FedProxy

Instructions

Add an SSH key for each service you want to expose. Each service is reachable at:

<service>--<your-handle>.fedproxy.com — the service name and your handle are folded into one label, with every dot in your handle turned into a dash.

Example: service my-cool-service for handle handle.example.com is served at my-cool-service--handle-example-com.fedproxy.com. Every service rides one shared *.fedproxy.com wildcard certificate, so HTTPS works the moment you connect — no per-service certificate is issued.

The service field accepts:

• my-cool-service — a single service host.
• * — this key is valid for all of your services (an authorization wildcard, not a hostname).
• *.my-cool-service — a wildcard subdomain: serves any anything.my-cool-service--<handle>.fedproxy.com. This one gets its own certificate issued on demand.

Then start the ssh client (example forwarding my-cool-service--handle-example-com.fedproxy.com to local port 8080):

ssh -NnT -p 2222 \
  -o UserKnownHostsFile=/dev/null \
  -o StrictHostKeyChecking=no \
  -o PasswordAuthentication=no \
  -R my-cool-service:80:127.0.0.1:8080 \
  handle.example.com@fedproxy.com
        

Loading session...

Login with the Atmosphere

If you're a Bluesky user, you already have an Atmosphere account.

Welcome,

Add SSH Public Key

Success!

The ssh-public-key record has been created on your PDS. It should be visible at: