Chisel – Fast TCP tunnel over HTTP Channel

Chisel is a fast TCP tunnel, transported over HTTP, secured via SSH. Single executable including both client and server. Written in Go (golang). The tool is mainly useful for passing through firewalls, though it can also be used to provide a secure endpoint into your network.

This tool is very similar to crowbar though achieves much higher performance.

Chisel - Fast TCP tunnel over HTTP
Chisel – Fast TCP tunnel over HTTP

Some of the features with this tool are:

  • Easy to use
  • Performant – With crowbar, a connection is tunneled by repeatedly querying the server with updates. This results in a large amount of HTTP and TCP connection overhead. Chisel overcomes this using WebSockets combined with crypto/ssh to create hundreds of logical connections, resulting in one TCP connection per client.
  • Encrypted connections using the SSH protocol (via crypto/ssh)
  • Authenticated connections; authenticated client connections with a users config file, authenticated server connections with fingerprint matching.
  • Client auto-reconnects with exponential backoff -Backoff is a time.Duration counter. It starts at Min. After every call to Duration() it is multiplied by Factor.
  • Client can create multiple tunnel endpoints over one TCP connection
  • Client can optionally pass through HTTP CONNECT proxies
  • Server optionally doubles as a reverse proxy
  • Server optionally allows SOCKS5 connections
  • Reverse port forwarding

You can read more and download this tool over here:

Notify of
Inline Feedbacks
View all comments