ecace7c7ec43e13

Files

sysadminmatmoz cb81c1671b Revamp README for enhanced clarity and usability: streamline commands, add quick start, highlight key features, improve examples, and restructure sections for better organization.

2025-09-20 10:58:02 +02:00

4.0 KiB

Raw Blame History

BackTunnel lets you share and mount folders between Linux machines behind NAT or firewalls using just two friendly commands. No central servers. No cloud uploads. Temporary, peer-to-peer, SSH-based.

⚡ Quick Start (3 steps)

On the sharing machine (server):
```
backtunnel-share ~/Documents with user@remotehost for 2h -i
```
→ Opens a tunnel for 2 hours and prints an invite.

Send the invite (via chat, email, QR). It looks like:

backtunnel-auth-setup -p 2222 user@localhost
backtunnel-access '/home/alice/Documents' from user@remotehost -p 2222 -m "$HOME/remote-rssh"

On the accessing machine (client):

mkdir -p ~/remote-rssh
backtunnel-auth-setup -p 2222 user@localhost
backtunnel-access '/home/alice/Documents' from user@remotehost -p 2222 -m ~/remote-rssh

→ Folder is mounted at ~/remote-rssh.

Unmount afterwards with:

fusermount -u ~/remote-rssh

🚀 Why BackTunnel?

Works behind NAT/firewalls: reverse SSH tunnels, no port forwarding needed.
Private by design: no third-party relays or cloud.
Temporary by default: shares auto-stop after chosen duration.
Simple invites: send one-liners (or QR codes) to colleagues.
Safe: restricted SFTP-only keys ensure no shell access.
Desktop integration: right-click folders in Dolphin to share or access.

✨ Commands

`backtunnel-share` — start a share

(sharing side)

backtunnel-share /path/to/folder with user@remotehost for <duration> [options]

Duration formats: 30m, 2h, 1d Key options:

-p, --tunnel-port <PORT> — Remote port (default: 2222)
-l, --local-ssh-port <PORT> — Local SSHD port (default: 22)
-i, --invite — Print a ready-to-copy invite
--invite-mount <PATH> — Suggested mount point (default: ~/remote-rssh)
--qr — Show invite as QR code

`backtunnel-access` — mount a share

(accessing side)

backtunnel-access /path/to/folder from user@remotehost [options]

Options:

-p, --port <PORT> — Remote tunnel port (default: 2222)
-m, --mount-point <PATH> — Local mount point (default: ~/remote-rssh)

Unmount with:

fusermount -u ~/remote-rssh

📁 Profiles

Simplify frequent shares with ~/.config/backtunnel/profiles.ini. Example:

[default]
tunnel_port=4422
invite_mount=$HOME/shared

[work]
user=alice
host=vps.example.com
tunnel_port=4423

Use with:

backtunnel-share ~/reports with @work for 6h -i

🔒 Security

Restricted keys: usable only through the tunnel (127.0.0.1).
SFTP-only: enforced with internal-sftp,restrict.
Temporary: ends when the tunnel closes.

🖥️ Dolphin Integration

After install, Dolphin menus appear:

Share via BackTunnel… — GUI wizard for remote, duration, ports, invite.
Access via BackTunnel… — GUI wizard for remote, port, mount point.

Logs:

~/.local/state/backtunnel/servicemenu.*.log

📦 Install

sudo bash scripts/install.sh
make init   # copy example profiles.ini

Uninstall:

sudo bash scripts/uninstall.sh

Arch Linux:

makepkg -si

📖 Man Page

man backtunnel

🧾 License

📝 Cheat Sheet (TL;DR)

Start a share:

backtunnel-share ~/Documents with user@remotehost for 2h -i

Send this invite to your colleague:

backtunnel-auth-setup -p 2222 user@localhost
backtunnel-access '/home/user/Documents' from user@remotehost -p 2222 -m ~/remote-rssh

On the client:

mkdir -p ~/remote-rssh
backtunnel-auth-setup -p 2222 user@localhost
backtunnel-access '/home/user/Documents' from user@remotehost -p 2222 -m ~/remote-rssh

Unmount:

fusermount -u ~/remote-rssh

4.0 KiB Raw Blame History Unescape Escape

BackTunnel – Secure Reverse SSH Folder Sharing Toolkit