Break out of localhost. Access your devices from behind firewalls. Securely access your services from anywhere. An easy-to-use secure tunnel for all sorts of wonderful things (kind of like a poor man's VPN).
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
AJ ONeal b5d57817cf fix some typos, move some phrases to the i18n toml file 5 days ago
bin fix some typos, move some phrases to the i18n toml file 5 days ago
etc move most user config into node 11 months ago
examples update windows instructions and error message 11 months ago
lib fix some typos, move some phrases to the i18n toml file 5 days ago
tests don't define host and port, even as null 10 months ago
usr/share update node version to v10.13 1 week ago
var move most user config into node 11 months ago
.gitignore working: manage token with client 10 months ago
LICENSE lots up cleanup 11 months ago use Root links (new branding) 5 days ago
package.json v0.20.8: fix npmPrefixPath 7 months ago

Telebit™ Remote | a Root project

Because friends don’t let friends localhost™

| Telebit Remote | Telebit Relay | sclient |

Break out of localhost.

If you need to get bits from here to there, Telebit gets the job done.

Install Telebit Remote on any device - your laptop, raspberry pi, whatever - and now you can access that device from anywhere, even securely in a web browser.

How does it work? It’s a net server that uses a relay to allow multiplexed incoming connections on any external port.


  • Show your mom the web app you’re working on
  • Access your Raspberry Pi from behind a firewall
  • Watch Netflix without region restrictions while traveling
  • SSH over HTTPS on networks with restricted ports or protocols
  • Access your wife’s laptop while she’s on a flight


You do this:

curl -fsSL | bash

You get this:

~/telebit http 3000
> Forwarding => localhost:3000

~/telebit http ~/sites/
> Serving ~/sites/ as

And this:

~/telebit tcp 5050
> Forwarding => localhost:5050

And even this:

~/telebit ssh auto
> Forwarding ssh -p 1337 => localhost:22
> Forwarding ssh+https (openssl proxy) => localhost:22

No privileged ports. No sudo. End-to-end encryption.

Fastest way to test a site, share a file, and pair over ssh.


Mac & Linux

Open Terminal and run this install script:

curl -fsSL | bash

What does the installer do?

  • install Telebit Remote to ~/Applications/telebit/
  • symlink the executable to ~/telebit for convenience
  • create the appropriate system launcher file
    • /etc/systemd/system/telebit.service
    • ~/Library/LaunchAgents/cloud.telebit.remote.plist
  • create local user config
    • ~/.config/telebit/telebit.yml
    • ~/.local/share/telebit

Of course, feel free to inspect it before you run it: curl -fsSL

You can customize the installation:

export NODEJS_VER=v10.2                   # v10.2 is tested working, but we can test other versions
export TELEBIT_VERSION=master             # git tag or branch to install from
export TELEBIT_USERSPACE=no               # install as a system service (launchd, systemd only)
export TELEBIT_PATH=/opt/telebit
export TELEBIT_USER=telebit
export TELEBIT_GROUP=telebit
curl -fsSL | bash

That will change the bundled version of node.js is bundled with Telebit Relay and the path to which Telebit Relay installs.

Windows & Node.js

  1. Install node.js
  2. Open Node.js
  3. Run the command npm install -g telebit
  4. Copy the example daemon config to your user folder .config/telebit/telebitd.yml (such as /Users/John/.config/telebit/telebitd.yml)
  5. Copy the example remote config to your user folder .config/telebit/telebit.yml (such as /Users/John/.config/telebit/telebit.yml)
  6. Change the email address
  7. Run npx telebit init and follow the instructions
  8. Run npx telebit list

Note: Use node.js v10.2.1

(there are specific bugs in each of v8.x, v9.x, v10.0, and v10.3 that each cause telebit to crash)

Remote Usage

# commands
telebit <command>

# domain and port control
telebit <service> <handler> [servername] [options ...]


telebit status                          # whether enabled or disabled
telebit enable                          # disallow incoming connections
telebit disable                         # allow incoming connections
telebit restart                         # kill daemon and allow system launcher to restart it

telebit list                            # list rules for servernames and ports

                       #     HTTP     #

telebit http <handler> [servername] [opts]

telebit http none                       # remove all https handlers
telebit http 3000                       # forward all https traffic to port 3000
telebit http /module/path               # load a node module to handle all https traffic

telebit http none           # remove https handler from
telebit http 3001           # forward https traffic for to port 3001
telebit http /module/path   # forward https traffic for to port 3001

                       #     TCP      #

telebit tcp <handler> [servername] [opts]

telebit tcp none                        # remove all tcp handlers
telebit tcp 5050                        # forward all tcp to port 5050
telebit tcp /module/path                # handle all tcp with a node module

telebit tcp none 6565                   # remove tcp handler from external port 6565
telebit tcp 5050 6565                   # forward external port 6565 to local 5050
telebit tcp /module/path 6565           # handle external port 6565 with a node module

telebit ssh disable                     # disable ssh access
telebit ssh 22                          # port-forward all ssh connections to port 22

telebit save                            # save http and tcp configuration changes

Using SSH


ssh -o ProxyCommand='openssl s_client -connect %h:443 -servername %h -quiet'

SSH over non-standard port

ssh -p 3031

Daemon Usage (non-global)

~/Applications/bin/node ~/Applications/bin/telebitd.js --config ~/.config/telebit/telebitd.yml



email: ''          # must be valid (for certificate recovery and security alerts)
agree_tos: true                   # agree to the Telebit, Greenlock, and Let's Encrypt TOSes
relay: wss://        # a Telebit Relay instance
community_member: true            # receive infrequent relevant but non-critical updates
telemetry: true                   # contribute to project telemetric data
secret: ''                        # Secret with which to sign Tokens for authorization
#token: ''                         # A signed Token for authorization
ssh_auto: 22                      # forward ssh-looking packets, from any connection, to port 22
servernames:                      # servernames that will be forwarded here {}

Choosing A Relay

You can create a free or paid account at or you can run Telebit Relay open source on a VPS (Vultr, Digital Ocean) or your Raspberry Pi at home (with port-forwarding).

Only connect to Telebit Relays that you trust.

Check Logs


SYSTEMD_LOG_LEVEL=debug journalctl -xef --user-unit=telebit


tail -f ~/local/share/telebit/var/log/info.log
tail -f ~/.local/share/telebit/var/log/error.log



systemctl --user disable telebit; systemctl --user stop telebit
rm -f ~/.config/systemd/user/telebit.service
rm -rf ~/telebit ~/Applications/telebit
rm -rf ~/.config/telebit ~/.local/share/telebit


launchctl unload -w ~/Library/LaunchAgents/cloud.telebit.remote.plist
rm -f ~/Library/LaunchAgents/cloud.telebit.remote.plist
rm -rf ~/telebit ~/Applications/telebit
rm -rf ~/.config/telebit ~/.local/share/telebit

Browser Library

This is implemented with websockets, so you should be able to


Copyright 2016-2018+ AJ ONeal