Tunnels Secure Local Resources for Remote Access

PowerShell Server provides two mechanisms for securing local resources for remote access: SSH Reverse Tunnels and SSL Tunnels.

Using a SSH Reverse Tunnel provides a time-proven way to expose a local resource to clients outside of your network in a safe and secure way. This is achieved without the need for firewall changes.

The use of SSL Tunnels provides an outward facing SSL/TLS server to secure an otherwise insecure resource. This approach quickly adds a security layer to a resource while maintaining a simple design.


  • Built on the long-standing SSH core available from /n software.
  • Fully customizable security options (encryption algorithms, key exchange algorithms, etc.).
  • Automatic connection management to re-establish broken connections.
  • Supports any number of tunnels simultaneously.
  • SSL Tunnels support latest industry standards including SHA2 and TLS 1.2.
  • SSL Tunnels allow fine grain control over TLS protocol options.

SSH Reverse Tunnels

PowerShell Server's SSH Reverse Tunnel forwards traffic to and from local servers/machines through a secure SSH pipe.

Configuring a SSH Reverse Tunnels is easy. All you need to do is specify your SSH server information and credentials and the remote port on which you want traffic to be received. Once the tunnel is established, any traffic sent to the SSH host on the port specified during configuration will be sent over SSH to PowerShell Server. That traffic is then automatically forwarded to the local server. From the client perspective, they are communicating directly with the server behind your firewall.

There isn't an easier way to expose a database, server, or other resource inside the firewall to outside traffic in a secure way. See the Getting Started Guide for in-depth instructions on configuring and using SSH Reverse Tunnels.

SSL Tunnels

SSL Tunnels provide a simple way to add a layer of security using SSL/TLS. When configured, PowerShell Server will act as a "middle man" between incoming connections and local servers/hosts. PowerShell will listen on the specified port for incoming connections and secure those connections using SSL/TLS. This secures the communication between the client and PowerShell Server. The communication is then forwarded on to the local server/host over standard TCP/IP.

See the Getting Started Guide for in-depth instructions on configuring and using SSL Tunnels.