My use case is that I have a Windows machine which connects to a VPN where the VPN software only functions on Windows and I need to access resources which are on that VPN network but from my Linux box. Using sshuttle I’m able to easily effectively forward all requests to the IP addresses that are on the VPN network through the Windows machine, regardless of protocol.
On my Windows 11 box I had to enable OpenSSH server and install python from the Microsoft Store (officially downloaded python installer did not work). Then with a recent version of sshuttle on my Linux box (I’m using version 1.3.1) I can easily setup the tunnel through the Windows box with a single command.
Yes, the port forwarding is very useful but in this case trying to get it setup correctly was painful for me so I went looking for alternatives. So far after about 2 weeks of use, sshuttle has been working great and does exactly what I need.
I’ve used ssh port forwarding for remote access to embedded systems for almost all of my projects, and it works well enough:
I’ve wondered if WireGuard would be a good fit at some point. I’ve been using WireGuard as a corporate VPN solution with one of my customers – it is excellent. I also personally use Tailscale for remote access to my home network when travelling (their free plan is generous).
I have a wireguard site-to-site VPN setup between my office and home, and then “road warrior” setups for my phone and laptop back to the office and to home. I agree that it works wonderfully! The wireguard on my phone lets me get to my Home Assistant from anywhere and so far has worked splendid.
Possibly setting up wireguard between my Linux and Windows machines would have worked here, but I think I still would have needed some unique routing rules which sshuttle automated for me. Plus, (maybe it was just that I’m using Mikrotik routers but) setting up wireguard was not painless for me, sshuttle was oodles easier and quicker.
I view sshuttle more as a one-off short-term kind of solution. Probably a few weeks from now I won’t need it any longer. But I have had my wireguard site-to-site setup for over a year and plan to keep it that way for the future.