SSH Tunnel + SOCKS5/HTTP proxy with UDP relay
- Password or key-based authentication with keyboard-interactive fallback
- TCP pre-check before connecting
- 30s TCP keepalive + 60s SSH keepalive to prevent NAT/firewall drops
- SOCKS5 — Full TCP/UDP support with optional username/password auth
- HTTP CONNECT — Auto-detected alongside SOCKS5 on the same port
- Full
badvpn-udpgwprotocol implementation - 3-second keepalive pings to maintain the UDP tunnel
- Multi-tier fallback: local DNS → public DNS (8.8.8.8, 1.1.1.1) → server-side resolution
- Avoid using
rootas SSH user — use a regular user without any privileges. - Check out ShahanPanel a web panel for managing SSH accounts.
badvpn-udpgwrunning on your SSH server (optional, for UDP relay)
Download the latest binary from here 👉
Or build it yourself:
git clone https://github.com/ThisIsDara/SSHT.git
cd SSHT
go build -o SSHT .
Edit config.json:
{
"ssh_server": "your.server.com",
"ssh_port": 22,
"ssh_user": "username",
"ssh_key": "(Optional , you can leave this empty)",
"ssh_password": "your_password",
"socks_port": 1080,
"socks_user": "",
"socks_pass": "",
"udpgw_port": 7300,
"timeout_seconds": 10
}Windows: Double-click SSHT.exe or run:
.\SSHT.exe
Linux/macOS:
chmod +x SSHT
./SSHT
| Protocol | Address |
|---|---|
| SOCKS5 | 127.0.0.1:1080 |
| HTTP | 127.0.0.1:1080 |
| Field | Description |
|---|---|
ssh_key |
Path to SSH private key (empty = password auth) |
socks_user / socks_pass |
Optional SOCKS5 authentication |
udpgw_port |
Set to 0 to disable UDP relay |
timeout_seconds |
SSH connection timeout |
MIT