One can do multiple things with ngrok. You can use it to generate public ssh access to your raspberry pi, or one command for an instant, secure URL to your localhost server through any NAT or firewall. We are going to try the last one.
First step is to open an account. The account creation is needed, and I’m fine with it, since all the features are given after connecting them with your account. I’m going to try to expose the web I have on my linux server. The zip I download includes a binary only. If I run it on the place I’ve unzipped it, this is my output.
ngrok - tunnel local ports to public URLs and inspect traffic
ngrok exposes local networked services behinds NATs
and firewalls to the public internet over a secure tunnel.
Share local websites, build/test webhook consumers and
self-host personal services.
Detailed help for each command is available with
'ngrok help <command>'.
Open http://localhost:4040 for ngrok's
web interface to inspect traffic.
ngrok http 80 # secure public URL for port 80 web server
ngrok http -subdomain=baz 8080 # port 8080 available at baz.ngrok.io
ngrok http foo.dev:80 # tunnel to host:port instead of localhost
ngrok http https://localhost # expose a local https server
ngrok tcp 22 # tunnel arbitrary TCP traffic to port 22
ngrok tls -hostname=foo.com 443 # TLS traffic for foo.com to port 443
ngrok start foo bar baz # start tunnels from
# the configuration file
inconshreveable - <firstname.lastname@example.org>
authtoken save authtoken to configuration file
credits prints author and licensing information
http start an HTTP tunnel
start start tunnels by name from the configuration file
tcp start a TCP tunnel
tls start a TLS tunnel
update update ngrok to the latest version
version print the version string
help Shows a list of commands or help for one command
So it’s coming with a decent documentation. Once I’m logged in with my account, I copy what suggested (token included). Something like this:
./ngrok authtoken SoM3verYLArgeCHAinOfLett_er5_AND_NUmbers
Authtoken saved to configuration file: /root/.ngrok2/ngrok.yml
I can now try it out. I want to see “from outside” my web, so I do
./ngrok http https://localhost
My Terminal becomes this:
ngrok by @inconshreveable (Ctrl+C to quit)
Session Status online
Account My Name (Plan: Free)
Region United States (us)
Web Interface http://127.0.0.1:4040
Forwarding http://SomeThingRand0m.ngrok.io -> https://localhost:443
Forwarding https://SomeThingRand0m.ngrok.io -> https://localhost:443
Connections ttl opn rt1 rt5 p50 p90
0 0 0.00 0.00 0.00 0.00
I go then to my “external” computer and type http://SomeThingRand0m.ngrok.io. Eureka! I see my page. If I do CTRL+C on my Terminal, the web is no more visible. On its place is shown the message
Tunnel SomeThingRand0m.ngrok.io not found.
I try starting it again
./ngrok http https://localhost but I get ANOTHER “something random” URL which is good, I believe, since I want to use this on an emergency. If I want a permanent URL (that is this “SomeThingRand0m”) we need to pay. And you know I can’t spend public money on these toy projects 😁😁.
If I’m more concerned about the security, be aware you can password-protect your tunnel. Actually it’s quite simple, just add after http -auth=”username:password” and you get it. I have forwarded a kerberos-protected folder, I was asked to give my kerberos ID, that I filled, and it worked. All in my sandbox, of course. But definitely a very nice tool. Anyway be careful with these things, you never know who’s monitoring!