feat: add ssh doc

fatedier · Dec 13, 2023 · 6ddd61b · 6ddd61b
1 parent fc97974
commit 6ddd61b
Show file tree

Hide file tree

Showing 2 changed files with 41 additions and 8 deletions.
diff --git a/README.md b/README.md
@@ -1169,6 +1169,39 @@ Read the [document](/doc/server_plugin.md).
 
 Find more plugins in [gofrp/plugin](https://github.com/gofrp/plugin).
 
+### SSH Tunnel Gateway
+*added in v0.53.0*
+
+frp supports listening to an SSH port on the frps side and achieves TCP protocol proxying through the SSH -R protocol, without relying on frpc.
+
+```toml
+# frps.toml
+sshTunnelGateway.bindPort = 2200
+```
+
+When running ./frps -c frps.toml, a private key file named .autogen_ssh_key will be automatically created in the current working directory. This generated private key file will be used by the SSH server in frps.
+
+Executing the command
+> ssh -R :80:127.0.0.1:8080 v0@{frp address} -p 2200 tcp --proxy_name "test-tcp" --remote_port 9090
+
+sets up a proxy on frps that forwards the local 8080 service to the port 9090.
+
+```bash
+frp (via SSH) (Ctrl+C to quit)
+
+User:
+ProxyName: test-tcp
+Type: tcp
+RemoteAddress: :9090
+
+```
+
+This is equivalent to:
+> frpc tcp --proxy_name "test-tcp" --local_ip 127.0.0.1 --local_port 8080 --remote_port 9090
+
+
+Find more arguments in [gofrp ssh tunnel gateway](TODO).
+
 ## Contributing
 
 Interested in getting involved? We would like to help you!

diff --git a/conf/frps_full_example.toml b/conf/frps_full_example.toml
@@ -22,14 +22,6 @@ kcpBindPort = 7000
 # transport.quic.maxIdleTimeout = 30
 # transport.quic.maxIncomingStreams = 100000
 
-# ssh tunnel gateway
-# If you want to enable this feature, the bindPort parameter is required, while others are optional.
-# By default, this feature is disabled. It will be enabled if bindPort is greater than 0.
-# sshTunnelGateway.bindPort = 2200
-# sshTunnelGateway.privateKeyFile = "/home/frp-user/.ssh/id_rsa"
-# sshTunnelGateway.autoGenPrivateKeyPath = ""
-# sshTunnelGateway.authorizedKeysFile = "/home/frp-user/.ssh/authorized_keys"
-
 # Heartbeat configure, it's not recommended to modify the default value
 # The default value of heartbeatTimeout is 90. Set negative value to disable it.
 # transport.heartbeatTimeout = 90
@@ -151,6 +143,14 @@ udpPacketSize = 1500
 # Retention time for NAT hole punching strategy data.
 natholeAnalysisDataReserveHours = 168
 
+# ssh tunnel gateway
+# If you want to enable this feature, the bindPort parameter is required, while others are optional.
+# By default, this feature is disabled. It will be enabled if bindPort is greater than 0.
+# sshTunnelGateway.bindPort = 2200
+# sshTunnelGateway.privateKeyFile = "/home/frp-user/.ssh/id_rsa"
+# sshTunnelGateway.autoGenPrivateKeyPath = ""
+# sshTunnelGateway.authorizedKeysFile = "/home/frp-user/.ssh/authorized_keys"
+
 [[httpPlugins]]
 name = "user-manager"
 addr = "127.0.0.1:9000"