TunnelTime

Configuration Builder

Create a private forwarding tunneltime.yaml without sending form data anywhere. Leave the token out unless this machine needs a self-contained file.

1. Server and credential source

Use the default hosted API or point the file at your self-hosted TunnelTime API. The safer default is to run tunneltime login <agent-token> and keep the token out of this file.

Token fields are masked and omitted from the preview and download until this box is checked. Protect any downloaded file that contains a token and do not commit it.

2. Machine identity

The name is what source clients see when they list private services. The ID is optional; when omitted, the CLI creates and stores a stable private machine ID.

3. Private services

Add each TCP service this machine should publish. Source clients connect with names like my-machine/rdp after this host runs tunneltime serve --config tunneltime.yaml.

4. Connect defaults

These defaults apply when this machine connects to another private service. auto tries direct connectivity first and uses the relay when needed.

5. Runtime defaults

Meter controls terminal traffic display. stun_servers is optional; leave it blank to use servers advertised by the TunnelTime API.