bore-local

Expose a local port to a remote Bore server

$ bore local [[-t|--to]] [remote_server_address] [local_port]

$ bore local [[-l|--local-host]] [host] [[-t|--to]] [remote_server_address] [local_port]

$ bore local [[-t|--to]] [remote_server_address] [[-p|--port]] [remote_port] [local_port]

$ bore local [[-t|--to]] [remote_server_address] [[-s|--secret]] [your_secret] [local_port]

$ bore local [[-h|--help]]

bore local [OPTIONS] <LOCAL_PORT>

<LOCAL_PORT>
    The local port number that the bore local client will expose to the internet through the remote server. This is a required positional argument.

-t, --to <REMOTE_HOST>
    Specifies the hostname or IP address of the remote bore server to which the local client will connect. This is a required option.

-p, --port <REMOTE_PORT>
    Defines the port on the remote bore server to which the client should connect. The default value is typically 7878.

-l, --local-host <LOCAL_HOST>
    Specifies the local interface or IP address to bind to when exposing <LOCAL_PORT>. The default is usually 127.0.0.1 (localhost).

-k, --key <KEY>
    Provides a secret key for authenticating with the bore server. This enhances security by preventing unauthorized access to your tunnel.

--mtu <MTU>
    Sets the Maximum Transmission Unit (MTU) for the tunnel, optimizing packet size for specific network conditions.

--log-level <LOG_LEVEL>
    Controls the verbosity of logging output. Possible values include info, debug, trace, warn, and error.

--no-auth
    Disables authentication with the bore server. This option should be used with extreme caution, primarily for testing purposes, as it removes a critical security layer.

The bore local command is the client-side component of the bore utility, a fast and lightweight TCP proxy written in Rust. It establishes a secure, persistent tunnel from a specified local port on your machine to a remote bore server. This server then exposes the local service to the public internet, making it accessible via a unique URL or a specific port on the remote host.

It is commonly used by developers for quickly exposing local development servers, APIs, or IoT devices without configuring complex network settings, dynamic DNS, or firewall rules. The command requires a running bore-server instance on a publicly accessible machine. It handles connection stability and can be secured with an authentication key, simplifying the process of sharing work-in-progress or testing webhooks and other integrations.

Security Implications: Exposing local services directly to the internet, especially without proper authentication or if the service itself is insecure, poses significant security risks. It's crucial to only expose trusted services and always use the --key option for authentication unless absolutely necessary for testing.

Server Dependency: The bore local command requires a running bore-server instance on a publicly accessible machine. It cannot establish a public tunnel independently.

Ephemeral Remote Ports: By default, the bore-server might assign a random, ephemeral remote port for your tunnel. To obtain a fixed, predictable remote port, the server must be configured accordingly, or you might need to specify it if the server allows.

Upon successful connection, the bore-server will typically output a public URL or IP address and port that can be used to access the forwarded local service. This address is automatically generated unless specific server-side configurations are in place to assign a fixed port.

bore is implemented in Rust, a language known for its focus on speed, memory safety, and concurrency. This choice of technology contributes to bore's reputation for being a highly efficient, reliable, and secure tool for persistent tunneling tasks.

The bore project was initiated by
ekzhang
as a modern, simple, and fast open-source alternative to existing port forwarding solutions like ngrok or ssh -R tunnels. Written in Rust, it emphasizes performance, ease of use, and memory safety, offering a single executable for both client and server components. Its development addresses the growing need for self-hostable, lightweight options for developers to quickly expose local development environments. While relatively new compared to venerable tools like ssh, bore has quickly gained traction within communities looking for a performant, and secure tunneling solution.

ssh(1), socat(1), netcat(1)