This page covers common configuration steps for sshuttle deployments.
Use the same configuration file referenced in the setup guide for your installation.
sshuttle is CLI-driven and often managed via scripts/systemd units rather than a single daemon config file.
Typical deployment files:
/etc/default/sshuttle
/etc/systemd/system/sshuttle.service
sshuttle --dns --remote vpnuser@bastion.example.com 10.10.0.0/16 10.20.0.0/16
sshuttle \
--dns \
--ssh-cmd "ssh -i /home/user/.ssh/id_ed25519 -o ServerAliveInterval=30" \
--exclude 10.10.10.0/24 \
--remote vpnuser@bastion.example.com \
10.10.0.0/16 10.20.0.0/16
[Unit]
Description=sshuttle tunnel
After=network-online.target
[Service]
Type=simple
ExecStart=/usr/bin/sshuttle --dns --remote vpnuser@bastion.example.com 10.10.0.0/16
Restart=always
RestartSec=5
[Install]
WantedBy=multi-user.target
0.0.0.0/0 unless explicitly intended.--exclude for internal ranges that must stay local.Restart the service or reload the configuration using your init system or container manager.
For one-shot usage, rerun the sshuttle command.
For systemd-managed usage:
sudo systemctl daemon-reload
sudo systemctl enable --now sshuttle
Confirm the service is healthy, then test connectivity from a client.
ip route
systemctl status sshuttle
Connectivity checks:
ping -c 3 10.10.0.10
ssh vpnuser@bastion.example.com 'echo ok'