Skip to content

Fun With TetherFi

Jump to bottom
pyamsoft edited this page Sep 24, 2025 · 4 revisions

Fun Things

Just some fun things you can do with a proxy TetherFi connection.

A Note for SSH

SSH is a "long lived" connection, so it expects to NOT have a timeout set. Be sure in TetherFi -> Behavior -> Socket Timeout you set the timeout setting to No Timeout or your SSH connection may be closed randomly.

SSH Tunneling

The ssh client on Unixlike systems has a command flag -L which allows it to forward connections from one machine to another. You can use this for fun things like tunneling SSH or RDP connections over the TetherFi proxy server.

For example, let us assume you are connected to TetherFi at IP 192.168.49.1 on port 8228 Let's assume you've got a valid SSH identify file at ~/myidentity and you also have either socat or proxytunnel installed.

$ ssh -i ~/myidentity \
  -o "ProxyCommand /usr/bin/socat STDIO PROXY:192.168.49.1:%h:%p,proxyport=8228" \
  myuser@myremoteserver

This will connect to myremoteserver as the user myuser using the identity (SSH private key) held at ~/myidentity. In order to connect, the socat command will forward all proxy commands over to TetherFi running at 192.168.49.1 port 8228

RDP Tunneling

Building off of the SSH example, you can do something like the following to use RDP over the proxy. In this example, I am using my preferred RDP client, Remmina. We can first setup an SSH tunnel:

$ ssh -i ~/myidentity \
  -o "ProxyCommand /usr/bin/socat STDIO PROXY:192.168.49.1:%h:%p,proxyport=8228" \
  -L 12345:myremoteserver:3389 \
  myuser@myremoteserver

This will connect to myremoteserver as the user myuser using the identity (SSH private key) held at ~/myidentity. In order to connect, the socat command will forward all proxy commands over to TetherFi running at 192.168.49.1 port 8228 This will also bind the port 12345 on my current machine, and will forward any traffic from 12345 over to port 3389 (RDP) on myremoteserver

Now in Remmina, we can create a connection which looks like this: image image image image

Since you've already setup the SSH tunnel yourself, you can leave the "Enable SSH tunnel" button OFF in Remmina.

Now, when you connect in Remmina, you will connect to your own machine at 12345 which forwards everything over the SSH tunnel to myremoteserver at RDP port 3389. The ProxyCommand wraps all communications via the TetherFi proxy, and though it will be a little slower than usual, you should see your RDP connection spring to life with a bit of patience.

TailScale

If your phone running TetherFi is connected to TailScale, you can even connect to TailScale IPs from your computer, so you can create an SSH tunnel to a TailScale only connection, and then connect to RDP via a tunnel.

Have any more fun ideas?

Clone this wiki locally