Home Assistant Add-on: Autossh (Cloud/VPN alternative)

Hey Community!

I want to share my solution to get my Home Assistant System hooked up to my cloud. I decided to use an SSH tunnel instead of a VPN or one of the supported cloud services. The solution has a tiny footprint and has been rock solid so far.

Simple sense check: If you had little contact with “SSH” so far, this add-on is probably not for you :smiley:

The addon can be found in my repository at:


Development Status

The add-on has been running smoothly for months and now after investing a bit of extra love on the details I want to share this solution with you.

At the time of this writing, no bug is known to me.


To be clear: This add-on is useful for you if you own a public server with an SSH service. This is also great in combination with a domain name, as you can then reach your home automation UI via e.g. https://ha.mydomain.com.

I hope you enjoy the add-on and please do not hesitate to drop me a ticket or a PR.
Happy Automating!


Just fyi,
I just set up a new Home Assistant instance and this addon is still doing what it’s supposed to. Reliable on three instances for up to a year. Cheers

You make my day @ThomDietrich This works perfect and very easy to setup. I use Home assistant in my motorhome with mobile WiFi and tried to get this working by setting up a VPN tunnel between my home router and the motorhome route. This works but all traffic uses this link which slows down my MSteams meeting (sometimes work form my motorhome :wink: )
Splitting proved to be difficult and this setup worked in 15 minutes.

A tip who uses a linux server managed by Webmin: You can create an additional user with no login rights and paste the public key directly in the SSH Public key box


1 Like

Hi @ThomDietrich ,

thabks for the great work!

Sorry for the noob question. Can I use your add-on on the other direction? I mean, I’m not interested to be able to access my HA. I pretend to establish a SSH tunnel between HA and a cloud server in order to allow secure mysql comunication. It is possible with your addon?



Hey, I am not sure, it really depends on a few technical limitations I would need to look at first. Generally you are able to define any of the ssh tunnels through the configuration of the addon. What I am not sure about is whether the forwarded mysql port would then be accessible to your purpose, despite the docker environment. You need to play around with that.

Thanks @ThomDietrich ,

I will try (meanwhile I adopted another tunnel solution)

@ThomDietrich i am trying to use a pem private key downloaded from AWS. can i replace the content of private key used by the addon?

this function is not provided through the container. You should be able to write to the mounted storage volume but I can’t tell you where that is located. You might need to explore a bit.

Or hack yourself a version of the addon that accepts a key as config input. I would accept a PR

i tried forking and add a string input for the pem private key but somehow when bash read config value into a variable and echo output > to the keyfile, the newline chars are not output correctly. After meddling for few hours, i gave up. Just use the pubkey generated by the addon.

Thank you for creating this addon.

1 Like