tunnzl.sbs

SSH ⇄ HTTP · ephemeral by design

Turn one SSH command into a public URL.

No installs, no accounts, no config files. Point ssh -R at tunnzl.sbs and whatever's running on your machine is reachable from anywhere, instantly.

ssh -R 80:localhost:3000 tunnzl.sbs

Requires an ECDSA key — the server will tell you how to generate one if you don't have it yet.

client — ssh

$ ssh -R 80:localhost:3000 tunnzl.sbs

=======================================================

tunnel active. forwarding 127.0.0.1:3000

=======================================================

tunnel aktif: http://.tunnzl.sbs

The process

Three things happen, in order.

1

You point ssh at us

Run ssh -R 80:localhost:PORT tunnzl.sbs from any machine behind any NAT or firewall. Nothing to install on your side beyond an SSH client you already have.

2

We hand back an address

A long, random subdomain is generated on the spot — never reused, never predictable, even if you connect again from the exact same key thirty seconds later.

3

Traffic finds its way home

Requests to that address get relayed byte-for-byte back through your SSH session to localhost:PORT. Close the connection, and the address is gone for good.

What you get

Built to disappear, not to manage.

No accounts, no dashboards

Nothing to sign up for. Your keypair is your identity for the length of one connection, then it's forgotten.

Unguessable by design

Subdomains are drawn from a cryptographic random source, long enough that scanning for someone else's tunnel isn't practical.

ECDSA-only handshake

The server only speaks to ECDSA keys. Show up with anything else and it'll tell you exactly what to run to fix that. Saya memilihnya karean saya Suka

Raw byte relay

We don't parse your traffic, just route it. Long-lived connections, large uploads, and WebSockets pass through untouched.

One command, no client

If your OS shipped with an SSH client, you already have everything you need. No binary to trust, nothing to update.

coming soon

HTTPS (coming soon)

Encrypted tunnels with a certificate per subdomain are next. HTTP works today, TLS is already being built.

Get started

Two commands. That's the whole setup.

1. Generate an ECDSA key, if you don't have one

ssh-keygen -t ecdsa -b 521 -f ~/.ssh/id_ecdsa

2. Forward whatever's running locally

ssh -i ~/.ssh/id_ecdsa -R 80:localhost:3000 tunnzl.sbs

Your terminal will print the address the moment it's assigned. Press Ctrl+C whenever you're done — the tunnel closes with the connection, no cleanup needed.